How to handle permissions

Erez Tavor November 9, 2016

Our company works on several projects for different clients. We have clients that want to browse and freelancers that work on different projects.

This caused me to play around with permissions as the default was that every user had access to everything meaning some clients could see projects they shouldn't. 

Now a new freelancer is working with us on a project and I find myself confused on how to handle permissions.

Should I create a new scheme just for him or add him to the group I created for a client?

What is best practice in this case?

Thanks in advance.

1 answer

1 accepted

1 vote
Answer accepted
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 10, 2016

>The default was that every user had access to everything meaning some clients could see projects they shouldn't.

Yes, I'm afraid you will want to unpick that.  The usual problem is that the default is to add users to the group that says "can log in and use the system", but that group is also used in project roles to say "this group are users of this project", which then, of course, dumps everyone into all your projects.

Have a look at your permission schemes and see what the rule is for "browse project".  By default, it'll be a role, but there may be more.  Then, for each project, look at that role and remove anything that grants wide access, replacing it with narrower groups or individual users, so that your existing users can still use the project.  You'll then be able to add your freelancer to just the projects they need to see.

Suggest an answer

Log in or Sign up to answer