Version: Current

Setting security per item

Overview

TimeTracker NX allows you to set "edit" and "view" permissions for items on an item-by-item basis within a project.
By limiting the users who can publish items, you can use it not only for security but also for compliance as follows.

Narrow the scope of reference by the user's job title.
Limit the information that is made public when working on a project with multiple teams, including other people and departments.

This function is available only in the Professional Edition.

Basic Concept

The basic concept and operation are the same as security for folders in Windows.
TimeTracker NX's concept is as follows.

Set the following for each item defined in the project's work item screen.

Item Content of permission
Edit item Can add/change work items
View item Can view the contents of work items
Can be set from the first-level node.
The following behavior occurs depending on the item-level security setting.
- When setting item-level security
  Set "Allow" permission for the users you want to view.
  Users who do not have permission will be considered as "Deny".
- If item-level security is not set
  Access is possible with the permissions set in the following function.
  - Manage system roles
  - Set member permissions

Item	Content of permission
Edit item	Can add/change work items
View item	Can view the contents of work items

Scope of security

The security permissions set in this function do not apply to "effort and cost" in pivot analysis.
For details on "effort and cost", see the following link: "effort and cost"

Items that you do not have permission to view or edit will also be included in the calculation.

The items that can be achieved with the item-level security function are shown below.

Setting new security
Changing security settings
Clearing security settings
Operating items with permissions set
Scope of impact of security settings

No.1-3 can only be performed by users with project management permissions.

Setting item-level security for users with system management permissions does not impose any restrictions.

Setting new security

This explains how to set new security for items that do not have security set.
First, right-click on the item to be set and select "Change settings...".

Set the following in the security settings dialog.

Security settings dialog

The security settings dialog has the following settings.

① Detailed settings field
② Security setting target selection field
③ Permission setting field

Here, we will explain how to set each item.

① Detailed settings field
Check the following items as necessary.
- Inherit parent item settings
  Item-level security has an "inherit" function that allows you to reflect the settings of a parent item in child items.
  This saves you the trouble of changing each item one by one when setting or changing security.
  If you create a new item under an item with security set, the item you created will automatically be in an inherited state.
- Apply this permission setting to all child items
  Delete the permission settings of the child items and set everything to inherited state.
  Check this box if you want the settings you have made to be reflected in child items.
②Security setting target selection field
Click the "+" button to add a target.
- When setting permissions, it is convenient to set them for groups such as "organizations" or "project groups"
  rather than for specific users.
  This saves you the trouble of setting each member individually when changing (adding or deleting) members.
- Settings cannot be changed while inheriting the settings of the parent item.
  If you want to set settings that are different from those of the parent item, uncheck "Inherit parent item settings".
③Permission setting field
Set the permissions for the target and click the "OK" button.

If you set individual security, only the specified members will be able to view the item.
Even if you grant viewing permissions in the project security, members who are not registered in the dialog below will not be able to view the target item.
Register all members who want to view and edit this item.
- If no users have checked "Allow" in the permission details field,
  Only users with system administration permissions will be able to access the target item.
  Therefore, it is safer to set it for the user who will be granted permission.
  If all users are no longer able to access the item, it will be necessary to remove the permission from users with system administration permissions.
- "Deny" is useful in the following cases.
  - You want to grant permissions to members belonging to organization A.
  - You do not want to grant permissions to user A.
  In this case, you can achieve this by setting the following.
  - Organization A: Allow
  - User A: Deny
- If both "Allow" and "Deny" are set for the same user (User A), "Deny" takes priority.

Screen after security settings

After the above settings, each item will be displayed as follows.

Appearance of areas with security settings

① Items with security settings set directly
② Items with security settings set by inheritance

Appearance of items with viewing/no viewing permissions

The appearance of items will change as follows for "System Administrator" and "User with permissions set".

System administrator screen (all items can be viewed and referenced)
User screen with set permissions (items that can be edited and viewed are limited)
- Items that cannot be edited: Gantt table and item properties cannot be edited (① and ② in the figure below)
- Items that cannot be viewed: The item itself is not displayed (③ in the figure below)

Change security settings

If you want to change security that has already been set, you can set it using the same procedure as "Set new security".

If you want to set your own settings for an inherited item, uncheck "Inherit settings from parent item".

You cannot set security for multiple items at once.

Clear security settings

You can reset the security settings for the specified folder to a state where they are not set.
This can be used when you want to start over with security settings, such as when you are unable to access items due to unintended security settings.

After performing this process, you can view/view items according to your system role and project security permissions.

Operation procedure

There are two ways to clear security settings.

Delete from the context menu
1. Right-click the item to be set and select "Clear settings".
2. Check "Clear settings for all child items" and click the OK button.
If "Clear settings from all child items" is not checked
Only inheriting child items will have their security settings cleared. Therefore, items with their own security settings will not be deleted.
Delete from the dialog
1. Right-click the item to be set and select "Change settings...".
2. Set the following in the security settings dialog and click the OK button.
  ① Delete all users to be set.
  ② Clear the check box for "Inherit settings from parent item".
  ③ Check "Apply this permission setting to all child items".

Processing items with set permissions

Copying and pasting items
The permissions required to perform operations on items differ as follows.
Only users with the appropriate permissions should perform these operations.

Operation Required permissions
Copy View
Paste Edit(※1)
Move Edit
Transfer security settings from WBS template Edit(※1)

※1 Security information is not transferred.
Deleting items
When deleting an item, it is moved to the trash and security permissions are deleted.

If there is information you do not want to make public, erase the field setting before deleting it.

Operation	Required permissions
Copy	View
Paste	Edit(※1)
Move	Edit
Transfer security settings from WBS template	Edit(※1)

Scope of impact of security settings

The following shows whether security settings impact each screen.

Global navigation	Local navigation	Impact	Impact details
Dashboard		No	-
Project	Work items	Yes	Only displays items permitted by security settings.
	Workload	No	-
	Item report	No	-
	Quick watch (Item)	Yes	Only displays items permitted by security settings.
	Quick watch (Resource)	No	-
Timesheet		Yes	Only displays items permitted by security settings. Items that you do not have permission to edit cannot be edited Items registered in My Work Items can be displayed even if you do not have permission to view, but item properties cannot be viewed
	My Work Items	Yes	If you do not have permission to view, registered items can be displayed, but item properties cannot be viewed
My Page		Yes	Only items permitted by security settings are displayed.
Analysis	Across Projects	Yes	Same as project work items.
	Workload	No	-
	Pivot Analysis	Yes	Differs as follows depending on the function to be aggregated. ・Efforts and Costs No impact. Regardless of editing and viewing permissions, information below the selected folder is aggregated. ・All Items Affected. Aggregates items for which you have permission to view.
Export Actual Work		No	-
WebAPI		Yes	Same impact as for each screen

Overview​

Basic Concept​

Setting new security​

Security settings dialog​

Screen after security settings​

Appearance of areas with security settings​

Appearance of items with viewing/no viewing permissions​

Change security settings​

Clear security settings​

Operation procedure​

Processing items with set permissions​

Scope of impact of security settings​