Manage Project Restrictions
If you want to restrict principals from modifying the mainline or branch of any project, you can change project restrictions through the Manage Project Restriction Wizard. During project restriction operation, you can allow specific users or groups to perform allowed changes to a restricted project. You can add or remove the permitted principals along with exceptions to the added principals.
The following options are available in the Manage Project Restriction Wizard:
• Manage restrictions on the project hierarchy: You can manage restrictions on the required project hierarchy through the following options:
◦ You can select the Enable restriction option and select the required principals to allow specific principals to make allowed changes to a particular restricted project.
◦ You can select the Overwrite permitted principals option to replace the existing principals to the restricted subprojects within the project hierarchy.
The following points must be considered while overwriting permitted principals:
▪ The list of principals displayed in the Principals permitted to make changes selection box is only based on the project that is selected. Whether you select the option to overwrite or not on the subproject level, the resulting change to the project is the list as displayed.
|
If the Overwrite permitted principals option is selected at the project level, then the permitted principals at the subproject level are overwritten.
|
▪ The initial list of permitted principals on the subproject may be different as subprojects can be managed independently.
▪ If the project level principals are changed, then the list at the subproject level changes accordingly. However, if the Overwrite permitted principals option is selected at the project level, all the permitted principals at the subproject level are overwritten with the permitted principals at the project level.
|
All additional principals permitted for a subproject are removed.
|
• Add exceptions to allowed principals for restricted project: You can explicitly deny some users or groups from the allowed list of principals in the Exception to permitted principals selection box.
Working with Restricted Projects
The following facts apply when working with restricted projects:
• All operations that modify the project are restricted. Only permitted principals can execute operations appropriate to their permissions to the project. For example, add, checkpoint, submitcp, and so on.
• Subproject operations that change the structure of the restricted parent project are denied to all the principals, including the permitted principals. For example, addsubproject, configuresubproject, and so on.
• All operations that require administrative permissions are performed on the restricted project by the principals appropriate to their permissions to the project. For example, deletearchive, deleteproject, and deleterevision.
Related Links