D
Dominik Chrzanowski
For one of my clients, I’m performing a migration from their project
management system (custom development) to Project Server 2007. The most
demanding part of the migration is configuring user permision and project
visibility management. I’m looking for any ideas that could help me to
imitate the current project visibility and permision model in the most exact
way.
Right now there are few levels of project permision and visibility
management (to make things simpler lets asume that if user can see a project,
than he always can edit it):
- Global Roles – there are few roles that are defined at application level.
Users can be added to those roles. Each of those roles has a seperate view
with all projects.
- Roles on a department level. After choosing such a role, you need to
choose one department. Only then you can assign a user to the role in a
particular department. One user can be assigned to one role in many
departments.
o Visibility – each project has a property indicating a department
leading the project. Each user role has one view where logged user can see
all projects from all departments that are equal to departments assigned to
the user (in the particular role for which the view is dedicated)
- Roles on a unit level. Equal to the idea of roles on a department level.
Units are not equal to departments.
- Roles on a project level. There are few roles that are defined on the
project level. One user may by assigned to one or more of those roles in one
project. One user can be also assigned to different project level roles in
different projects.
o Visability – each project level role has its own view. The view shows
all projects in which a logged user is in a partcular role.
Remarks:
- In my opinion RBS cannot be used for defining what the user can see
because of one of the client requirements – a possiblility to define a user
assigment to many independent departments and units. Also a collection of
departments is completely independent from the units collection.
Questions for which I’m seaching answers:
1. How to assing a user to one or more roles on a project level?
The client will not accept a solution in which a user is assigned to 3 user
groups (for instance: Project Manager, Technical Analyst, Business Analyst)
and after assigning that user to Project Team, the user will receive
permision for all 3 roles. The need is to determine in which role(s) user is
in particular project
2. How to manage user permissions on a department and unit level, assuming
that:
a. There are 2 independent collections – units and departments
b. One user can be assigned to many units and / or many departments in one
time
c. The user’s project visibility should be a combination of user unit /
department assigments and project unit department assigments
Looking forward for all sugestions.
management system (custom development) to Project Server 2007. The most
demanding part of the migration is configuring user permision and project
visibility management. I’m looking for any ideas that could help me to
imitate the current project visibility and permision model in the most exact
way.
Right now there are few levels of project permision and visibility
management (to make things simpler lets asume that if user can see a project,
than he always can edit it):
- Global Roles – there are few roles that are defined at application level.
Users can be added to those roles. Each of those roles has a seperate view
with all projects.
- Roles on a department level. After choosing such a role, you need to
choose one department. Only then you can assign a user to the role in a
particular department. One user can be assigned to one role in many
departments.
o Visibility – each project has a property indicating a department
leading the project. Each user role has one view where logged user can see
all projects from all departments that are equal to departments assigned to
the user (in the particular role for which the view is dedicated)
- Roles on a unit level. Equal to the idea of roles on a department level.
Units are not equal to departments.
- Roles on a project level. There are few roles that are defined on the
project level. One user may by assigned to one or more of those roles in one
project. One user can be also assigned to different project level roles in
different projects.
o Visability – each project level role has its own view. The view shows
all projects in which a logged user is in a partcular role.
Remarks:
- In my opinion RBS cannot be used for defining what the user can see
because of one of the client requirements – a possiblility to define a user
assigment to many independent departments and units. Also a collection of
departments is completely independent from the units collection.
Questions for which I’m seaching answers:
1. How to assing a user to one or more roles on a project level?
The client will not accept a solution in which a user is assigned to 3 user
groups (for instance: Project Manager, Technical Analyst, Business Analyst)
and after assigning that user to Project Team, the user will receive
permision for all 3 roles. The need is to determine in which role(s) user is
in particular project
2. How to manage user permissions on a department and unit level, assuming
that:
a. There are 2 independent collections – units and departments
b. One user can be assigned to many units and / or many departments in one
time
c. The user’s project visibility should be a combination of user unit /
department assigments and project unit department assigments
Looking forward for all sugestions.