Need more granular Admin permissions to allow for multi-tier support
When defining roles in Zephyr Enterprise, the application only allows for a user to either have full administrative permissions for any Admin level module (i.e. System Setup, User Setup, Group Setup, Project Setup or Defect Admin) or not. For larger enterprise organizations there is a need to create admin level roles that would provide a user with either read-only or create permissions, but would prevent that user from performing any kind of delete operations.
Use Case:
- A large scale company can have multiple divisions/sectors each with thousands of users supporting hundreds of products.
- Each division/sector requires their own instance of Zephyr Enterprise due to user volume, development methodologies, configuration needs, etc.
- One size doesn't fit all in this case.
- Each division/sector requires different setup, reporting of different metrics, customizations, etc.
- Due to the need to support multiple divisions/sectors a number of administrative staff are required to meet all the demands of the various user groups.
- However, to reduce risk of user error not all administrative staff require full admin level privilege (i.e. View, Create, Update or Delete) for all admin level modules.
- Some staff only need read-only permissions to view/pull setup information, project information, user information, etc. for reporting and compliance validation.
- Some staff need permission to create (i.e. projects, new custom fields, add users, add groups, etc.) to support user needs.
- Some staff need permissions to update values (i.e. custom fields [i.e. picklist]) to support user needs.
- Small number of Subject Matter Expert (SME) staff need permission to delete (i.e. custom fields, values in custom fields, projects, users, groups, remove settings, etc.) to support company needs.
By providing the ability to grant View, Create, Update or Delete permissions to any Admin module, custom roles could be configured to provide only the permissions needed for multi-tier level support teams (i.e. Level 1 Support, Level 2 Support or Level 3 Support).
Example of the Role permissions per Admin module:
- System Setup
- System Config
- View
- Update
- Delete
- Authentication
- View
- Update
- Delete
- Jira Integration
- View
- Create (or Add)
- Update
- Delete
- Customizations
- View
- Create (or Add) *Note: this permission should also allow a user to add new values to existing Fields (i.e. picklist)
- Resources Roles
- Projects Fields
- Requirements Fields
- Test Cases Fields
- Test Cases Execution Status
- Test Cases Step Execution Status
- Update
- Test Cases Estimated Time
- Test Cases Test Repo Configuration
- Test Cases Bulk Status Update
- Test Cases Priority Field
- Trend Data Collection Scheduling
- Advanced Miscellaneous
- Advanced Announcement Banner
- Dashboard and Report Gadget Refresh Rate
- Execute (for Indexing)
- Delete (for Roles or Fields)
- API Token
- View
- Create
- Delete (i.e. Remove)
- About Zephyr
- View
- Create *Note: This would allow the user to Download License Usage, Create Support Zip or Export Audit Log.
- User Setup
- View
- Create (or Add)
- Update (or Edit User details)
- Delete (or Disable Accounts)
- Group Setup
- View
- Create (or Add) *Note: This would include the ability to Import Groups
- Update *Note: This would include the ability to sync groups as well as Edit Group
- Delete
- Project Setup
- View
- Create (or Add)
- Update *Note: This would include Edit Project, Test Case Sharing, Assign Group to project with Roles and Assign Users to project with Roles
- Backup *Note: This would provide access to Backup and Restore and Recurring Backup
- Defect Admin
- View
- Create (or Add)
- Update
- Delete