A role can also be granted to a user group. You can associate a user account with a set of roles. A user can have a role in a specific project or in all available projects, or no roles at all. Roles are assigned to users by administrators on a per-project basis: a user can have different roles in different projects, and hence, the permissions are project-based.
User with no restrictions corresponds to the System Administrator role in the per-project authorization mode.Ĭorresponds to the default Project Developer role granted for all projects in the per-project authorization mode.Ĭorresponds to the default Project Viewer role granted for all projects in the per-project authorization mode. To change the authorization mode, go to Administration | Authentication and enable/disable the Enable per-project permissions option. Unless explicitly configured, the simple authorization mode is used in TeamCity Professional and per-project is used in TeamCity Enterprise. The View project and all parent projects permission allows viewing not only the project (with its subprojects) but its parent projects too.
Permissions within a role granted at the project level are automatically propagated in all the subprojects of this project. The set of permissions in roles is editable. In the per-project mode, you can assign users roles in projects or server-wide. In the simple mode, there are only three types of authorization levels: guest, logged-in user, and administrator. TeamCity authorization supports two modes: simple and per-project. User access levels in TeamCity are handled by assigning different roles to users thus granting them respective permissions.Ī permission is an authorization to perform particular operations, for example, to run a build or modify build configuration settings.Ī role is a set of permissions that can be granted to a user in one or all projects thus controlling access to the projects and various features in the UI.