Limiting a user's access and viewing to a specific project

[jkpalmer52]

Is there a way to limit a user to view / access and create issues for a specific list of projects?

Example -

I currently have multiple projects defined to the application.

I have added a project called 'Special Issues' and I have added a user 'si001'.

I have configured the 'si001' user to be assigned to the 'Special Issues' project.

The 'si001' user can view all other projects, which I want to prevent. I would like to limit the list of Projects to be only for the 'Special Issues' project.

Can this be done via the application, or do I need to visit the config file?

TIA

-jP

[jkpalmer52]

I found an answer to my question:

1. Add any project to Mantis with View Status = private.

2. Add the new members to the User table with Access Level = Viewer.

3. Set all the "other project's" project View Status = private.

4. Add all the necessary Users to their appropriate project with their
appropriate Access Level at the project level.

[vboctor]

You got it right. A user gets access to all private projects to which he/she is added with the corresponding access level. In addition, the user gets access to ALL public projects with his/her global access level that is set on the user record.

Regards,
Victor
http://www.futureware.biz

[jcutter]

I can't get my reporters (or updaters) able to see each others posts on my private projects although I have them assigned to the project and its parent project. For reporters it's as if I had the following set "ON," but I do not!

Code: Select all

$g_limit_reporters			= OFF;

My developers and up can see all bugs from all projects as I have not changed:

Code: Select all

$g_private_bug_threshold		= DEVELOPER;

I did the assignments using "Add user to project" on the manage user pages. While the assigned private projects do show on each manage user screen as <project name> [updater] (private), I also observed that no user names at all are visible in the "Add user to project" section of the manage project pages. Instead there is just a narrow, empty vertical field.

I upgraded mantis to 1.0.5; I'm running PHP Version 4.4.1 under Apache on a Mac OS 10.3 Server. I've tried FireFox and Safari clients with the same result.

Please help me figure out my error; the posts on the board seem to indicate this should work. Thanks.

You got it right. A user gets access to all private projects to which he/she is added with the corresponding access level. In addition, the user gets access to ALL public projects with his/her global access level that is set on the user record.

[vinztan]

jkpalmer52 explanations don't work for me :
all my projects are private.
my user has a private status and is a viewer

but he can see all bugs of all projects !

[IamStarbuck]

I came to this forum to search specifically for this issue. I have a private project where all issues are private, just because each project is almost completely unrelated to the others. I added new people to this project as updaters. I thought this would give them Viewer access to see existing issues, Reporter access to create new issues, and Updater access to change whatever was already in there. I found with Updater access that they couldn't see any existing items until I removed them and re-added them all as Developers. I'm not sure that's really the permissions level I want to assign for this group but I'm stuck with it. Any ideas?
Thanks!
v1.0.6

[Narcissus]

@IamStarbuck: I would guess it's because you've set the issues as private as well. To see a private issue you need to have developer access (by default).

You probably just need to unset the private nature of the issues within those private projects. They will still be 'hidden' from users that don't have access to the (private) project itself, but they will then be accessible by those users who do have access to the project. Which is what I believe you're after...

[mgaudett]

I would like to do something similar. I have a private project where a few people will be logging issues.
Some of those people are our own employees, and some are our client's employees.

We would like the internal employees to see all issues in the project, while the client's employees should see only the issues created by client employees.

We were thinking of using the Public / Private view status, but it seems I cannot set a default to that status based on the user permissions. For example, I would like the client employees (reporters) to report issues as Public, while internal employees (above reporters) to report the issues are private.
Is there any way I can do this? If not, any suggestions?