Managing projects access rights
Project types
A project can be Public or Private.
Public projects
- All registered users can see Public projects in the projects list.
- All registered users can access Public projects in the read only mode.
- To be able altering the test cases, or add comments, or upload the test results to a Public project end users need to have at least
project:write
permission to the Public project.
Private projects
- All registered users can see Private projects in the projects list only if they have at least
project:read
permission assigned by a project owner. - All registered users added to a Private project explicitly by a project owner can access Private projects with the rights defined by assigned permissions.
- To be able to alter the test cases, or add comments, or upload the test results to a Public project end users need to have at least
project:write
permission to the Public project.
Projects permission sets
Permission sets are introduced in the Allure TestOps' Release 4.8.0
Permission set is a combination of actions allowed for an end user in the scope of a certain project.
Who
Permission sets' configuration are are available for the end users having the access to the Administration section of Allure TestOps instance, i.e. end user must have ROLE_ADMIN
authority.
Where
The configuration of permission sets is done in /admin/permissions
section of the Administration area of Allure TestOps,
How
There are system and user defined permission sets.
System permission sets
System permission sets cannot be altered, these are created by the system during the database initialisation or system upgrade to a release 4.8.0 and subsequent releases.
System permission sets are
Project Read
- allows accessing project as Read only user.Project Write
- allows the creation/alteration of test cases, creation of launches and other project entities.Project Owner
- allowsProject Write
access, and the access to the project configuration.
New projects
An end user created a new project will automatically receive System permission set Project Owner
in scope of the created project.
User defined permission sets
User-defined permission sets allow granting the access rights in a flexible way.
Example: You need to allow software analytics to add comments to the test cases created by manual QA engineers, but you don't want to grant the right of altering the test cases.
To fulfill such a task you need a new permission set:
Proceed to /admin/permissions or request the system administrator adding a new permission set as follows.
Create a new permission set
Assign
project:read
andproject:comment
permissions.project:read
will generally allow accessing the projectproject:comment
will allow adding the comments
Proceed to your project's settings (
/project/{project-id}/settings/access
)Add a new user or group and assign the created permissions set.
The added end user (or access group) will be able to access the project and add comments.
Granting the access rights to a project
User-based and group-based access to a project
There are two options to manage the access to a project:
- Group-based access.
- Create a group of users and give this group access to several projects.
- User-based access.
- Add a single user to a specific project.
Group-based access
You can add a group to a project either from Administration area of Allure TestOps or from the project's Settings.
Granting the access from Administration area > Groups
Go to Administration area of Allure TestOps, then to Groups section.
Select an existing group or create a new one.
Add users to the group and add a project to this group with certain access level.
All the changes will be saved automatically after you press the green Plus button (#3 in the picture above)
Granting the access from project's settings
You need to have group created in order to proceed with adding groups from the project settings.
In a project to go project's settings (first icon from the bottom saying Settings).
Go to the Access section.
In Groups area of Access section click blue plus button and in the modal window select a group from drop-down list and assign the access rights (the permission set).
Click Submit button to complete the action.
User-based access
To quickly add a single user access to the project do the following:
Open a project. Go to Settings > Access
In the Collaborators area click click blue plus button and in the modal window select a user from drop-down list and assign the permission set.
Click Submit button to complete the action.