Is there a way to restrict the list of roles that displays when assigning a PPM Team Member?
When assigning a PPM Team Member to a task you have to select a role for that user and the list of roles that displays is your own roles. Is there a way to restrict what roles display on this list? This is a security breach since I can assign a team member and give them the Program Administrator role if that’s the role I have.
I have same problem in past but Agile don’t block you.
The Agile PPM roles that appear in these lists are roles assigned to the login user that include at least one privilege mask with an object type of activities or gates. For example, the Agile-supplied Change Analyst role includes the privilege mask Subscribe to Gates Class; therefore, the Change Analyst role appears in the list of available PPM roles. If you were to remove that privilege mask (thus removing all activity and gate privilege masks) from the Change Analyst role, the Change Analyst role would no longer appear on the list of available Agile PPM roles.
My suggestion is that you run a report that check if users confused.
One thing to remember is that even IF you assign a team member the Program Administrator role – they are only granted that role for that specific PPM object.
I.E. – even though the Program Admin Role may have a privilege such as ‘modify all projects’ – if the team member doesn’t normally have this role – he/she will only be able to modify that specific project in which the role was granted and not other projects in the system.
To your point – It still may be considered a security breach for your system if proper training is not in place, but it is not as far reaching as many often think.
Thanks everyone.
Yes it is a security breach when you have restricted attachments on an activity and you don’t want the team member to be able to access them. We need a way to modify the list of selectable roles when adding a team member in order to restrict their access to these files.