Overview of roles on all levels

Level

Role

Used by

Purpose

Customer area



ReaderAll customer area members.Grants to read-only access to the customer area. Basic role to access the customer area.

UserAll customer area members. This is assigned automatically when a person is joining any project.Granting read-only permissions to get into proper customer area + be able to create own project.

AdminCustomer key persons

Grants ability to add/remove users in customer area (usually removing is used when an employee is leaving the company).

A possibility to see all projects even without being members of them for customer area admins/owners and portal admins (use toggle button LOAD MORE PROJECTS to see all customer´s projects or projects the user is member of.


OwnerCustomer key persons

Grants ability to change roles for users + approval capabilities (buying licenses, approving raising of resources limits).

A possibility to see all projects even without being members of them for customer area admins/owners and portal admins (use toggle button LOAD MORE PROJECTS to see all customer´s projects or projects the user is member of.


BillingCompany accountants, ICT managersGranting access to billing capabilities and details.
Project



ReaderAll project members.Grants read-only access to the portal project. Basic role to access portal project.

UserUsually standard usersGrants ability to add/remove servers.

AdminUsually senior or lead team members

Grants ability to add/remove servers and SaaS entities (Jira projects, Confluence spaces, Bitbucket repositories).

A possibility to see all projects even without being members of them for customer area admins/owners and portal admins (use toggle button LOAD MORE PROJECTS to see all customer´s projects or projects the user is member of.


OwnerUsually project managers

Grants ability to change roles for users + approval capabilities (buying licenses, approving raising of resources limits).

A possibility to see all projects even without being members of them for customer area admins/owners and portal admins (use toggle button LOAD MORE PROJECTS to see all customer´s projects or projects the user is member of.


BillingProject accountants, project managersGranting access to billing capabilities and details.
Application



ReaderNot available for end-users. Granted automatically based on users membership of some application entities.Usually gives the ability to be able to login into application and reserves license where applicable. This is automatically managed by TDS, no actions required from end-users.

UserNot available for end-users. Granted automatically based on users membership of some application entities.Usually gives the ability to be able to login into application + reserves license where applicable. This is automatically managed by TDS, no actions required from end-users.

AdministratorNot available for end-users. Used by customer administrators only.Reserved for customer administrators to be able to manage SaaS applications with partial administrator permission.
Application entities



ReaderUsually project customers, collaborators or for example employees with access to some shared documentation. This role is granted automatically to any new member of the entity.Grants usually read-only access and comments to a particular entity (differs by application type). Basic access to the entity.

UserRoughly 90% of users - developers, technical specialists...Read-write access to a particular entity (differs by application type).

AdminUsually senior developers, project managers.Managing various stuff in an entity (differs by application type).

Admin/Owner role for Customer Area

A new possibility to see all projects even without being members of them for customer area admins/owners and portal admins.

 

Toggle button - to see all customer´s projects or projects the user is member of.  

CA Admin is able to manage a project without membership the same way a portal admin is currently able to do. 

When CA admin clicks on any user they have an ability to:

If the admin role is removed at the highest level, it is lost at all levels.

Click on Project Name and show up the Application and Services list (the current status set for that user).

Click on the Application and Service list and show up Entities names and what role the user has there.

User default role in Company and Project

Added option to define default User Role on Customer Area (CA) and Project Level in TDS portal. How to set up a default role:

  1. Go to Project details
  2. Click edit
  3. Scroll down the menu and set default role (reader, user, admin, owner and etc.)

Combine more roles as a default role (for example admin+billing) is not possible.
No inheritance from default role on CA level to default role on project level.


Invitation
 

Before a user can be granted access to particular project and services (Jira and Confluence) he needs to be first invited and his account created.

User can be granted access on a few levels:

User can be invited to CA/Company sending an invitation to user's email.

User can be added to Level 2 only when the user is already in Level 1.

User can be added to Level 3 only when the user is already available in Level 2.

TDS User Directory (LDAP) is used to keep the user's personal data assigned to CA/Company and user's projects.

Additionally, there is an available list of all TDS users in the Admin section.


By pressing  button user can invite another user to TDS CA/Company (Level 1) entering a user's email in invitation dialogue and pressing button INVITE.

Invitations are valid for a limited time (default is 72 hours). Valid unused invitations can be viewed on the Invitations page.



Adding/Remove users

Page Users shows the list of users connected with this Project. The project owner or admin can add already existing users to a Project using  button. If the user is not in Customer area than he/she can be invited directly from add user modal window (as described in above). Self-invitation is not possible in public TDS.

Once the user is granted access to the TDS project and can be found among all project Users.

If you want a new user to have access to all SaaS applications for your project click the option Add to all services when inviting the user.


There are 4 types of users:

Once a user is a member of the project he can be granted user/administrator access to one or more SaaS application as JIRA, Confluence, Git, etc.

Project admin/owner can add a user to a particular application using  button available for each application under left menu tab SaaS.

The project owner can edit or remove users by clicking on REMOVE.

How to add (remove) user to Jira or Confluence