In the first step towards supporting project and business unit level permissions, we have split the existing roles in the system into Global Roles and Project Roles, based on the existing permissions groupings.
All existing roles in the system will be migrated and split as appropriate and access will remain unaffected for all users. Both Roles can be assigned directly to the user.
To support the splitting of roles, we have updated how permission assignment in workflows works as well, rather than having to update individual permissions for a role, you can now reassign one role to another, allowing reuse and the updating of all roles in one location. Again any existing workflow permission modifications will be updated to the new format.
Not all users require the same level of access for each project. There may be cases where individuals or teams do not require any access at all, whereas in other projects they need to have Manager or Admin rights.
Users with appropriate permissions will now be able to override individual users or whole business unit’s roles within the project access view. This allows for users to have differing levels of permissions for each project they can access.
The previous location for ‘Ownership’ in the top left menu under the cog icon, has now been renamed to ‘Project Access.’
This has also moved to the top right next to the update and lock threat model icons. See the icon with a person and a plus sign to locate the ‘Project Access’ area. This is to make it accessible faster and more easily by placing it within the UI.
