Permission Layers
Checklist permission control operates at multiple levels. Understanding which layer applies helps you choose the right configuration approach.
Step 1: Configure Field-Level Permissions
Polarion’s field-based permission system controls who can read and write the checklist custom field. This is the most fundamental permission layer.- Navigate to Polarion Administration > Work Items > Custom Fields
- Locate the checklist custom field (for example,
dod) - Configure read/write permissions by role
- Read-only for specific roles (for example, Viewer, Reporter)
- Editable for other roles (for example, Project Lead, Quality Engineer)
- Hidden from roles that should not see the checklist at all
Step 2: Understand Checklist Admin Permissions
Checklist distinguishes between regular editing (changing result states on individual items) and structural modification (clearing the entire checklist or resetting to template). The Reset to template / Clear button in the checklist UI requires checklist admin permissions. Users without admin access will not see this button.| Action | Permission Required |
|---|---|
| Change item result state (OK, NOK, N/A) | Field write access |
| Add a note to an item | Field write access |
| Add/remove checklist items | Field write access |
| Reset to template / Clear checklist | Checklist admin permission |
Step 3: Configure Read-Only by Status
To lock the checklist at specific workflow statuses, combine field permissions with the freeze configuration:- Freeze prevents template items from being added
- Read-only prevents users from changing result states
Step 4: Restrict Workflow Function Access
Workflow functions likeChecklistResetToTemplate have a skipForUsers parameter that allows specific users to bypass the reset operation:
Permission Decision Matrix
Use this matrix to determine which configuration to apply based on your requirement:| Requirement | Configuration |
|---|---|
| Restrict who can edit checklist items | Polarion field permissions (read/write by role) |
| Prevent non-admins from clearing/resetting | Checklist admin permissions (automatic) |
| Lock checklist at a workflow status | mergeTemplate=false + read-only field config |
| Exempt users from workflow resets | skipForUsers parameter on ChecklistResetToTemplate |
| Hide checklist from certain roles | Polarion field permissions (hide field) |
| Block mixed-type bulk edits | Automatic in v24.9.0+ (no configuration needed) |
Step 5: Verify Permission Configuration
Test each permission layer to confirm it works as expected. Test field permissions:- Log in as a user with the restricted role
- Open a work item with a checklist
- You should now see the checklist in read-only mode (no ability to change result states)
- Log in as a non-admin user
- Open a work item with a checklist
- You should now see the checklist without the “Reset to template / Clear” button
- Select work items of mixed types in a table view
- Open the bulk edit panel
- You should now see a notification that checklists are not supported for mixed-type bulk edits (v24.9.0+)
See Also
- Read-Only Mode — lock checklists from editing by configuration
- Freezing Checklists by Status — stop template merging at specific statuses
- Workflow Gates and Validation — enforce completion before transitions
- Troubleshooting — common permission-related issues
Sources
Sources
KB Articles
- How to control who can change the list and when?
- How to create checklist template?
- Multiple templates per one work item/document type
ChecklistService.javaChecklistAdminServlet.javaChecklistSetupService.javaChecklistResetToTemplate.javaDocumentChecklistView.java