Skip to main content
See also: Properties | Domain Model Types | Relationships

Permission Levels

diagram

User Permissions

Powersheet fetches user permissions from the server API to determine access capabilities. Permissions are structured as follows:
NameTypeDefaultDescription
document.admin.readbooleanSee applicationPermission to view the sheet configuration YAML.
document.admin.writebooleanSee applicationPermission to modify the sheet configuration YAML.
model.admin.readbooleanSee applicationPermission to view the domain model configuration YAML.
model.admin.writebooleanSee applicationPermission to modify the domain model configuration YAML.
readOnlybooleanfalseTop-level flag indicating if the entire sheet should be read-only for the current user.
license.statusstringSee applicationLicense validation status: OK, INFO, WARNING, or INVALID.
license.messagestringNoneHuman-readable message explaining the license status.

License Status Values

StatusDescription
OKValid license with full functionality.
INFOInformational message about the license.
WARNINGLicense issue detected; limited functionality may apply.
INVALIDNo valid license; restricted access.
The sheet enters read-only mode if any of these conditions is true: the configuration isReadOnly property is true, the user is viewing a historical revision, or the user has the readOnly permission flag set to true.

Property-Level Permissions

Individual properties on entity types can be configured with readable and updatable flags to control field-level access:
NameTypeDefaultDescription
readablebooleantrueControls whether the property is visible to users. When false, the property is hidden in the UI.
updatablebooleantrueControls whether the property can be modified by users. When false, the property is read-only.

Configuring Property Permissions

domainModelTypes:
  UserNeed:
    polarionType: userNeed
    properties:
      title:
      description:
      severity:
      internalScore:
        readable: false
        updatable: false
      approvalStatus:
        readable: true
        updatable: false
In this example:
  • internalScore is completely hidden from users
  • approvalStatus is visible but cannot be edited

System Read-Only Properties

Certain built-in properties are always read-only regardless of configuration:
PropertyEntityBehavior
idAll work itemsAlways read-only.
outlineNumberAll work itemsAutomatically managed by Polarion. Always read-only.
objectIdAll entitiesUniversal primary key. Always read-only.
moduleFolderDocumentCreate-only (set during creation, read-only thereafter).
moduleNameDocumentCreate-only.
titleDocumentCreate-only.
typeDocumentCreate-only.
allowedWITypesDocumentCreate-only.
The complete list of create-only Document fields may vary by version. Verify the current behavior in your Powersheet installation.

Relationship Permissions

Relationships between entity types can have their own permission controls, independent of the entity type permissions:
NameTypeDefaultDescription
createablebooleanSee applicationControls whether new relationship instances can be created by users.
readablebooleanSee applicationControls whether relationship instances are visible in queries.

Permission Inheritance

Relationship navigation properties inherit permissions through a hierarchy:
  1. Navigation property permissions — Explicit readable/updatable on the navigation direction
  2. Entity-level permissions — Permissions defined on the parent entity type
  3. Server-rendered override — Properties using server rendering are automatically set as non-editable
relationships:
  - from: UserNeed
    to: SystemRequirement
    cardinality: one-to-many
    storage: linkedWorkItems
    linkRole: refines
    direct:
      name: systemRequirements
    back:
      name: userNeeds
Each direction (direct and back) can optionally carry its own constraint configuration that further restricts access.

Complete YAML Example

domainModelTypes:
  Document:
    properties:
      title:
      type:

  Chapter:

  UserNeed:
    polarionType: userNeed
    properties:
      title:
        readable: true
        updatable: true
      description:
      severity:
      outlineNumber:
      internalNotes:
        readable: false
        updatable: false

  SystemRequirement:
    polarionType: systemRequirement
    properties:
      title:
      description:
      severity:
        readable: true
        updatable: true

  DesignRequirement:
    polarionType: designOutput
    properties:
      title:
      description:
      severity:

relationships:
  - from: UserNeed
    to: SystemRequirement
    cardinality: one-to-many
    storage: linkedWorkItems
    linkRole: refines
    direct:
      name: systemRequirements
    back:
      name: userNeeds

Related pages: Properties | Domain Model Types | Constraints | Relationships
Source Code
  • prod-powersheet-src/com.nextedy.powersheet.client/src/modules/ConfigProvider/ConfigProvider.tsx
  • prod-powersheet-src/com.nextedy.powersheet.client/src/modules/ConfigProvider/types/UserPermissions.d.ts
  • prod-powersheet-src/com.nextedy.powersheet.client/cypress/fixtures/models/permissions.yaml
  • prod-powersheet-src/com.nextedy.powersheet.client/src/modules/Powersheet/Powersheet.tsx
  • Relationship.java