Idea ID 2850646
In order to reduce requests to our small admin team, we create a custom user role that allows a minimal number of users in each workspace to add users to Octane and provide the appropriate permissions. The issue we constantly run into, is that those users can provide any permissions, even Workspace and Space admin permissions to any user including themselves.
This poses a risk as we don't want users to have Workspace Admin or Space admin capabilities. These permissions should be hierarchical so those users with our custom "Project Admin" permissions can't apply higher level permissions to themselves or other users. At the very least we should be able to create business rules that will allow us to block certain roles from doing these things where there are no permission options. We cannot currently add business rules for administrative purposes.
In our case, we had to roll back those permissions so they cannot add or edit users, this creates additional work for our users because they now have to create tickets for our team to add/edit users, and creates additional work for our team in order to add/edit those users.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.