Gemini Community Support Site

This Gemini community support site can be used to find solutions to product issues. You can log in using Open Id, Google Profile and even Facebook. Feel free to ask a question or browse FAQs and documentation. Product tour videos are also available along with how-to videos demonstrating key Gemini capabilities.




New Gemini Permissions Needed?

web-app

Using Gemini 3.1.2.

I have 9 projects in Gemini. 
I have 2 global groups: "IT Users" and "Everyone (Authenticated)"... Well, there are 2 other groups: "Everyone" and "Gemini Administrators" - I don't use these, but have not removed them.
I have no project groups.

All IT dept. members are in the IT Users group.  Nobody else is assigned an explicit group, so they're all in "Everyone (Authenticated)" by default.

8 of the Gemini projects are "owned" by the IT department I'm in.  ("Hardware", "Software", "Security", "Web Development", "App Development", etc).  Only IT users should have access to administer these issues (Create, Move, Edit, Comment, Close, etc).

The last project is the "Add New Request" project.  The "Everyone (Authenticated)" group has limited access to this project.  It is the only project in which they can create issues.

I have 2 Security Schemes:
1. All users (Default): IT Members have all permissions except "Only View My Own Issues".  The Everyone (Authenticated) group has "View Project", "Create Comment", "Only View Own Issues" permissions.  This scheme is applied to the 8 IT projects.
2. All Users (Add New): Same as above, plus Everyone (Authenticated) also has "Create Issue".  This scheme is applied to the 1 "Add New Request" project.

The site is in Portal Mode, group chosen is Everyone (Authenticated).

The result of this is that non-IT users can log in, and they see almost nothing.  The Add New Request title is shown, but they can see no issues.  They use the "Create Issue" link in the top navigation bar to create an issue.  They can only choose the "Add New Request" project for their issue.
IT users can log in and see everything, as desired.

Our internal process is: non-IT users log in to Gemini and create an issue (e.g. "Please upgrade my software").  IT gets the notification email, someone logs in and evaluates the issue, moving it from "Add New Request" to an appropriate Project based on the issue's description, etc.

Now however, the original requestor can no longer see the issue.  Even by following a link to it, they're redirected back to the Add New Request issue list.

Furthermore, no (non-IT) users can view other issues in the system now.  Particularly un-useful if the CFO wants to know what happened to his department's request for software upgrades... and he can't see any issues at all.

I would like to know if it's possible to configure Gemini so that:

1. I can specify a "Default" project for users to see.  Example: non-IT users log in and always see the issue list for the "Add New Request" project.  They can create an issue or navigate to the projects list via nav links, but they start out right where most of them will stop.

2. I can designate some of my projects read-only for non-IT users:  Example: non-IT users can view lists/details of issues in the "App Development" project - but not comment/edit, etc., unless they're involved in the issue (see #4)

3. I can desginate some of my projects as IT-only: Example: IT users can see that project in the list, but non-IT users won't see it unless they're involved in an issue in that project (see #4).. and then they'd only see the list of issues in which they're involved.

4. My non-IT users could always see lists/details of their own issues, or issues where they are a watcher, regardless of which project it's in (hidden/readonly/etc)

5. My non-IT users could only comment on their own issues (where they are the original requestor or a watcher on the issue), regardless of which project it's in.

Thanks
JBroome
· 1 		JBroome
Wednesday, July 15, 2009, 6:23:32 PM
Replies (3)
helpful
0
not helpful

It seems like what you are after is an extension of the portal mode user group feature. We do have the “edit own” permission which is used to allow user to edit their own issues. This can help. At the moment we do not provide the ability to have a “default project” so users land on that project’s issues page. Feel free to add your suggestions to our list: http://gemini.countersoft.com

You can always purchase the source code and amend it to your needs.
Mark Wing
· 9108 		Mark Wing
Thursday, July 16, 2009, 6:38:25 PM
helpful
0
not helpful

Here is my take on how to make the scenario work...

1. Turn off Portal Mode.
2. Assign permissions like you already have.
3. Use Project Labels to group your Projects logically: "Help Desk", "Work In Progress", "IT".
4. Only the "Add New Request" Project should be assigned the "Help Desk" label
5. IT Projects visible to all get the "Work In Progress" label.
5. Internal/hidden IT Projects get the "IT" label.

Two points to note:

1. The Project Labels usage should mean that the key "Add New Request" Project appears first under the "Help Desk" label. Granted this is not as neat as Portal Mode but at least you have something to put in front of them that should make them go in the right direction.
2. The Security Scheme should control who can do what on which project.  I would ensure that "EVERYONE (AUTH)" can always Add a Comment. 
3. This wasy everyone can see what IT is up to via the Projects labelled "Work In Progress".

Not ideal, but workable.
Harvey Kandola
· 212 		Harvey Kandola
Thursday, July 16, 2009, 6:59:54 PM
helpful
0
not helpful

Thanks for the ideas.

I didn't mention, but am already using Project Labels to separate the "Add New Request" project from the others and list it first.  GMTA

It seems that if I used 3 different groups as suggested, I'm not actually moving the "IT" projects' issues completely out of view, I'm just giving them a label that suggests "Don't look here", right?

As you said, not ideal... but (maybe) workable.
JBroome
· 1 		JBroome
Thursday, July 16, 2009, 7:10:01 PM