Complete description of roles and rights.

[nickbe]

These fields/flags should be additionally stored per project

1. Fields: Owner (creator) of a project
2. Flag: Develoeprs are allowed to "self assign" issues
3. flag. Users may always close their own issues

Public projects

Users with an otherwise active login do not have to be project members to participate (typical for public software support)

Private projects

Users have to be assigned to a project to participate (typical for development groups/open source projects and suchlike)

Internal projects

Assigned users have limited and confidential access to projects and issues (typical for custom client projects)

So who can do what?

Please note that almost all lists and complete issue visibity or editing is always depending on the tag role limits. Maybe a user would be allowed to edit his/her own ticket but cannot because the current status tags readonly role limit says he can't.

Detailed role matrix:

	User	Staff(Developer)	Manager	Admin
Slide-in (work)project list (Auto-Favorites)	public + assigned projects (optionally filtered)	public + assigned projects (optionally filtered)	public + assigned/owned projects (optionally filtered)	public + assigned/owned projects (optionally filtered)
Standard project list	public + assigned projects	public + assigned projects	public + assigned/owned projects	ALL (can assign project to any manager/self)
List issues in public projects	ALL	ALL	ALL	ALL
List issues in private projects	ALL in assigned projects	ALL in assigned projects	ALL in assigned/owned projects	ALL issues in ALL projects
List issues in internal projects	own issues in assigned projects	own/assigned issues in assigned projects	ALL issues in assigned projects	ALL issues in ALL projects
List Issues in My Issues / Kanban	own issues in assigned projects	own+assigned issues in assigned projects	own+assigned issues in assigned projects	own+assigned issues in assigned projects
List Issues in Manager List/Kanban	n/a	n/a	ALL issues in assigned projects	ALL issues in assigned projects
Create issues	in public+assigned projects	in public+assigned projects	in public+assigned projects	in ALL projects
Edit issues	own issues (tag dependent)	own/assigned issues (tag dependend)	ALL issues in assigned/owned projects	ALL issues in ALL projects
Delete issues	own issues (tag dependent)	own issues (tag dependend)	own issues (tag dependend)	ALL issues in ALL projects
Close issues	own issues (tag dependent)	own issues (tag dependent)	ALL issues in assigned projects	ALL issues in ALL projects
Set issue status	(tag dependend)	(tag dependend)	(tag dependend)	ANY
Set issue type	(tag dependend)	(tag dependend)	(tag dependend)	ANY
Set issue resolve	n/a	(tag dependend)	(tag dependend)	ANY
Assign developer	n/a	in assigned projects (to self or visible developers/ managers/admins)	in assigned projects (to anyone)	in ALL projects (to anyone)
Export issues	n/a	n/a	Assigned/owned Projects	ALL projects
Edit/Delete comments	own comments	own comments	ANY comments in assigned/owned projects	ALL comments
View assigned users	n/a	visible users	all users	all users
Seize unassigned issues (assign to self)	n/a	in assigned projects	in assigned projects	in ALL projects
Set issue quote	n/a	*in assigned projects *	in assigned projects	in all projects
Lock issue quote	n/a	n/a	in assigned projects	in ALL projects
Create new projects	n/a	n/a	yes	yes
Edit projects	n/a	n/a	owned projects	ALL projects
Assign members	n/a	n/a	to assigned/owned projects	to ALL projects
Change status	n/a	(tag dependend)	(tag dependend)	ALL status changes
Change type	(tag dependend)	(tag dependend)	(tag dependend)	to type changes

Remarks:

If a developer is able to edit/work with an issue does NOT depend on his assignment alone, but is controlled by the different status tags. Example: He's already assigned to an issue - but he's not allowed to see issues with the status 'NEW' and 'CONFIRMED'. But then as the status is changed to 'OPEN' he can see the issue.

NOTES ON PROJECT OWNERSHIP

Any manager/admin who creates a project is it's owner. Being an owner is treated equally to being assigned, with the special rule that a manager cannot revoke an owner from his project (not even himself) - an administrator on the other hand can do this.

These actions are administration only

• Manage tags
• Manage users
• Change a projects owner
• Global settings

Manager (and Admins because they're also managers)

Managers have to be project members (assigned to a project) to gain access
See matrix above. There exceptions for the admin here because he has more rights.

• can see the "manager" kanban view (all visible issues within a project)
• can see their assigned issues (list or kanban) under "My issues"
• can see projects (in the project lists) which they have created or to which they have been assigned to
• can assign or revoke users/devs/other managers to projects
• are forbidden to revoke the creator from a project
• can add/edit comment all issues within the projects they have access to
• can always edit/delete their own issues
• can always edit/delete their own comments
• may close any issue

Developer (and Admins and Managers because they're also developers)

Developers have to be project members (assigned to a project) to gain access
See matrix above. There exceptions for the admin/manager because he has more rights.

• Can close their own issues, either when the current tags allows them write access or when the project flag: 'Users can close/delete own issues' is set.
• Can see public projects and their issues
• Can comment any issue in public projects
• Can comment issues they are assigned to
• Can create issues in public projects

User

Users have to be project members (assigned to a project) to gain access
See matrix above. There exceptions for the developer/admin/manager because he has more rights.

• Can comment their own issues (Independently of the project type (public/private/internal) or the issues status/type/resolve tag and even if the issue has been closed)
• Can see public projects and their issues
• Can create issues in public projects
• Can comment any issue in public projects
• Can close their own issues, either when the current tags allowes it or when the project flag: 'Users can close/delete own issues' is set.

I think this list should now be rather complete.

[nickbe]

I reuploaded the list now.

Although I've spent an impossible amount of time compiling and trying to think like a maniac about the details, it's really not finished yet. (and i thought this shouldn't take much more than an hour or two 😜 )

But I'd say it's enough to look through it and start verifying its items together now 😄

Ah and btw. I'm convinced that most (if not all) of all that is already working.

[nickbe]

Ok I'm back on duty now. First thing for me is complete the roles and rights above and get back into tinyissue as fast as possible :)

[nickbe]

Ok. done.
I think the list is now rather complete. And I also think that many, if not most things are already working here. If there's anything unclear please ask right away.