Project Roles and Permissions
Roles
Project Owner
Analyst
Reviewer
Observer
Permissions
Notes
Manage a project:
| • | Reassign project ownership |
| • | Manage project users |
| • | Rename project |
| • | Move projects in Project Folder Tree |
| • | Manage scan settings |
| • | Manage inventory review/ remediation settings |
| • | Manage Source Control Management (SCM) and Application Lifecycle (ALM) instances |
The project creator automatically becomes Project Owner, who can then reassign ownership to another user.
See the previous section, System Roles and Permissions, for information about the Create Project role needed to create projects.
—
—
—
View project inventory
Any user (not just one with a project role) can view the Project Inventory tab and the associated inventory details.
*
Edit, create, and recall project inventory
On the Project Inventory tab, only Reviewers and the Project Owner can perform inventory review functions:
| • | Recall inventory |
| • | Edit inventory priority, review status, and alerts |
| • | Update Notices Text (on the Licenses & Notices tab) and Notes & Guidance text (except Detection Notes) for inventory |
| • | Approve or reject inventory |
However, on this same tab, only Analysts and the Project Owner have access to the Add Item button to create inventory and to the Edit Item button to edit inventory definition properties (such as component, version, selected license, URL, and usage).
—
Access and use Analysis Workbench
| • | View codebase file tree |
| • | Create, edit, and recall inventory and manage custom detection rules. |
| • | Edit Notices Text on the Licenses & Notices tab |
| • | Edit Audit Notes on the Notes tab |
—
—
Invoke a scan
—
—
Upload codebase
—
—
Import/export project data
—
—