开发者

Field level permissions in TFS 2010

Within a team project I create a group called 'LimitedAccess' and add a couple of users to it. I now need to give this group permissions to

1) Add a bug and assign it to the default 'assignedTo' user, i.e. user cannot select who to assign to. However, user should be able to set other fields e.g. priority etc. 2) Only modify the d开发者_开发百科escription of an existing bug. Rest of the fields should be read-only.

Is this possible? Looks like it is either read or write but no field level permissions. Thanks.

I modified the work item type workflow (third tab) - double clicked the first transition, i.e. before the bug becomes active, and added the field I want to restrict ('AssignedTo'). I added 3 rules to this field for 'LimitedAccess' group, ALLOWEDVALUES, READONLY and DEFAULT. When saved, the field is readonly (grayed out) but with no default value. Below is the xml. I use transition because when the bug is already raised, different rules will apply.

[Transition from="" to="Active"]

[REASONS]

[REASON value="Build Failure" /]

[DEFAULTREASON value="New" /]

[/REASONS]

[FIELDS]

[FIELD refname="Microsoft.VSTS.Common.ActivatedBy"]

[ALLOWEXISTINGVALUE /]

[COPY from="currentuser" /]

[VALIDUSER /]

[REQUIRED /]

[/FIELD]

[FIELD refname="Microsoft.VSTS.Common.ActivatedDate"]

[SERVERDEFAULT from="clock" /]

[/FIELD]

[FIELD refname="System.AssignedTo"]

[READONLY for="[project]\LimitedAccess" /]

[DEFAULT for="[project]\LimitedAccess" from="value" value="QA" /]

[ALLOWEDVALUES for="[project]\LimitedAccess" expanditems="false"]

[LISTITEM value="[project]\QA" /]

[LISTITEM value="[project]\DEV" /]

[LISTITEM value="[project]\OTHERS" /]

[/ALLOWEDVALUES]

[/FIELD]

[/FIELDS]

[/Transition]


If you open the work item template with the work item template editor, which is installed with TFS power tools package, you will see a list of fields used in the work item type.

Double click on a field a "Field Definition" window opens which has a "Rules" tab that allows you to define rules for individual fields. For each rule definition you can define who the rule is "for" and who the rule is "not for".

I believe you can use the DEFAULT and READONLY rules to construct a flow like you explained above.

Here is a link to a documentation page about rules.
http://msdn.microsoft.com/en-us/library/ms194953.aspx


I was able to get by this limit, but the solution seems hacky. If anyone else has a better idea I am very interested. But, being as this question is over a year and a half old, I doubt it. What I did was put 6 Rules on the field. The first is Allowed Values (1 value, my default value) with my Admin group in the NOT group. The Second is Default (same value as rule 1). Third is AllowedValues with my admin group in FOR, this has the real list of possible values not just the default. Fourth Rule is Frozen with my Admin group in the NOT field. My 5th rule is AllowExistingValue (because if my admin group sets it to one of the values not available to the rest it needs this exception for a regular user to save it with the value set by Admin). And, Lastly my 6th rule is Required, this is because Frozen would allow user to blank out the value but not change it, by setting required we eliminate the blanking out. Please tell me somebody has a better approach to getting a default value to still save even though this field is currently read only to the current user.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜