Sophie

Sophie

distrib > Mageia > 5 > i586 > by-pkgid > 9e41a94a3e659caa5b91706d5c415d34 > files > 942

bugzilla-4.4.11-1.mga5.noarch.rpm

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ANSI_X3.4-1968"><title>3.15.&#160;Groups and Group Security</title><link rel="stylesheet" type="text/css" href="../../style.css"><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><meta name="keywords" content="Bugzilla, Guide, installation, FAQ, administration, integration, MySQL, Mozilla, webtools"><link rel="home" href="index.html" title="The Bugzilla Guide - 4.4.11 Release"><link rel="up" href="administration.html" title="Chapter&#160;3.&#160;Administering Bugzilla"><link rel="prev" href="quips.html" title="3.14.&#160;Quips"><link rel="next" href="sanitycheck.html" title="3.16.&#160;Checking and Maintaining Database Integrity"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">3.15.&#160;Groups and Group Security</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="quips.html">Prev</a>&#160;</td><th width="60%" align="center">Chapter&#160;3.&#160;Administering Bugzilla</th><td width="20%" align="right">&#160;<a accesskey="n" href="sanitycheck.html">Next</a></td></tr></table><hr></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="groups"></a>3.15.&#160;Groups and Group Security</h2></div></div></div><p>
    Groups allow for separating bugs into logical divisions.
    Groups are typically used
    to isolate bugs that should only be seen by certain people. For
    example, a company might create a different group for each one of its customers
    or partners. Group permissions could be set so that each partner or customer would
    only have access to their own bugs. Or, groups might be used to create
    variable access controls for different departments within an organization.
    Another common use of groups is to associate groups with products,
    creating isolation and access control on a per-product basis.
    </p><p>
    Groups and group behaviors are controlled in several places:
    </p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem"><p>
             The group configuration page. To view or edit existing groups, or to
             create new groups, access the "Groups" link from the "Administration"
             page. This section of the manual deals primarily with the aspect of
             group controls accessed on this page.  
           </p></li><li class="listitem"><p>
            Global configuration parameters. Bugzilla has several parameters 
            that control the overall default group behavior and restriction
            levels. For more information on the parameters that control 
            group behavior globally, see <a class="xref" href="parameters.html#param-group-security" title="3.1.9.&#160;Group Security">Section&#160;3.1.9, &#8220;Group Security&#8221;</a>.
          </p></li><li class="listitem"><p>
            Product association with groups. Most of the functionality of groups
            and group security is controlled at the product level. Some aspects
            of group access controls for products are discussed in this section,
            but for more detail see <a class="xref" href="products.html#product-group-controls" title="3.4.4.&#160;Assigning Group Controls to Products">Section&#160;3.4.4, &#8220;Assigning Group Controls to Products&#8221;</a>.
          </p></li><li class="listitem"><p>
            Group access for users. See <a class="xref" href="groups.html#users-and-groups" title="3.15.3.&#160;Assigning Users to Groups">Section&#160;3.15.3, &#8220;Assigning Users to Groups&#8221;</a> for
            details on how users are assigned group access.
          </p></li></ol></div><p>
      Group permissions are such that if a bug belongs to a group, only members
      of that group can see the bug. If a bug is in more than one group, only
      members of <span class="emphasis"><em>all</em></span> the groups that the bug is in can see
      the bug. For information on granting read-only access to certain people and
      full edit access to others, see <a class="xref" href="products.html#product-group-controls" title="3.4.4.&#160;Assigning Group Controls to Products">Section&#160;3.4.4, &#8220;Assigning Group Controls to Products&#8221;</a>.
     </p><div class="note" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Note"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Note]" src="../images/note.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p>
        By default, bugs can also be seen by the Assignee, the Reporter, and 
        by everyone on the CC List, regardless of whether or not the bug would 
        typically be viewable by them. Visibility to the Reporter and CC List can 
        be overridden (on a per-bug basis) by bringing up the bug, finding the 
        section that starts with <span class="quote">&#8220;<span class="quote">Users in the roles selected below...</span>&#8221;</span>
        and un-checking the box next to either 'Reporter' or 'CC List' (or both).
      </p></td></tr></table></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="create-groups"></a>3.15.1.&#160;Creating Groups</h3></div></div></div><p>
        To create a new group, follow the steps below:
      </p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem"><p>
            Select the <span class="quote">&#8220;<span class="quote">Administration</span>&#8221;</span> link in the page footer, 
            and then select the <span class="quote">&#8220;<span class="quote">Groups</span>&#8221;</span> link from the 
            Administration page.
          </p></li><li class="listitem"><p>
            A table of all the existing groups is displayed. Below the table is a
            description of all the fields. To create a new group, select the 
            <span class="quote">&#8220;<span class="quote">Add Group</span>&#8221;</span> link under the table of existing groups.
          </p></li><li class="listitem"><p>
            There are five fields to fill out. These fields are documented below
            the form. Choose a name and description for the group. Decide whether
            this group should be used for bugs (in all likelihood this should be
            selected). Optionally, choose a regular expression that will
            automatically add any matching users to the group, and choose an
            icon that will help identify user comments for the group. The regular
            expression can be useful, for example, to automatically put all users
            from the same company into one group (if the group is for a specific
            customer or partner). 
          </p><div class="note" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Note"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Note]" src="../images/note.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p>
               If <span class="quote">&#8220;<span class="quote">User RegExp</span>&#8221;</span> is filled out, users whose email 
               addresses match the regular expression will automatically be 
               members of the group as long as their email addresses continue 
               to match the regular expression. If their email address changes
               and no longer matches the regular expression, they will be removed
               from the group. Versions 2.16 and older of Bugzilla did not automatically
               remove users who's email addresses no longer matched the RegExp.
             </p></td></tr></table></div><div class="warning" style="margin-left: 1em; margin-right: 1em"><table border="0" summary="Warning"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Warning]" src="../images/warning.gif"></td><th align="left"></th></tr><tr><td align="left" valign="top"><p>
               If specifying a domain in the regular expression, end
               the regexp with a "$". Otherwise, when granting access to 
               "@mycompany\.com", access will also be granted to 
               'badperson@mycompany.com.cracker.net'. Use the syntax,
               '@mycompany\.com$' for the regular expression.
             </p></td></tr></table></div></li><li class="listitem"><p>
          After the new group is created, it can be edited for additional options. 
          The "Edit Group" page allows for specifying other groups that should be included
          in this group and which groups should be permitted to add and delete
          users from this group. For more details, see <a class="xref" href="groups.html#edit-groups" title="3.15.2.&#160;Editing Groups and Assigning Group Permissions">Section&#160;3.15.2, &#8220;Editing Groups and Assigning Group Permissions&#8221;</a>.
          </p></li></ol></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="edit-groups"></a>3.15.2.&#160;Editing Groups and Assigning Group Permissions</h3></div></div></div><p>
        To access the "Edit Groups" page, select the 
        <span class="quote">&#8220;<span class="quote">Administration</span>&#8221;</span> link in the page footer, 
        and then select the <span class="quote">&#8220;<span class="quote">Groups</span>&#8221;</span> link from the Administration page.
        A table of all the existing groups is displayed. Click on a group name
        you wish to edit or control permissions for.
      </p><p>
       The "Edit Groups" page contains the same five fields present when 
       creating a new group. Below that are two additional sections, "Group
       Permissions," and "Mass Remove". The "Mass Remove" option simply removes
       all users from the group who match the regular expression entered. The
       "Group Permissions" section requires further explanation.
      </p><p>
       The "Group Permissions" section on the "Edit Groups" page contains four sets
       of permissions that control the relationship of this group to other
       groups. If the 'usevisibilitygroups' parameter is in use (see
       <a class="xref" href="parameters.html" title="3.1.&#160;Bugzilla Configuration">Section&#160;3.1, &#8220;Bugzilla Configuration&#8221;</a>) two additional sets of permissions are displayed. 
       Each set consists of two select boxes. On the left, a select box
       with a list of all existing groups. On the right, a select box listing
       all groups currently selected for this permission setting (this box will
       be empty for new groups). The way these controls allow groups to relate
       to one another is called <span class="emphasis"><em>inheritance</em></span>. 
       Each of the six permissions is described below.
      </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">
            <span class="emphasis"><em>Groups That Are a Member of This Group</em></span>
          </span></dt><dd><p> 
              Members of any groups selected here will automatically have 
              membership in this group. In other words, members of any selected 
              group will inherit membership in this group. 
            </p></dd><dt><span class="term">
            <span class="emphasis"><em>Groups That This Group Is a Member Of</em></span>
          </span></dt><dd><p>
              Members of this group will inherit membership to any group 
              selected here. For example, suppose the group being edited is
              an Admin group. If there are two products  (Product1 and Product2) 
              and each product has its
              own group (Group1 and Group2), and the Admin group 
              should have access to both products, 
              simply select both Group1 and Group2 here. 
           </p></dd><dt><span class="term">
            <span class="emphasis"><em>Groups That Can Grant Membership in This Group</em></span>
          </span></dt><dd><p>
             The members of any group selected here will be able add users
             to this group, even if they themselves are not in this group.
           </p></dd><dt><span class="term">
            <span class="emphasis"><em>Groups That This Group Can Grant Membership In</em></span>
          </span></dt><dd><p>
             Members of this group can add users to any group selected here,
             even if they themselves are not in the selected groups.  
           </p></dd><dt><span class="term">
            <span class="emphasis"><em>Groups That Can See This Group</em></span>
          </span></dt><dd><p>
             Members of any selected group can see the users in this group.
             This setting is only visible if the 'usevisibilitygroups' parameter
             is enabled on the Bugzilla Configuration page. See
             <a class="xref" href="parameters.html" title="3.1.&#160;Bugzilla Configuration">Section&#160;3.1, &#8220;Bugzilla Configuration&#8221;</a> for information on configuring Bugzilla.
           </p></dd><dt><span class="term">
            <span class="emphasis"><em>Groups That This Group Can See</em></span>
          </span></dt><dd><p>
             Members of this group can see members in any of the selected groups.
             This setting is only visible if the 'usevisibilitygroups' parameter
             is enabled on the the Bugzilla Configuration page. See
             <a class="xref" href="parameters.html" title="3.1.&#160;Bugzilla Configuration">Section&#160;3.1, &#8220;Bugzilla Configuration&#8221;</a> for information on configuring Bugzilla.               
           </p></dd></dl></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="users-and-groups"></a>3.15.3.&#160;Assigning Users to Groups</h3></div></div></div><p>
        A User can become a member of a group in several ways:
      </p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem"><p>
            The user can be explicitly placed in the group by editing
            the user's profile. This can be done by accessing the "Users" page
            from the "Administration" page. Use the search form to find the user
            you want to edit group membership for, and click on their email
            address in the search results to edit their profile. The profile
            page lists all the groups, and indicates if the user is a member of
            the group either directly or indirectly. More information on indirect
            group membership is below. For more details on User administration,
            see <a class="xref" href="useradmin.html" title="3.2.&#160;User Administration">Section&#160;3.2, &#8220;User Administration&#8221;</a>.
          </p></li><li class="listitem"><p>
           The group can include another group of which the user is
           a member. This is indicated by square brackets around the checkbox  
           next to the group name in the user's profile. 
           See <a class="xref" href="groups.html#edit-groups" title="3.15.2.&#160;Editing Groups and Assigning Group Permissions">Section&#160;3.15.2, &#8220;Editing Groups and Assigning Group Permissions&#8221;</a> for details on group inheritance.
          </p></li><li class="listitem"><p>
            The user's email address can match the regular expression
            that has been specified to automatically grant membership to
            the group. This is indicated by "*" around the check box by the
            group name in the user's profile.
            See <a class="xref" href="groups.html#create-groups" title="3.15.1.&#160;Creating Groups">Section&#160;3.15.1, &#8220;Creating Groups&#8221;</a> for details on 
            the regular expression option when creating groups.
           </p></li></ol></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a name="idm140035936180208"></a>3.15.4.&#160;Assigning Group Controls to Products</h3></div></div></div><p>
     The primary functionality of groups is derived from the relationship of 
     groups to products. The concepts around segregating access to bugs with
     product group controls can be confusing. For details and examples on this
     topic, see <a class="xref" href="products.html#product-group-controls" title="3.4.4.&#160;Assigning Group Controls to Products">Section&#160;3.4.4, &#8220;Assigning Group Controls to Products&#8221;</a>.
     </p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="quips.html">Prev</a>&#160;</td><td width="20%" align="center"><a accesskey="u" href="administration.html">Up</a></td><td width="40%" align="right">&#160;<a accesskey="n" href="sanitycheck.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">3.14.&#160;Quips&#160;</td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top">&#160;3.16.&#160;Checking and Maintaining Database Integrity</td></tr></table></div></body></html>