Regarding Teams and Permissions on a folder, the only associated permission is "Edit Teams & Permissions" which means either a user can edit them or they completely hidden from him/her in the UI. And it is very difficult for a user without any privilege on Teams and Permissions to identify which users / roles are behind a team.
It would be therefore very helpful to have a view permission that allows anyone with view privilege on a folder to at least consult the Teams & Permissions details without the right to update them.
by: Pierre W. | about a year ago | Permissions
Comments
Presently, users with the "Edit folder teams and permissions" permission can access and modify the Teams & Permissions page.
In your scenario, would you allow everyone who already has permission "View folders" to view "Teams & Permissions" page?
If not, what criteria will you use to determine which individuals can view the page content and which cannot? Additionally, how many individuals within the organization would be authorized to view this page exclusively, without the ability to make modifications?
Hi,
sorry for the delay (I did not see a notification regarding your response).
In Release, we organize our templates and therefore our releases into folders. In these folders, some teams are defined to which permissions are given. Each team can be mapped to one and/or the other of these elements:
• A role = a global role for the entire tool, itself mapped to individual users and/or LDAP groups
• Individual users
A task in the release flow can be assigned to a team. In this case, this task must be handled by a person associated with this team.
Here is the problem :
• To see the Teams & Permissions of a given folder or release, you need a permission called “Edit Teams & Permissions” on the folder in question. This permission gives the rights to modify, but how can I give the rights to someone to only consult this pane without modifying? I haven't found any way.
• For global roles, the same: only administrators have control over these objects and therefore users in the field do not know who is “hiding” behind them.
This is extremely impactful for our users in the field, especially when a task is associated with a Team and people do not have a view on this team and the users it includes.
Can you please indicate whether my observation is correct (including in the latest versions of Release) and, take into account our requests for improvement:
• Create a read-only right on the Teams & Permissions pane so that everyone can see transparently who is supposed to act on a release blocked on a task assigned to a Team. Potentially, it could be a global permission so users with "View Folder" permission could also see (but not modify) teams & permissions on this folder
• Also give a way for people to see individual LDAP users/groups that are in a global role
In our case, we would give this permission to all authenticated users, and our license includes a head count of 350 so this gives you an idea of the importance of the problem for us.
That way
Thank you for providing the details; we acknowledge your request. We anticipate a wider customer base expressing interest in upvoting this idea. As we plan for the upcoming release (Fuji, Q4 2024), we will keep you updated in March regarding our ability to accommodate it.
We are planning to implement this idea in 24.3 (Fuji) release.
This change is now available in version 24.3. We welcome any additional comments or suggestions you may have. For more details, please refer to the release notes:
https://docs.digital.ai/bundle/devops-release-version-v.24.3/page/release/release-notes/releasemanual_release_v.24.3.html#view-teams-and-permissions