This article describes the permission’s functionalities that exists in Quality Center.
The first thing you have to be aware when customizing a Quality Center project is that permission settings are not defined in a single location but are spread in different parts of the customization sections. You might wonder why such a decision has been made? Even though, the location of these settings have some “reasonable” sense, I believe this complexifies the tasks of securing access to the project data.
Anyway, this is how it is so let’s start examining these settings.
All the security settings are defined in the Customization (accessible through Tools > Customize…).
The different sections where you can affect user’s permissions are:
• Set Up Project Users
• Set Up Groups
• Customize Module Access
• Set Up Workflow
• Script Generator - Add Defect Field Customization
• Script Generator - Defect Details Field Customization
• Script Editor
Let’s first start with setting up the Group.
Set Up Groups
On a fresh project, there are always 5 default groups that are already defined:
• Developer
• Project Manager
• QATester
• TDAdmin
• Viewer
These groups cannot be customized and cannot be removed from the project. In order to tailor the group permissions to your project, you need to create new groups. With these new groups, you will be able to customize their settings. When creating a new group, you need to indicate from which group you want to duplicate the initial settings. This can be useful especially if your new group has similar settings from another group.
Once created, you can amend its settings by selecting Change permissions. This will bring a new window divided into tabs for each Quality Center module:
• Requirements
• Business Components (optional)
• Test Plan
• Test Lab
• Defects
• Administration (customization module permissions)
For each module you will find similar settings where you can allow (if checked) or disable (unchecked) permissions for different aspects of the module.
There are usually 3 actions Add/Modify/Delete which gives you control on a group basis.
For the Delete action, you can specify that only the owner can delete the object (’Can be deleted by owner only’ checkbox).
For the Modify action, you can even define finer rules. For each field, you can restrict modification permissions to the owner only (’Can be modified by owner only’ checkbox) and, for fields defined by lists, you can specify transition rules (i.e. define a transition workflow). This last point is particularly interesting for workflow based transitions such as Status where the designer wants the user to follow a predefined path (for instance, a defect Status cannot be set as Fixed unless the testing team has validated it beforehand by setting its Status as Validated).
For the Test Plan, Test Lab and Defect tabs, you may have noticed a “Data-Hiding Filter” link. These are extra security settings and will bring another window with further customization settings.
First, you can set filtering conditions. By defining a filter, you limit the visibility scope a group has. As an example, imagine you have different teams who are accessing a QC project:
• Team 1: this team have access to some confidential technology and consequently is not accessible to everyone.
• Team 2: these are the outsourced testers who can log defects
To separate the defects that are confidential from the one that are not, a field called “Confidentiality Grade” has been created and this field contains 2 values “1-High” and “2-Low”.
If you are defining a user group for the Team 2 then you set a fiter for the “Confidentiality Grade” field with “2-Low” as the filter. By doing this, any user that is only part of this group will not see any defect with grade “1-High”.
Secondly, you can also hide fields from the user. This prevents a user from seeing values he shouldn’t.