Page 1 of 1

Permissions

Posted: Wed Feb 08, 2017 10:26 am
by dbosman
We have the following workitem workflow:

draft -> in review -> reviewed
in review -> draft

In draft workitems may be edited but not approved
During review workitems may be approved but not modified
When reviewed workitems may not be modified or approved/disapproved

At a first glance you would set the Modify permission of "in review" and "reviewed" items to "permission denied". Unfortunately this means that the status of the work item also cannot change. So it's no longer possible for reviewers to change the status of approved "in review" workitems to "reviewed".

A solution is to use the fine grained field permission and set all the modify permission of "in review" workitems to false except the "modify status" permission. I have tried this but Polarion becomes very slow as it has to check many permissions for each action (even for just viewing workitems)!

I think my use case is generic. Has anyone come across this issue? How did you solve it?

Re: Permissions

Posted: Thu Feb 16, 2017 12:36 pm
by martins
Hi,

You better use the Work Items > Read-only Fields configuration.

Here you can define that in status "reviewed" all fields (except status and approvals) become read-only.

This should solve your problem.

Martin

Re: Permissions

Posted: Mon Feb 20, 2017 11:17 am
by dbosman
Thanks,

On the work item - read only fields page it is stated:

"Note that read-only fields should not be considered as a security feature. Administrators should be sure to properly configure user permissions, among other things."

Why?