About Roles, Groups, and Access Rights
This article defines the access and capabilities each user has in Projectplace. Each user is given a role type and provided with a defined set of access rights when he or she signs into Projectplace. The role type and access rights settings you have determines the capabilities you have within Projectplace.
Workspaces and Roles
Most of the collaboration takes place within a Projectplace workspace; a place where workspace members can use different tools to plan and execute work, follow up on progress, and communicate with one another.
There are several role types which determine the capabilities each role type has within the workspace.
Each workspace includes three different role types:
- Workspace head administrator. There is only one head administrator for each workspace. The head administrator is the only member who can delete the workspace and change who is assigned as the head administrator for that workspace.
- Workspace administrator. There can be more than one workspace administrator for each workspace and each administrator has full access to each workspace component or tool.
- A Workspace manager is a workspace administrator who is responsible for reporting to portfolios within the workspace if a portfolio is added to that workspace.
- Workspace member. Access rights settings determine the tools each workspace member can use and the type of content each workspace member has access to.
If you want to know who the workspace head administrator or workspace administrators are for your workspace, use the Members tool to find a complete listing of workspace members and their assigned roles.
The Account administrator manages the account. There can be more than one account administrator. Account administrators do not have access to individual workspaces they are not a member of.
Users
There are two types of users:
- Account users are members of the Projectplace account and typically belongs to the organization that owns the Projectplace account. Account users, with the proper access rights, may create new projects and use templates that are distributed within the account. Only account users can be included in teams, and only their assignments can be tracked in the Workload tool .
- External users are invited to workspaces within the account but theses users are not members of the account. External users are typically people outside the organization such as vendors, contractors, or partners.
Teams
You can group account users into teams. Each team requires at least one account user, but a team may have only one account user. Teams may have one or more team administrators. Each team will have access to a team overview where account users in the team can communicate with one another and view all of the assignments that all team members have across workspaces.
Card assignments and their details are only displayed on the team overview if that workspace belongs to the account and may be published to the Directory if the access rights have not be set to restrict team members from seeing it.
Example:
- Joe is a member of Workspace X.
- He is also a member of Team Z.
- No other members of Team Z have access to Workspace X.
- When Joe is assigned to a card in Workspace X all members of Team Z will see the card and nearly all its details (such as due date, description, and estimates) on the team overview.
- While Joe is the only team member who can edit the card details directly on the team overview, all other team members can see it, and discuss it with Joe.
- When the card is no longer assigned to Joe, or when the card is marked as "Done", the card disappears from Team Z's overview.
- Joe may have assignments that are not displayed on the team overview.
- If Joe has an assignment in Workspace Y, which is NOT published to the Directory - he will see that assignment on his My overview - but nobody will see that particular assignment on the Team Z's overview.
Use Groups to Restrict Access Rights for Workspace Members
We believe that transparency between stakeholders is key for success to get things done. However, if you need to restrict access to some items in a workspace, it is a good idea to do this before inviting any members. For workspace members, access rights are set using member groups. The groups can be used to restrict access to:
- Tools such as Documents, Plan, Roadmap, Boards.
- Specific boards in the Boards tool.
- Specific document folders, and the documents within them, in the Documents tool.
Only workspace administrators can create and edit groups.
Groups can also be used by all workspace members to communicate with many members at once. There is always one group called All members which is a great way to broadcast a message to the entire team.
Workspace administrators can get an overview of all groups and the members of each group, using the Export access rights function in the Documents tool.
The following access levels can be set for groups:
- Read and write. Members can do most things in the system, except a few that are available to administrators only.
- Read. Members can read all information and add comments, but do not have the ability to make edits.
- No access. Members cannot see the workspace tools, boards or any documents or document folder.
- Full access. In addition to read and write access, workspace administrators have some additional rights.
Administrators added in a member group will always have full access, regardless of the access rights set for the group.
Who Can Do What?
Overview Page |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| Read all information | √ | √ | √ |
| Edit the workspace descriptions | √ | ||
The team overview is the team home base located under My overview.
Team Overview |
||
| Team Members | Team Administrator | Account Administrator |
| Access the team overview | Add and remove members from the team | No access to team overviews if the account administrator is not a member of the team. |
| Post conversations on the team overview | Add more team administrators | |
|
See and change all card details on the team overview for cards assigned:
|
||
| See all details for cards assigned to other team members that are located in workspaces where the user is not a member | ||
Conversations |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| Create their own posts | √ | √ | √ |
| Delete their own posts | √ | √ | √ |
| Create, delete, and download all posts | √ | ||
Plan |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| View activities, milestones, and dependencies | √ | √ | √ |
| Add comments | √ | √ | √ |
| Create and edit activities, milestones, and dependencies | √ | √ | |
| Change access rights | √ | ||
| No access | Administrators can turn on No access setting for specified groups. | ||
Roadmap |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| View work packages and activities | √ | √ | √ |
| Add comments | √ | √ | √ |
| Create and edit work packages and activities | √ | √ | |
| Change access rights | √ | ||
Boards |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| View Boards and Cards | √ | √ | |
| Delete Boards | √ | ||
| No access | Administrators can turn on No access on each board for specified groups. | ||
Documents |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| Read documents | √ | √ | √ |
| View history | √ | √ | √ |
| Send documents with email | √ | √ | √ |
| Download folders and documents | √ | √ | √ |
| Copy documents, folders, and links | √ | √ | √ |
| Access folders according to set access rights (but never more than read-only) | √ | √ | √ |
| Comments on documents, folders, and links | √ | √ | √ |
| Delete user's own comments added to other reviews | √ | √ | √ |
| Terminate reviews the user created | √ | √ | √ |
| Create and define folders, documents, and links | √ | √ | √ |
| Edit details | √ | √ | |
| Access folders according to access rights | √ | √ | |
| Delete document versions the user has created | √ | √ | |
| Activate/Deactivate version control | √ | √ | |
| Permanently lock documents | √ | √ | |
| View folder access | √ | √ | |
| Change folder access | √ | ||
| Access all folders and documents regardless of set access rights | √ | ||
| Unlock all documents (except documents with a permanent lock) | √ | ||
| Delete document versions | √ | ||
| Delete all comments added on other reviews | √ | ||
| Terminate all reviews | √ | ||
| Create, edit, and delete document termplates | √ | ||
| No access | Administrators can turn on No access setting for document folders for specified users and groups. | ||
Members |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| See workspace members names and email addresses |
√ |
√ | √ |
| Invite and delete members | √ |
√ |
|
| Create and delete member groups | √ | ||
| Edit administrators | √ | ||
| Edit reporting (to receive daily or weekly updates) for all members | √ | ||
| Change access for member groups | √ | ||
Contacts |
Workspace Members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| See contact information | √ | √ | √ |
| Send email and SMS to contacts | √ | √ | √ |
| Export contact list | √ | √ | √ |
| Create and delete contacts | √ | √ | |
| Import contacts | √ | √ | |
| No Access | Administrators can turn on No access setting for specified users and groups. | ||
Administration |
Workspace Members with: | Workspace | Head | |
| Read Access | Read and Write access | Administrators | Administrator | |
| Perform all administration | √ | √ | ||
| Change all information | √ | √ | ||
| Terminate workspace | √ | |||
| Change head administrator | √ | |||
|
Change name |
√ |
|||
|
Select tools |
√ |
|||
|
Archive workspaces |
√ |
|||
|
Terminate workspaces |
√ |
|||
Recycle bin |
Workspace members with: | Workspace | |
| Read Access | Read and Write Access | Administrators | |
| See Recycle bin contents | √ | √ | √ |
| Restore items previously deleted | √ | √ | √ |
| Restore all contents | √ | √ | |
| Permanently delete all contents | √ | ||
| No access | Administrators can turn on No access setting for specified users and groups. | ||
Status |
Workspace Members with: | Workspace | Workspace | Head | |
| Read Access | Read and Write access | Administrators | Manager | Administrator | |
| Receive reminders for status updates | √ | ||||
| Report status updates to portfolios | √ | √ | √ | ||
| Download workspace report | √ | √ | √ | ||
In the Portfolios tool, two different roles exist:
- Portfolio stakeholder. Each portfolio can have any number of stakeholders with read access to the portfolio. The stakeholders do not need to be account members, they can be external members in the account.
- Portfolio administrator. Manages the settings for a portfolio.
Portfolios |
||
| Portfolio Stakeholder | Portfolio Administrator | Account Administrator |
| View portfolio information | Create and delete portfolios | Full access to all portfolios in the account |
| Add and remove portfolio stakeholders | Transfer ownership of portfolios | |
| Add and remove project workspaces in a portfolio | ||
| Disable standard KPIs to use in portfolios | ||
| Create and delete customized KPIs to use in portfolios | ||
| Add and remove KPIs in a portfolio | ||
| Set up reminders for status updates | ||
Workload |
|
| Account Members with Access to Workload | Account Administrator |
| Full access to the tool, information, and features | Give account member access to the Workload tool |
Templates |
|||
| All Members | Members Included in the Account | Template Administrator | Template Head Administrator |
| Create new workspaces based on the template | Use templates distributed to the account | Edit the template content | Assign head administrator/owner of the template |
| Use templates users have been granted access | Distribute a template to the account | Add and remove template administrators | Terminate the template |
Administrators have the ability to turn on No Access setting for specified users and groups for the following Projectplace tools:
- Plan
- Documents
- Contacts
- Recycle Bin