Skip to main content

Prerequisites

Before starting, ensure you have:
  • Risksheet installed and licensed in your Polarion project
  • Administrative access to edit risksheet.json
  • Familiarity with the configuration editor

Choose a Review Strategy

Risksheet supports three mutually exclusive review strategies. Select the one that matches your compliance and workflow requirements. For an in-depth comparison of how each strategy stores review data and when to use each one, see Review Workflows. diagram
StrategyreviewManager ValueUse When
Comment-basedCommentBasedLightweight feedback cycles during analysis development
Approval-basedApprovalBasedFormal sign-off needed for compliance audits (ISO 26262, ISO 14971)
Work item-basedWorkItemBasedReview tasks need full lifecycle tracking as Polarion work items
If multiple review modes are configured, the system uses a priority order: CommentBased takes precedence over WorkItemBased, which takes precedence over ApprovalBased. Configure only the strategy you intend to use.

Step 1 — Enable Comment-Based Reviews

Comment-based reviews store feedback as standard Polarion comments on work items. This is the simplest option to configure. Add the reviews section to your risksheet.json: 
{
  "reviews": {
    "reviewManager": "CommentBased"
  }
}
When enabled, reviews display with:
  • Author name (falls back to user ID if name is unavailable)
  • Timestamp in yyyy-MM-dd HH:mm format
  • Optional title (shown in bold)
  • HTML-rendered comment content
Reviews are styled with the risk_reviews CSS class, which you can customize in your styles section.
The review display automatically filters out resolved and unresolvable comments. Only active, open comments appear in the review panel.
For detailed comment-based configuration, see Configure Comment-Based Reviews.

Step 2 — Enable Approval-Based Reviews (Alternative)

{
  "reviews": {
    "reviewManager": "ApprovalBased"
  }
}
This mode stores reviews as Polarion approval comments, providing a formal audit trail for regulated industries. For detailed configuration, see Configure Approval-Based Reviews.

Step 3 — Enable Work Item-Based Reviews (Alternative)

{
  "reviews": {
    "reviewManager": "WorkItemBased",
    "typeProperties": {
      "linkTypes": "reviewItem",
      "linkRole": "reviews"
    }
  }
}
This mode creates separate linked work items for each review entry, enabling full lifecycle tracking. Both linkTypes and linkRole are required. For the full property reference and cross-project storage options, see Configure Work Item-Based Reviews.

Step 4 — Enable Reviewer Mode

When a user accesses Risksheet in reviewer mode, editing is restricted and review-specific UI controls are displayed. The reviewer property controls this behavior: 
{
  "reviewer": false
}
When reviewer is set to true, the grid restricts editing and shows review-specific controls. This is typically set dynamically based on user role rather than statically in the configuration.

Customizing Review Display

You can customize how reviews appear using CSS targeting the risk_reviews class: 
{
  "styles": {
    ".risk_reviews": { "font-size": "12px", "padding": "4px" }
  }
}
For work item-based reviews, you can provide a custom HTML template via the itemTemplate property in typeProperties to control how each review entry is rendered. Without a custom template, the default display includes a clickable work item ID link, author name, creation date, title, and description.

Verification

After saving your configuration:
  1. Reload the Risksheet document in your browser
  2. You should now see review controls available in the grid interface (the exact location depends on your review strategy)
  3. Create a test review on a risk item to confirm the review system is active
  4. Verify the review displays with author, timestamp, and content
If review controls do not appear after configuration, verify that the reviews section exists in your risksheet.json and that reviewManager is set to one of the three valid values: CommentBased, WorkItemBased, or ApprovalBased.

See Also

KB ArticlesSupport TicketsSource Code
  • AppConfig.ts
  • IReview.java
  • CommentBasedReview.java
  • SystemConsts.java
  • risksheet.json