Configure Permissions

Overview

Nextedy RISKSHEET respects Polarion’s native permission model while providing additional configuration options for fine-grained access control. Permissions affect:

Cell editing — Which fields users can modify
⚙️ Configuration access — Who can edit RISKSHEET configuration
📄 Document operations — Create, edit, and delete risk documents
Linked item editing — Modify upstream and downstream work items

Permission Layers

RISKSHEET applies permissions in the following hierarchy:

Configure Document-Level Permissions

Step 1: Set Document Permissions in Polarion

Navigate to Administration > Permissions and configure access for RISKSHEET documents:

Select the Documents permission category
Choose the project or global scope
Assign read/write permissions to user roles

Example permission matrix:

Role	View Documents	Edit Documents	Delete Documents
Project Admin	✓	✓	✓
Safety Engineer	✓	✓	✗
Auditor	✓	✗	✗

Step 2: Enable RISKSHEET-Specific Optimizations

For large documents where permissions are defined at the document level (not item level), improve loading performance: In Administration > Configuration Properties, add:

nextedy.risksheet.moduleOnlyPermissions=true

This bypasses item-level permission checks and relies solely on document permissions.

Setting moduleOnlyPermissions=true can significantly reduce loading times for RISKSHEET documents with hundreds of work items when your permission schema does not require item-level access control.

Configure Field-Level Permissions

Enable Field-Based Access Control

By default, RISKSHEET does not check field-level permissions for performance reasons. To enable granular field access control:

nextedy.risksheet.checkInstanceFieldPermissions=true

Enabling field-level permission checks increases load time. Only use this setting if your Polarion configuration requires different users to have access to different fields within the same work item.

Disable Work Item Prototype Permissions

If you use custom field permissions and need to bypass prototype-level permission checks:

nextedy.risksheet.checkPrototypePermissions=false

This is useful when you define permissions directly on work item instances rather than relying on type-level (prototype) permissions.

Configure Configuration Access

Restrict Configuration Editing to Admins

By default, any user with document edit permissions can access Menu > Configuration > Edit Risksheet Configuration. To restrict configuration editing to project administrators only:

nextedy.risksheet.disable_admin_check=true

Despite the property name disable_admin_check, setting this to true actually enables the admin-only restriction. This property name is a legacy artifact and may be renamed in future versions.

Access control flow:

Configure Upstream Column Editing

By default, upstream sub-columns (fields from linked items) are read-only in RISKSHEET. To allow users to edit upstream item properties directly:

nextedy.risksheet.upstreamSubColumnsReadonly=false

See Enable Editing of Upstream Columns for detailed configuration.

Configure Branched Document Permissions

Enable Referenced Item Editing

When working with branched documents, referenced items are read-only by default. To allow editing:

nextedy.risksheet.branchingSupport=true
nextedy.risksheet.editableReferencedWorkItems=true

See Work with Branched Documents for setup details.

Common Permission Scenarios

Scenario 1: Read-Only Auditors

Requirement: Auditors can view RISKSHEET documents but cannot edit any data. Solution:

In Polarion Administration > Permissions, grant auditors View Documents permission
Do NOT grant Edit Documents permission
No RISKSHEET-specific configuration needed

Scenario 2: Field-Specific Access

Requirement: Safety engineers can edit all fields except “Approval Status” which only admins can modify. Solution:

In Polarion, configure field-level permissions for “Approval Status” to admin-only

In Configuration Properties, set:

nextedy.risksheet.checkInstanceFieldPermissions=true

RISKSHEET will render the “Approval Status” column as read-only for non-admin users

Scenario 3: Performance-Optimized Large Documents

Requirement: 500+ work items in a single RISKSHEET document, permissions defined at document level only. Solution:

nextedy.risksheet.moduleOnlyPermissions=true

This skips per-item permission resolution and improves load time by 60-80%.

Verification

Test Document Access

Log in as a user with restricted permissions
Navigate to a RISKSHEET document
Verify that:
- Users without edit rights see a read-only grid
- Edit icons and context menus are disabled
- Save button is not visible

Test Field-Level Restrictions

Enable field-level permission checking
Configure Polarion to restrict a specific field
Open RISKSHEET and verify the restricted field renders as read-only (grayed out)
Attempt to edit the field — the cell should not become editable

Test Configuration Access

Set disable_admin_check=true
Log in as a non-admin user with document edit rights
Open Menu > Configuration > Edit Risksheet Configuration
Verify that the configuration editor displays an “Access Denied” message

You should now see permission controls applied correctly across RISKSHEET documents, with restricted users unable to modify protected data and configuration access limited to administrators.

Getting Started

Concepts

Reference

Guides

Troubleshooting

FAQ

Overview

Permission Layers

Configure Document-Level Permissions

Step 1: Set Document Permissions in Polarion

Step 2: Enable RISKSHEET-Specific Optimizations

Configure Field-Level Permissions

Enable Field-Based Access Control

Disable Work Item Prototype Permissions

Configure Configuration Access

Restrict Configuration Editing to Admins

Configure Upstream Column Editing

Configure Branched Document Permissions

Enable Referenced Item Editing

Common Permission Scenarios

Scenario 1: Read-Only Auditors

Scenario 2: Field-Specific Access

Scenario 3: Performance-Optimized Large Documents

Verification

Test Document Access

Test Field-Level Restrictions

Test Configuration Access

See Also

Getting Started

Concepts

Reference

Guides

Troubleshooting

FAQ

​Overview

​Permission Layers

​Configure Document-Level Permissions

​Step 1: Set Document Permissions in Polarion

​Step 2: Enable RISKSHEET-Specific Optimizations

​Configure Field-Level Permissions

​Enable Field-Based Access Control

​Disable Work Item Prototype Permissions

​Configure Configuration Access

​Restrict Configuration Editing to Admins

​Configure Upstream Column Editing

​Configure Branched Document Permissions

​Enable Referenced Item Editing

​Common Permission Scenarios

​Scenario 1: Read-Only Auditors

​Scenario 2: Field-Specific Access

​Scenario 3: Performance-Optimized Large Documents

​Verification

​Test Document Access

​Test Field-Level Restrictions

​Test Configuration Access

​See Also

Overview

Permission Layers

Configure Document-Level Permissions

Step 1: Set Document Permissions in Polarion

Step 2: Enable RISKSHEET-Specific Optimizations

Configure Field-Level Permissions

Enable Field-Based Access Control

Disable Work Item Prototype Permissions

Configure Configuration Access

Restrict Configuration Editing to Admins

Configure Upstream Column Editing

Configure Branched Document Permissions

Enable Referenced Item Editing

Common Permission Scenarios

Scenario 1: Read-Only Auditors

Scenario 2: Field-Specific Access

Scenario 3: Performance-Optimized Large Documents

Verification

Test Document Access

Test Field-Level Restrictions

Test Configuration Access

See Also