Table of Contents
Three-Tier Project Security Model #
TIER SUMMARY #
| Tier | Level | Description | Access scope | Key capabilities | Business purpose |
|---|---|---|---|---|---|
|
1 |
Project owners |
Highest authority within a
project
|
Entire project |
Full control over all
actions, manage
permissions,
add/remove
owners
|
Governance,
accountability,
and
administrative
control
|
|
2 |
Project-level teams |
Teams/groups assigned to
project |
Across all project
data
|
View, create,
update, delete
items; control
visibility,
reassignment, and
collaboration
|
Enable team
collaboration
and controlled
access
|
|
3 |
Column-level
permissions
|
Granular control within
workflow stages
|
Specific stages
(columns) |
Restrict or allow
actions per stage
(view, create,
update, delete)
|
Enforce
workflow-specific
rules and
approvals |
Project-Level Permissions #
PERMISSION DETAILS #
| Permission | Description | What user can do | Example use case | Business impact |
|---|---|---|---|---|
|
Read |
Access project data |
See all items within the
project
|
Team member viewing
assigned tasks
|
Transparency
and visibility
|
|
Create |
Add new items |
Create new tasks or
records
|
Developer creating a new
task
|
Enables
productivity
|
|
Update |
Modify items |
Edit existing tasks or
records
|
Updating task status or
details
|
Keeps data
current |
|
Delete |
Remove items |
Delete tasks or records |
Removing obsolete tasks |
Data cleanup
and control |
|
View all tasks |
Access others’ work |
View tasks assigned to
other users
|
Manager reviewing team
work
|
Improves
collaboration
|
|
Allow self
reassignment |
Assign tasks to
myslef and others
|
Change ownership of
tasks |
Reassigning work to myself
and another member
|
Resource
optimization
|
|
View and update all
tasks
|
Modify others’ items |
Edit tasks assigned to
other users |
Manager updating team
tasks
|
Operational
flexibility
|
|
View unassigned
tasks |
Access unassigned
items
|
View and manage tasks
without owners |
Picking up unassigned work |
Prevents work
gaps |
Column-Level Permissions #
PERMISSION DETAILS #
| Permission | Description | What user can do | Example scenario | Business benefit |
|---|---|---|---|---|
|
Read |
Access items in a specific
stage
|
See tasks in a column |
QA team viewing “Testing”
stage |
Controlled
visibility |
|
Create |
Add items in a stage |
Create tasks directly in a
column
|
Adding tasks in “To Do” stage |
Workflow
flexibility
|
|
Update |
Modify items in a stage |
Edit tasks within that stage |
QA updating test results |
Process
control
|
|
Delete |
Remove items in a stage |
Delete tasks from a column |
Removing invalid tasks |
Data
accuracy |
KEY DIFFERENCE SUMMARY #
| Aspect | Project-level permissions | Column-level permissions |
|---|---|---|
|
Scope |
Entire project |
Specific workflow stage
|
|
Granularity |
Broad control |
Fine-grained control
|
|
Use case |
General access management |
Workflow-specific restrictions
|
|
Flexibility |
Moderate |
High |
