makeplane
[feature]: Add roles and permissions
Is there an existing issue for this?
- [X] I have searched the existing issues
Summary
We propose the implementation of a fine-grained permissions system within your project management software. This feature would provide users with the ability to control access and actions at a detailed level, improving security and ensuring that only authorized individuals can make specific changes to tasks, cycles, and other elements of the project.
State Change Authorization: Users should have the ability to specify who can change the state of a task or cycle. This means that only specific individuals or roles are allowed to transition items between different states, ensuring that these transitions are controlled and accountable.
Property Modification Control: The fine-grained permissions system should enable administrators or task owners to restrict access to certain properties of a task or cycle. For example, only specific users should be able to modify critical properties like due dates, priority levels, or associated team members.
Role-Based Permissions: This system should support role-based permissions, allowing organizations to define different roles (e.g., admins, managers, contributors) and assign specific permissions to each role. This ensures that access and control are aligned with users' responsibilities.
Customization: Users should be able to customize permissions at a granular level, specifying who can view, edit, or delete specific elements within a task or cycle, including comments, attachments, and other metadata.
Why should this be worked on?
Benefits:
Enhanced security: Users can control access and actions, reducing the risk of unauthorized changes or data breaches. Accountability: The fine-grained permissions system ensures that state changes and property modifications are attributed to specific individuals or roles.
Customizability: Organizations can tailor the permissions system to their unique workflow, ensuring it aligns with their project management needs.
Conclusion: The addition of a fine-grained permissions system is a significant step toward providing users with a more secure and customizable project management experience. It addresses the need for controlled access and accountability, enabling organizations to manage their projects with greater precision and confidence. We believe that this feature would greatly benefit users and contribute to the overall effectiveness of your platform.
Please consider implementing this feature to further enhance the capabilities of your project management software. Your users will appreciate the added flexibility and security that a fine-grained permissions system offers.
I would like to follow up on this with a +1. Right now one of the biggest issues holding our org back from adopting Plane is Issue-level permissions. We need users to be able to propose/create issues for Projects they are not members of and we need to be able to tag external project users on issues and allow them to view/comment on said issue. E.x. A user who is not a member of IT should be able to create an issue for IT (i.e. reporting a computer issue or requesting permissions to something) without being able to access the IT project or access all of the other issues in IT. Additionally, we would want to be able to tag that user (or say their manager) on the issue they created and have them be able to view or comment on the issue but not be able to view or comment on issues they did not create/were not given access to within the project.
Fine-grained RBAC will come to our highest tier, likely called Ultimate or Enterprise. We'll let you know when it comes out.
The feature for role and permissions management is not yet implemented. The goal is to develop a system where users can create custom roles, assign specific names to them, and define granular permissions for each role. This functionality should allow administrators to manage access control in a way similar to Taiga, enabling them to define what actions each role is permitted to perform.
This feature is especially critical for larger teams, as having the ability to assign appropriate permissions ensures better control and security. For instance, it is highly important to restrict sensitive actions, such as deleting resources, from being available to all members. Without such restrictions, critical operations could be performed by unauthorized users, which poses significant risks to the system and its data.
