1st Scenario :-
- Scenario :
Restrict users in some particular role from performing some action on some particular object, like project, task.
For example, restrict users from role 'Sales Manager' from editing the project 'Administration Target'.
...
- Solution:
- Keep the 'Edit Project' permission as 'Unspecified' for the role 'Sales Manager' at company level.
- On 'Administration Target' project, select 'Deny' option for role 'Sales Manager' to edit the project.
- On the other hand, select grant option for role 'sales manager' to edit the project which they are suppose to.
2nd Scenario :-
- Scenario:
There are two roles in a company, say 'Sales Manager' and 'Sales Executive'. You want users in the 'Sales Manager' role to view 'Project A' and 'Project B' and 'Sales Executive' should only see 'Project B' and not 'Project A'. A simple example becomes complicated when one user is playing two roles sales manager and sales executive.
...
- Solution :
- Keep the 'View Project' permission as 'Unspecified' at company level.
- For the 'Project B' grant 'View Project' for both the roles.
- For 'Project A' deny the 'View Project' privilege for 'Sales Executive'
3rd Scenario :-
- Scenario :
A user plays a role 'Sales Manager' in an workspace 'Sales' for which the 'Edit Project' permission is 'Granted'. But, he is not able to edit the project created for 'Engineering' workspace though he is part of the project team. - Security Settings :
The 'Edit Project' permission is 'Granted' for 'Sales Manager' role. - Result :
The user is not able to edit the project.
...