Permissions

Description
dbosman
Posts: 9
Joined: Wed Feb 08, 2017 10:16 am

Permissions

Postby dbosman » Wed Feb 08, 2017 10:26 am

We have the following workitem workflow:

draft -> in review -> reviewed
in review -> draft

In draft workitems may be edited but not approved
During review workitems may be approved but not modified
When reviewed workitems may not be modified or approved/disapproved

At a first glance you would set the Modify permission of "in review" and "reviewed" items to "permission denied". Unfortunately this means that the status of the work item also cannot change. So it's no longer possible for reviewers to change the status of approved "in review" workitems to "reviewed".

A solution is to use the fine grained field permission and set all the modify permission of "in review" workitems to false except the "modify status" permission. I have tried this but Polarion becomes very slow as it has to check many permissions for each action (even for just viewing workitems)!

I think my use case is generic. Has anyone come across this issue? How did you solve it?

martins
Posts: 181
Joined: Thu Nov 05, 2009 3:24 pm

Re: Permissions

Postby martins » Thu Feb 16, 2017 12:36 pm

Hi,

You better use the Work Items > Read-only Fields configuration.

Here you can define that in status "reviewed" all fields (except status and approvals) become read-only.

This should solve your problem.

Martin

dbosman
Posts: 9
Joined: Wed Feb 08, 2017 10:16 am

Re: Permissions

Postby dbosman » Mon Feb 20, 2017 11:17 am

Thanks,

On the work item - read only fields page it is stated:

"Note that read-only fields should not be considered as a security feature. Administrators should be sure to properly configure user permissions, among other things."

Why?


Return to “Polarion Application Lifecycle Management (ALM)”

Who is online

Users browsing this forum: No registered users and 11 guests