About Roles, Groups, and Access Rights
This article defines the access and capabilities each user has in Projectplace. Each user is given a role type and provided with a defined set of access rights when they sign into Projectplace. The role type and access rights settings you have determines the capabilities you have within Projectplace.
Workspaces and Roles
Most of the collaboration takes place within a Projectplace workspace; a place where workspace members can use different tools to plan and execute work, follow up on progress, and communicate with one another.
There are several role types which determine the capabilities each role type has within the workspace. Each workspace includes the following roles:
- Workspace head administrator. The head administrator is the only member who can delete the workspace and change who is assigned as the head administrator for that workspace. There is only one head administrator for each workspace, and only internal account members can be assigned to the head administrator role.
- Workspace administrator. There can be more than one workspace administrator for each workspace and each administrator has full access to each workspace component or tool. External members cannot be assigned the workspace administrator role.
- A Workspace manager is a workspace administrator who is responsible for reporting to portfolios within the workspace if a portfolio is added to that workspace.
- Workspace members. Access rights settings determine the tools each workspace member can use and the type of content each workspace member has access to.
- The Account Owner is in charge of promoting members to the account administrator role, and can also revoke/reassign the account administrator or account co-owner role to another person. To change the account owner, submit a ticket to Projectplace Support with the written permission from the current account owner to request to make a system role change.
-
The Account Co-owner has the same responsibility as the Account Owner except for not being able to add or remove other account co-owners.
-
The Account Administrator manages the account. There can be more than one account administrator. Account administrators do not have access to individual workspaces they are not a member of.
If you want to know who the workspace head administrator or workspace administrators are for your workspace, use the Members tool to find a complete listing of workspace members and their assigned roles.
Users
There are two types of users:
- Account users are members of the Projectplace account and typically belongs to the organization that owns the Projectplace account. Account users, with the proper access rights, may create new projects and use templates that are distributed within the account. Only account users can be included in teams, and only their assignments can be tracked in the Workload tool.
- External members are are typically people outside the organization such as vendors, contractors, or partners. They are invited to workspaces within the account, but they are not members of the account, and do not have access to the Account administration, Workload, Requests, and Portfolios tools. External members also cannot create workspaces or be head administrator of a workspace, be assigned a department by an account administrator, be assigned to a team, start Zoom meetings, or set their workload status.
Teams
You can group account users into teams. Each team requires at least one account user, but a team may have only one account user. Teams may have one or more team administrators. Each team will have access to a team overview where account users in the team can communicate with one another and view all of the assignments that all team members have across workspaces.
Example:
- Joe is a member of Workspace X.
- He is also a member of Team Z.
- No other members of Team Z have access to Workspace X.
- When Joe is assigned to a card in Workspace X all members of Team Z will see the card and nearly all its details (such as due date, description, and estimates) on the team overview.
- While Joe is the only team member who can edit the card details directly on the team overview, all other team members can see it, and discuss it with Joe.
- When the card is no longer assigned to Joe, or when the card is marked as "Done", the card disappears from Team Z's overview.
- Joe may have assignments that are not displayed on the team overview.
Use Groups to Restrict Access Rights for Workspace Members
We believe that transparency between stakeholders is key for success to get things done. However, if you need to restrict access to some items in a workspace, it is a good idea to do this before inviting any members. For workspace members, access rights are set using member groups. The groups can be used to restrict access to:
- Tools such as Documents, Plan, Roadmap, Boards, Issues, Meetings, Members, Reports, Recycle Bin.
- Specific boards in the Boards tool.
- Specific document folders, and the documents within them, in the Documents tool.
Only workspace administrators can create and edit groups.
Groups can also be used by all workspace members to communicate with many members at once. There is always one group called All members which is a great way to broadcast a message to the entire team.
Workspace administrators can get an overview of all groups and the members of each group, using the Export access rights function in the Documents tool.
The following access levels can be set for groups:
- Read and write. Members can do most things in the system, except a few that are available to administrators only.
- Read. Members can read all information and add comments, but do not have the ability to make edits.
- No access. Members cannot see the workspace tools, boards or any documents or document folder.
- Full access. In addition to read and write access, workspace administrators have some additional rights.
Administrators added in a member group will always have full access, regardless of the access rights set for the group.
Who Can Do What?
Overview Page |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| Read all information | √ | √ | √ | √ |
| Edit the workspace descriptions | √ | |||
The team overview is the team home base located under My overview.
Team Overview |
|||
| Team Members | Team Administrator | Account Administrator | External Users |
| Access the team overview | Add and remove members from the team | No access to team overviews if the account administrator is not a member of the team. | Cannot be added to teams or view the team overview page |
| Post conversations on the team overview | Add more team administrators | ||
|
See and change all card details on the team overview for cards assigned:
|
|||
| See all details for cards assigned to other team members that are located in workspaces where the user is not a member | |||
Conversations |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| Create their own posts | √ | √ | √ | √ |
| Delete their own posts | √ | √ | √ | √ |
| Create, delete, and download all posts | √ | |||
Plan |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| View activities, milestones, and dependencies | √ | √ | √ | √ |
| Add comments | √ | √ | √ | √ |
| Create and edit activities, milestones, and dependencies | √ | √ | √ | |
| Change access rights | √ | |||
| No access | Administrators can turn on No access setting for specified groups. | |||
Roadmap |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| View work packages and activities | √ | √ | √ | √ |
| Add comments | √ | √ | √ | √ |
| Create and edit work packages and activities | √ | √ | √ | |
| Change access rights | √ | |||
Boards |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| View Boards and Cards | √ | √ | √ | √ |
| Delete Boards | √ | |||
| No access | Administrators can turn on No access on each board for specified groups. | |||
Documents |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| Read documents | √ | √ | √ | √ |
| View history | √ | √ | √ | √ |
| Send documents with email | √ | √ | √ | √ |
| Download folders and documents | √ | √ | √ | √ |
| Copy documents, folders, and links | √ | √ | √ | √ |
| Access folders according to set access rights (but never more than read-only) | √ | √ | √ | √ |
| Comments on documents, folders, and links | √ | √ | √ | √ |
| Delete user's own comments added to other reviews | √ | √ | √ | √ |
| Terminate reviews the user created | √ | √ | √ | √ |
| Create and define folders, documents, and links | √ | √ | √ | √ |
| Edit details | √ | √ | √ | |
| Access folders according to access rights | √ | √ | √ | |
| Delete document versions the user has created | √ | √ | √ | |
| Activate/Deactivate version control | √ | √ | √ | |
| Permanently lock documents | √ | √ | √ | |
| View folder access | √ | √ | √ | |
| Change folder access | √ | |||
| Access all folders and documents regardless of set access rights | √ | |||
| Unlock all documents (except documents with a permanent lock) | √ | |||
| Delete document versions | √ | |||
| Delete all comments added on other reviews | √ | |||
| Terminate all reviews | √ | |||
| Create, edit, and delete document templates | √ | |||
| No access | Administrators can turn on No access setting for document folders for specified users and groups. | |||
Members |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| See workspace members names and email addresses |
√ |
√ | √ | √ |
| Invite and delete members | √ |
√ |
√ | |
| Create and delete member groups | √ | |||
| Edit administrators | √ | |||
| Edit reporting (to receive daily or weekly updates) for all members | √ | |||
| Change access for member groups | √ | |||
Card Templates |
Workspace Members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| Create templates |
√ |
√ | √ | √ |
| Edit and delete templates | √ |
√ |
√ | |
Recycle bin |
Workspace members with: | Workspace | External | |
| Read Access | Read and Write Access | Administrators | Users | |
| See Recycle bin contents | √ | √ | √ | √ |
| Restore items previously deleted | √ | √ | √ | √ |
| Restore all contents | √ | √ | √ | |
| Permanently delete all contents | √ | |||
| No access | Administrators can turn on No access setting for specified users and groups. | |||
Administration |
Workspace Members with: | Workspace | Head | External | |
| Read Access | Read and Write access | Administrators | Administrator | Users | |
| Perform all administration | √ | √ | No access to Account Administration | ||
| Change all information | √ | √ | |||
| Terminate workspace | √ | ||||
| Change head administrator | √ | ||||
|
Change name |
√ |
||||
|
Select tools |
√ |
||||
|
Archive workspaces |
√ |
||||
Status |
Workspace Members with: | Workspace | Workspace | Head | External | |
| Read Access | Read and Write access | Administrators | Manager | Administrator | Users | |
| Receive reminders for status updates | √ | √ | √ | √ | ||
| Report status updates to portfolios | √ | √ | √ | |||
| Download workspace report | √ | √ | √ | |||
Stakeholders in Portfolios can have the following roles:
- Account Administrator. The Account administrator has the highest access rights in the Portfolios tool in the account
- Portfolio administrator for a specific portfolio. A user can be made Portfolio administrator in the Stakeholders section of the Portfolio details pane.
- Account member with admin rights for Portfolios. Portfolio tools admin rights can be given to a user in the Account administration page - People tab.
- Account member with no admin rights for Portfolios. Portfolio tools admin rights can be removed from a user in the Account administration page - People tab.
- External member. An external member can be a member of another account or no account.
Portfolios |
Account Administrator | Portfolio Administrator | Account Members with Admin rights to Portfolios | Account Members with No Admin rights to Portfolios | External Member |
| Access to Portfolios tool | √ | √ | √ | Only if they are admin or member of at least one portfolio | Only if they are member of at least one portfolio |
| Can see a portfolio | All the portfolios they are admin or member of in the account + Any portfolios they are member of in any other account |
All the portfolios they are admin or member of in the account + Any portfolios they are member of in any other account |
All the portfolios they are admin or member of in the account + Any portfolios they are member of in any other account |
All the portfolios they are admin or member of in the account + Any portfolios they are member of in any other account |
All the portfolios they are member of in any account |
| Can create a portfolio | √ | √ | |||
| Can delete a portfolio | Only the portfolios in the account | Only the portfolios they are admin of | Only the portfolios they are admin of | Only the portfolios they are admin of | |
| Can edit a portfolio | Only the portfolios in the account | Only the portfolios they are admin of | Only the portfolios they are admin of | Only the portfolios they are admin of | |
| Can make themselves portfolio admin | Only the portfolios in the account | ||||
| Can remove themselves from portfolio admin | Only the portfolios in the account | √ | √ | √ | |
| Can be made portfolio admin | Only the portfolios in the account | √ | √ | √ | |
| Can be removed from portfolio admin | Only the portfolios in the account | √ | √ | √ | |
|
Can remove themselves from a portfolio |
√ |
√ |
√ |
√ |
√ |
Workload |
||
| Account Members with Access to Workload | Account Administrator | External Users |
| Full access to the tool, information, and features | Give account member access to the Workload tool | No access to the Workload tool |
Requests |
||
| Account Members with Access to Requests | Account Administrator | External Users |
| Full access to the tool, information, and features | Give account member access to the Requests tool | No access to the Requests tool |
Workspace Templates |
||||
| All Members | Members Included in the Account | Template Administrator | Template Head Administrator | External Users |
| Create new workspaces based on the template | Use templates distributed to the account | Edit the template content | Assign head administrator/owner of the template | Cannot see or add workspace templates to the account |
| Use templates users have been granted access | Distribute a template to the account | Add and remove template administrators | Terminate the template | |
'No Access' setting for specified groups and teams in a workspace
Administrators have the ability to turn on No Access setting for specified groups and teams for the following Projectplace tools:
- Plan
- Documents
- Issues
- Members
- Meetings
- Recycle Bin
- Reports