Configuring roles and permissions

Learn about roles and permissions available in Assets, and how to grant them to specific users or groups. At the bottom of the page, you can also find a detailed permission matrix that will tell you how permissions correspond to tasks that users can perform.

Roles

A role is a set of permissions granted to Jira users or groups to view or modify data in Assets. Here's a summary of available roles:

RoleDescription
Assets Administrator

This role can perform all actions in Assets. This includes:

  • Configuring Assets globally
  • Managing individual schemas
Assets Managers

This role can execute the following tasks on an object schema. This includes:

  • Configuring all schema details
  • Viewing objects
  • Searching for objects using basic and advanced search
  • Creating and editing objects
  • Exporting objects
  • Printing QR codes and labels 
Assets Developers

This role means builders or creators, rather than e.g. software developers. It can execute the following tasks on an object schema:

  • Viewing objects
  • Searching for objects using basic and advanced search
  • Creating and editing objects
  • Exporting objects
  • Printing QR codes and labels 
Assets Users

This role can do the following on an object schema:

  • Viewing objects
  • Searching for objects using basic and advanced search
  • Exporting objects
  • Printing QR codes and labels

Permission levels

Assets offers three levels of permissions and the roles column indicates the roles available for configuration at each level:

LevelDescriptionRoles
Global permissions

These permissions allow you to configure the entire Assets app.

By default, as part of Global permissions, the jira-administrators group is mapped to the Assets administrator role. So, if you're a Jira administrator for your Jira instance, then you can perform all actions in Assets.

However, if you remove this default mapping, then you wouldn't be able to execute tasks despite of being a Jira administrator.

Assets Administrator

Object schema permissionsThese are permissions to configure and execute actions on the object schema level.Object Schema Managers, Object Schema Developers, Object Schema Users
Object type permissionsThese are permissions to execute actions on an individual object type. You can view a detailed matrix of all tasks and corresponding permissions at the bottom of this page.Object Type Managers, Object Type Developers, Object Type Users

Granting permissions

Assets automatically grants the Assets Administrator role to all Jira admins. However, it might not inherit permissions from any particular active directory running on your Jira instance.

You need to be a Jira admin to be able to assign users or groups to a specific role in Assets.

Granting global permissions

  1. In the top navigation bar, select Assets > Configure.
  2. Switch to the Roles tab.
  3. Assign users or groups to the administrator role.

Granting object schema permissions

  1. In the top navigation bar, select Assets > Object schemas.
  2. Open your object schema.
  3. In the top-right, select Object schema > Configure.
  4. Switch to the Roles tab.
  5. Assign users or groups to the roles.

Granting object type permissions

  1. Open your object type.
  2. In the top-right, select Object type > Configure.
  3. Switch to the Roles tab.
  4. Assign users or groups to the roles.

Good to know

  • Object type permissions take precedence over object schema permissions. For example, a user might be assigned to the User role on the schema (to not make any changes), but then have a more powerful Developer role on a specific object type, so they can create objects.
  • If you want users to work with object types (and objects) you need to grant them permissions for object types, but also for the schema (at least User permissions, so they can view it). Without giving them any permissions for the schema, they won't be able to access it.
  • If you don't specify permissions for object types, they will be inherited from the object schema.

Permission matrix

Here's how roles relate to specific actions users can complete.

Assets functionsAssets UsersAssets DevelopersAssets ManagersAssets AdministratorsJira Administrators
Report Jira issues on Assets objects(tick)(tick)(tick)(tick)(tick)
Search for Assets objects and attributes(tick)(tick)(tick)(tick)(tick)
View object graph explorer(tick)(tick)(tick)(tick)(tick)
View object type graph explorer(tick)(tick)(tick)(tick)(tick)
View Assets custom field(tick)(tick)(tick)(tick)(tick)
Create/Edit Assets objects
(tick)(tick)(tick)(tick)
Move objects (Object Type To)
Note that this function applies to roles on the Object type level

(tick)(tick)(tick)(tick)
Move objects (Object Type From)
Note that this function applies to roles on the Object type level


(tick)(tick)(tick)
Delete, archive, restore Assets objects

(tick)(tick)(tick)
Create/Edit/Delete attributes

(tick)(tick)(tick)
Modify Assets object schema

(tick)(tick)(tick)
Delete Assets object schema


(tick)(tick)
Create Assets object schema


(tick)(tick)
Manage icons

(tick)(tick)(tick)
Manage references

(tick)(tick)(tick)
Import object schemas

(tick)(tick)(tick)

Create/Configure/

Enable Imports



(tick)

(except LDAP and database)

(tick)

(except LDAP and database)

(tick)


Manage global Assets permissions




(tick)(tick)

Create/Manage Assets custom field





(tick)

Move object type (drag & drop)




(tick)(tick)

Delete object type



(tick)(tick)(tick)

Add/edit Assets post-functions in Jira workflows





(tick)

Last modified on Jul 2, 2024

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.