Application permissions help you minimize the need to create and assign many similar roles for individual users. You can permit or restrict access to individual applications within the project for whole classes of users.
When you define users, user groups and roles with specific permissions in one project, they can be inherited in one or more subprojects. This helps you avoid duplicating the effort of defining users, user groups and roles across projects.
Application permissions supplement role-based access control (RBAC.) For each application's concepts, documents, file releases, trackers, and discussion forums, you can assign permissions globally based on user type.
For example, if you know that you want all project members to be able to view and submit to all project trackers, you can specify this application permissions. You need to configure these settings only once. All current and future project members will be able to view and submit to all trackers without having the tracker view/submit permission assigned to them individually via a role.
Before you do this, you should have identified your project as private, gated community, or public. Configuring permissions is a finer-grained level of control that operates within this hierarchy of project types.
However:
These are the classes of users to which you can assign application permissions:
User class | Description |
---|---|
All users with Role Permissions | Only project members with appropriate RBAC permissions. |
All project members | All project members. |
All project members and unrestricted users | All unrestricted users, whether or not they are project members, plus all project members. |
All logged-in users | All restricted and unrestricted users (all logged-in users,) whether or not they are project members. |
All users | All users, whether or not they are logged in or have CollabNet TeamForge accounts. |
On some types of sites, you can't assign application permissions to certain classes of users. In such cases, you must use role-based access control (RBAC) permissions.