Customizing User roles

User roles can be customized, and one user can be, for example, Manager on one project and Developer on another. Role customization is reflected in privilege customization.

Scenario: we are going to create a new role, called Collaborator, that has the same permissions as Manager, but the only difference is that Collaborator can't create new issues.

Getting ready

Make sure you have administrator permissions in Redmine.

How to do it…

Navigate to Administration | Roles and Permissions. Once clicked, the Roles and Permissions initial form is loaded. From here, you can customize existing roles, add new ones, or take a look at Permissions report. To create a new role, we are going to copy the Manager role by clicking the Copy button. Once clicked, the New role form will be visible with Name of the role starred as a required value. Enter the Collaborator name value and tick boxes as displayed in the following image:

Once you have created a new role, it becomes available to be used on new and all available projects.

How it works…

Roles are customized on a per-module basis, meaning that each role has its own permissions set for a particular module. In this recipe, we created a new role that was based on an existing role with the difference that the new role can't add, delete, copy, or edit issues. This is achieved by cloning the existing role, entering a new name, and choosing Per module permissions on the Permissions group of the New role form. Per module permissions are grouped with group sections having the same name as the module; so, for example, the Forums module is displayed immediately under Projects with permissions such as Manage forms or Post messages.

There's more…

Permissions for issue statuses and transition of statuses are set on the Workflow part of the Administration menu. To adjust them, navigate to Administration | Workflow, choose Role and the type of tracker that you are editing permissions for, and click the Edit button. By combining Roles and Workflows, you can achieve fine-grain security and workflow control for various kinds of Redmine implementations, ranging from standard project management to complicated ITIL scenarios. One of these fine-grain controlled accounts can be an account for your client. Sometimes, companies, project managers, or project teams need to have their client access some of the project details, such as reports, submitting bugs, or creating requests. In some software development and project management methodologies such as Scrum or XP, it is encouraged to engage the client's participation in all phases of the project. To achieve this goal, it is best to create a special role with fine-grain access/edit/view permissions for your client, so you don't compromise potential information that might harm your relation with the client. If you have multiple clients, good practice when choosing roles for a client is to forbid the client from seeing all Redmine users by choosing Members of visible projects under Users visibility on the New role form. Also, projects should not be public in this case.

See also

Check out some third-party plugins, which introduce new functionality to role management. Some of these are Global Roles (and the Roles Shift plugin (https://www.redmine.org/plugins/role_shift), which makes it possible to configure roles at a per-project level.