< All Topics
Print

Roles and permissions

A role is a collection of permissions. It lets you define the permissions that the members have on a project.

Each member of a project has one or multiples Role(s) for the project. If a member has multiple roles in a project, the permissions applied to the member is the combination of all roles’ permissions. A user can have different roles for different projects.

You can create new roles or edit existing ones. You can delete a role only if nobody has this role on a project.

Roles properties

  • Name: display name of the role
  • Issues can be assigned to this role: if unchecked, issues can not be assigned to members with this role on a project.
  • Issues visibility: controls issue visibility. Assuming that this role includes the View Issues permission, the following rules apply to the issues of the projects the user is tied to through it:
    • All issues : the user can see all issues.
    • All non private issues: the user can see all issues which are not marked as private and private issues that were created by or assigned to her/him. This is the default.
    • Issues created by or assigned to the user: the user can only see issues created by or assigned to her/him.
  • Time logs visibility: controls time log visibility. Assuming that this role includes the View spent time permission, the following rules apply to the time logs of the projects the user is tied to through it:
    • All time entries : the user can see all time logs. This is the default.
    • Time entries created by the user : the user can only see time logs created by or assigned to her/him.
  • Users visibility: controls user visibility (this applies to user profiles, issue filters and user search when adding watchers). The following rules apply to the users of the projects the user is tied to through it and beyond:
    • All active users : the user can see all active users (i.e. all active user accounts that are registered in Redmine). This is the default.
    • Members of visible projects : the user can only see users who are members of visible projects.

Permissions

When editing a role, you can define its permissions by checking/unchecking the different actions.

PermissionDescription
Project permissions
Create projectAllow non-admin users to create a root project
You can specify which role will be automatically given to a non-admin user who creates a project (see RedmineSettings)
Edit projectAllow user to edit project properties
Close / reopen the projectAllow user to close / reopen projects
Select project modulesAllow user to enable/disable project modules (such as issues tracking, wiki, repository…)
Manage membersAllow user to add/remove project members or change the roles of existing members
Manage versionsAllow user to add/edit/delete project versions
Create subprojectsAllow user to add subprojects to the project
Manage public queriesAllow user to save/edit/delete public queries
Save queriesAllow user to save/edit/delete their private queries
Forums permissions
View messagesAllow user to view the forums and forum activities
Manage forumsAllow user to add/edit/delete project forums
Post messagesAllow user to post new topics in forums
Edit messagesAllow user to edit any message and to remove any message attachments
Edit own messagesAllow user to edit its own messages only
Delete messagesAllow user to delete any topic or reply
Delete own messagesAllow user to delete its own topics or replies
Documents permissions
Add documentsAllow user to add project documents
Edit documentsAllow user to edit project documents
Delete documentsAllow user to delete project documents
View documentsAllow user to view documents
Files permissions
Manage filesAllow user to add/edit/delete project files under the Files section
View filesAllow user to view files
Issue tracking
Manage issue categoriesAllow user to add/edit/delete issue categories
View IssuesAllow user to view project issues
Add issuesAllow user to create new issues
Edit issuesAllow user to fully edit existing issues
Copy issuesAllow user to copy existing issues
Manage issue relationsAllow user to add/remove relations between issues
Manage subtasksAllow user to add/remove subtasks to issues
Add notesAllow user to add comments to existing issues
Edit notesAllow user to edit any issue comment
Edit own notesAllow user to edit its own comments only
Delete issuesAllow user to delete issues
Manage public queriesAllow user to add/edit/delete issue queries that are visible by all users
Save queriesAllow user to save its own issue queries
View gantt chartAllow user to view the gantt chart
View calendarAllow user to view the calendar
View watchers listAllow user to see who is watching an issue
Add watchersAllow user to add other users as watchers of an issue
Delete watchersAllow user to remove watchers of an issue
News permissions
View newsAllow user to view the news section and news activities
Manage newsAllow user to add/edit/delete project news
Comment newsAllow user to add comments to news
Repository permissions
Manage repositoryAllow user to configure the project repository
Browse repositoryAllow user to browse and view the content of the project repository
View changesetsAllow user to view the changesets
Commit accessUsed by Redmine.pm to give write access to the project repository
Time tracking permissions
Log spent timeAllow user to log time on the project
View spent timeAllow user to view the time logs on the project
Edit time logsAllow user to edit any time log
Edit own time logsAllow user to edit its own time logs only
Manage project activitiesAllow user add/edit/delete activities
Wiki permissions
Manage wikiAllow user to create or delete the project wiki
Deleting a wiki is an irreversible operation, it deletes all pages, their history and all attached files!
Rename wiki pagesAllow user to rename existing wiki page or assign wiki pages to a parent page
Delete wiki pagesAllow user to delete wiki pages
Deleting a wiki page is an irreversible operation, the page and all its history are deleted!
View wikiAllow user to view the wiki
Export wiki pagesAllow user to export wiki pages to various formats (pdf, html, …)
View wiki historyAllow user to view older versions of the wiki pages, and diff between versions
Edit wiki pagesAllow user to edit unprotected wiki pages
Delete attachmentsAllow user to delete existing wiki page attachments
Protect wiki pagesAllow user to lock/unlock wiki pages, and edit locked pages

System roles

There are two system roles in Redmine: ‘Non member’ and ‘Anonymous’. They are internally used by Redmine and thus cannot be deleted.

  • Non member: this role lets you define the permissions that a registered user has on projects which he is not a member of.
  • Anonymous: this role lets you define the permissions that anonymous users have on the projects.

Note that these two roles only apply to public projects since anonymous users and users who are not a member of a private project cannot even see it.

As a consequence of the fact, that Anonymous and Non member roles cannot be assigned to a specific user or group, but are assigned automatically, the permissions of these roles are global for a given Redmine installation. To be more concrete: You can create different developer-roles (reporter1,reporter2,…) with slightly different permissions to fit specific needs of specific projects. However: you cannot adapt Anonymous and Non member roles in a way, that non-members are allowed to create board-messages in one project, but are forbidden to do so in another project.

Some permissions cannot be given to these roles. For example, the ‘Manage members’ permission cannot be given to non member or anonymous users.

Previous Managing groups
Next Issue tracking system
Table of Contents