Permissions

  • Published on Jan 21, 2026
  • 1 minute(s) read
Prev Next

This article presents the management of permissions in a  Tuleap Tracker.

Tuleap allows you to manage two levels of permissions for a tracker:

  • At the tracker level to specify who can view artifacts

  • At the tracker fields level to specify field by field who can read, create, and modify a value in a field in an artifact

Dropdown menu showing permissions options for managing incidents administration fields.

Manage tracker permissions

Configure tracker permissions to control who can view artifacts.
The fees apply group by group. Each user group can be granted different permissions.

Manage tracker permissions for user groups and access levels in a project.

For example, project members can access all artifacts, while logged in or anonymous users can't access them if they are not assigned permissions.

Permission management works in a cascade of manners. Even if a group has a specific right, it will not be able to access the tracker if the project remains private.
Access depends on three successive levels: the platform, the project, and then the tracker.

Tuleap also provides four system groups present in all projects:

  • All users : any user, even anonymous

  • Logged in users: any authenticated user

  • Project members: any user added to the project

  • Project Administrators: any member with administrative rights.

These groups are intertwined.
An administrator is also a member of the project, a logged-in user, and a user. Subgroups automatically inherit the rights of the top group.

It is therefore not possible to grant fewer rights to a project member than to a non-member user. Tuleap points out these inconsistencies and adjusts the configuration.

Manage field permissions

Configure field-by-field permissions to fine-tune access control.
Management is done from the Fields Permissions section .

Two approaches are possible:

  • Select a group and set permissions for each field

  • Select a field and assign permissions to each group.

Each field can be assigned one of the following three levels of entitlement:

  • "-": no right on the spot

  • "Read-only" : the value is visible;

  • "Update" : The value is editable.

A box also allows you to define whether or not a field appears when submitting an artifact.
This option helps simplify the interface by displaying only the essential information.

These permissions apply throughout the platform.
A user will therefore only see the data to which he or she has access, including when using a tool that relies on a tracker.

Related articles
© 2025 Enalean SAS