Hub 2017.4 Help

Manage User Access

The Roles tab lets you view and manage the permissions that are available to a single user account. Users are granted permissions based on the roles that they are assigned in one or more projects.

There are distinctions between the permissions that allow users to perform specific actions in Hub and permissions that allow operations in a connected service. Permissions are usually granted within a project, and provide access to specific resources that are connected to the project. For example, if you have a project in Hub that uses a YouTrack project and a TeamCity project as resources, you have YouTrack-specific permissions that apply only to operations in the YouTrack project and TeamCity-specific permissions that apply to the TeamCity project. In this case, users can have different View Project and Update Project permissions for each connected service.

You can also grant users access in a project by adding them directly to the project team. For more information, see Manage the Project Team.

View Access Permissions

The access permissions for a user account are displayed on the Roles tab of the account profile. Here, you can view which roles and permissions are assigned to the account.

  • The list displays each role that is assigned to the user and the number of projects in which the user is granted this level of access.
  • Nested under each role is the reason for the assignment. Here you see whether the user is granted a role in a project as a member of a group, a member of the project team, or with a direct assignment.
  • The sidebar displays the set of permissions that are assigned to the selected role.
roles tab user

To view the access rights for a user account:

  1. Open the Roles tab of the account profile.
  2. Use the search box to filter the list by a role, project, or even a particular permission to find out if the account has the required access to a resource or operation.
    userProfileAccessTabFilter

Grant a Role to a User

If you do not want to assign a role to all of the members in a group, you can assign the role to a user directly.

To assign a role to a user directly:

  1. In the Access Management section of the Administration menu, select Users.
  2. Use the search box to find the desired user account.
  3. Select a user from the list.
  4. Select the Roles tab.
  5. Click the Grant role button.
  6. In the Grant Role sidebar, choose a role to assign to the user.
  7. Select one or more projects where you want to apply the role.
  8. Click the Grant role button.

Revoke a Role from a User

If a user no longer requires access that is granted by a role, you can revoke the role assignment. This procedure only applies to roles that are assigned directly to a user.

  • If a role is granted to a user as a member of a group, you can revoke the role assignment by removing the user from the group. For more information, see Manage Group Memberships.
  • If a role is granted to a user as a member of a project team, you can revoke the role assignment by removing from the group or project team. For more information, see Manage the Project Team.

To revoke a role from a user:

  1. In the Access Management section of the Administration menu, select Users.
  2. Use the search box to find the desired user account.
  3. Select a user from the list.
  4. Select the Roles tab.
  5. Locate the role assignment that you want to remove from the selected user account. Use the search box to locate a role by name, project, or permission.
  6. Under the role assignment, select the project in which the role is granted.
    revoke role user
  7. Click the Revoke role button.
  8. Confirm the action in the confirmation dialog.
    • The role is revoked from the user in the selected project.
    • The user loses the permissions that are assigned to the role in the project.
Last modified: 7 December 2017