¶ Access Rights
Access rights are the ability to see or create/edit any objects or properties in a specified scope. The specified scope can be the entire universe, a project, or a specific task.
The Cerebro permissions system allows you to configure the scope and availability of functions for groups and individual users.
Access rights for an individual user can be arranged in Administrator window on Universe tab by adding/removing the user account to/from the group with the appropriate role/access rights pattern.
Manage the access rights on the project level: select the root task in the Navigator — it is the project level — and configure its properties. Specify roles for groups immediately when creating a new project. Add new users, that join your project along the way to the appropriate groups, and that’s it.
Avoid changing the access rights and discarding inheritance on task levels lower than project without necessity. If you need a more flexible configuration pattern than linear inheritance, use the conditional permissions and then allocate the users as assignees to particular tasks for the permissions to take local effect.
¶ Tips for working with access rights
- Use simple control methods whenever possible.
- Avoid configuring roles and permissions for individual users, try to do it on the group level when possible. It will help you keep the access management simple and predictable.
- Remember: the simpler you configure the access system — the easier it will be to use and maintain.
Important
In Cerebro web version you can add users to existing access groups via Administration Users — Profile — Groups, but you cannot create a new access group there.