User Role Configuration

To manage user roles for a project, click the User Roles option from that project's configuration menu (on the Project List page or the Admin page). Each role designates a set of specific actions that a user and/or user group is allowed to take on a project.

The User Roles dialog will appear. In this view, there is a tab for users and user groups. On each tab, there is a row for each user or user group. Each button represents a role which that user or user group has in that project. All roles are assigned per-user or per-user group, per-project, meaning that a user's or user group's roles for one project are not necessarily the same as the roles for another project. For each user, if they are marked as admin or inactive, the view will display a marker next to their name to show that fact.

Note: Note: User groups cannot be admin or inactive.
The different roles are as follows:
  • Read. The user or user group can see the specified project and all of its contents. If a user doesn't have the Read role for a particular project, that project will not appear in the Project List page for that user.
  • Update. The user or user group can change the finding status and comment on findings for the specified project.
  • Create. The user or user group can create new analyses for the specified project
  • Manage. The user or user group can manage the specified project's configuration (e.g., Git, Issue tracker, etc.). The Manage role also allows the user to delete the specified project.

Clicking one of the role buttons in the User Roles dialog will give the corresponding user or user group all roles up to (and including) that role. For example, giving a user or user group the create role will also grant the read and update roles. Clicking the X button will remove all of that user's or user group's roles. Admin users automatically inherit all roles, but can also be granted roles explicitly.

If a user or user group is inheriting roles, the inherited roles will display as an orange bar above the corresponding role button.

If the Grant these permissions to sub-projects checkbox is enabled, any roles users or user groups have for this project will be inherited in this project's sub-projects.