Project roles are set by the Project Admin and comprise a predefined set of global roles together with a set of customized project roles. The combination of global and project-specific roles within a project role provides multiple layers of granularity when setting access rights on Projects. When creating a new project, the Project Admin can modify the actions set in the global roles and create new project roles for each of the Projects to which they are assigned.
The following example demonstrates the permissions in the case of a Developer global role and a Developer project role:
The Developer global role is granted the Read and Write actions in the DEV and PROD environments. This role is seen in the Global Roles tab.
The Developer project role is granted the Write and Delete actions in the DEV environment. This role is seen in the Project Roles tab.
The user or group assigned to the Developer role will be able to Read and Write artifacts in DEV and PROD environments. Adding the Lead Developer to the same user or group will also provide them with the ability to delete artifacts in the DEV environment only.
