Overview User reference columns serve two primary purposes:
Display — Show which user is assigned to a work item (read-only mode)Assignment — Allow users to assign work items to team members (editable mode)
When configured with the ref:user type, these columns connect to Polarion’s user management system and respect project-level role restrictions such as assignable users.
The assignee field is Polarion’s native assignment mechanism. User reference columns provide the same functionality in RISKSHEET with additional configuration options. Most FMEA/HARA workflows use assignee columns for task assignments.
Configuration Basic Structure Property Type Default Description headerstring required Display name for the column header idstring auto-generated Unique identifier for the column bindingsstring none Field path to access; e.g., assignee for risk items, task.assignee for task assignments typestring ref:userColumn type for user reference fields typePropertiesobject none Configuration object for user role filtering and behavior typeProperties.userRolestring project_assignablePolarion user role that restricts displayed users; common values: project_assignable, project_viewer, project_lead widthnumber auto Column width in pixels readOnlyboolean auto Set to false to enable editing; defaults to true for upstream columns filterableboolean trueWhether users can filter by assignee sortableboolean trueWhether users can sort by assignee headerGroupstring none Groups multiple columns under a single header category headerCssstring none CSS class for styling the column header
Example Configuration: Risk Item Assignment { "header" : "Assigned To" , "id" : "assignee" , "bindings" : "assignee" , "type" : "ref:user" , "typeProperties" : { "userRole" : "project_assignable" }, "width" : 120 , "filterable" : true , "sortable" : true }
Example Configuration: Task Assignment { "headerGroup" : "Mitigations" , "headerGroupCss" : "headMitigations" , "headerCss" : "headMitigations" , "header" : "Assignee" , "bindings" : "task.assignee" , "id" : "taskAssignee" , "type" : "ref:user" , "typeProperties" : { "userRole" : "project_assignable" }, "width" : 100 , "readOnly" : false }
Type Properties User Role Filtering The userRole property in typeProperties controls which users appear in the assignment dropdown:
User Role Description Use Case project_assignableUsers who can be assigned work in the project Default for most risk/task assignments project_viewerUsers with view permission in the project Use when broader visibility needed project_leadProject administrators and leads Use for high-level responsibility assignment project_developerDevelopers and contributors in the project Use for technical task assignments
Default Configuration { "type" : "ref:user" , "typeProperties" : { "userRole" : "project_assignable" } }
Display Behavior Read-Only Display When a user column is read-only, it displays the assigned user’s ID as plain text:
Editable Assignment When readOnly: false, the column shows a dropdown selector with available users:
Upstream vs. Downstream Columns Upstream User Columns (Main Risk Items) Display user assignments on risk items themselves:
{ "header" : "Risk Owner" , "bindings" : "assignee" , "type" : "ref:user" , "readOnly" : false }
Default behavior : Upstream user columns are read-only by default. Enable editing with readOnly: false.Downstream User Columns (Task Assignments) Display assignments on linked mitigation tasks or downstream items:
{ "header" : "Task Owner" , "bindings" : "task.assignee" , "type" : "ref:user" , "readOnly" : false }
Common pattern : Task assignment columns are typically editable to allow quick assignment of mitigation work.Assignment Mechanics Single-User Assignment User reference columns in RISKSHEET support single-user assignment only . When you assign a user:
All previous assignees are cleared
The selected user is assigned
The change is persisted to Polarion
Programmatic Assignment When a user is assigned through RISKSHEET:
Assigning a new user replaces all existing assignees. This is by design to maintain single-user responsibility. If you need multiple assignees, use a custom linking approach.
Enabling/Disabling Edit Mode Configuration Override { "type" : "ref:user" , "readOnly" : false // Enable editing }
System-Wide Default Change the default for all upstream user columns via Polarion administration:
Administration > Configuration properties Property: nextedy.risksheet.upstreamSubColumnsReadonly Value: false (allows editing by default)
Binding Patterns Root Item Assignment { "bindings" : "assignee" }
Accesses the risk item’s assignee field directly.
Nested Item Assignment { "bindings" : "task.assignee" }
Accesses assignee of a downstream linked item (e.g., mitigation task). Requires the downstream item ID prefix.
Deep Nesting { "bindings" : "harm.assignee" }
Use different downstream object IDs (harm, task, issue) to access assignments in different linked item types.
Permissions and Access Control Read Permission Users need permission to view the work item to see its assignee. Read-only columns display the assignee if the user has read access to the item.
Write Permission Users need permission to edit the work item to change its assignee. The column respects Polarion’s field-level permissions:
Scenario Behavior User has edit permission Cell is editable User has read-only permission Cell displays assignee but cannot be changed User lacks permission Cell is hidden or grayed out
Project Role Restrictions The userRole property in typeProperties filters which users appear in the dropdown based on their project role:
{ "typeProperties" : { "userRole" : "project_assignable" } }
Only users who have the project_assignable role appear as options in the dropdown, even if other users exist in Polarion.
Column Interaction Matrix User reference columns interact differently with other RISKSHEET features:
Feature Filtering Sorting Exporting User reference (read-only) By user (works) By user ID (works) User ID text (works) User reference (editable) By user (works) By user ID (works) Assigned user (works) In comparisons Changes highlighted N/A Shows diffs
Example Configurations FMEA Risk Owner { "header" : "Risk Owner" , "id" : "riskOwner" , "bindings" : "assignee" , "type" : "ref:user" , "typeProperties" : { "userRole" : "project_assignable" }, "width" : 130 , "readOnly" : false , "filterable" : true , "headerGroup" : "Ownership" }
FMEA Mitigation Assignee { "headerGroup" : "Mitigations" , "headerGroupCss" : "headMitigations" , "header" : "Assigned To" , "id" : "mitAssignee" , "bindings" : "task.assignee" , "type" : "ref:user" , "typeProperties" : { "userRole" : "project_assignable" }, "width" : 100 , "readOnly" : false , "filterable" : true }
HARA System Safety Assignee { "header" : "Responsible" , "id" : "safetyOwner" , "bindings" : "assignee" , "type" : "ref:user" , "typeProperties" : { "userRole" : "project_lead" }, "width" : 120 , "readOnly" : false , "filterable" : true , "sortable" : true }
Common Issues Dropdown Shows No Users Cause : The userRole property is set too restrictively, or no users have that role in the project.Solution : Change userRole to project_assignable or verify users have appropriate roles in Polarion project settings.Column is Read-Only When It Should Be Editable Cause : User lacks edit permission on the work item, or readOnly is explicitly set to true.Solution : Check user permissions in Polarion, or set readOnly: false in configuration (if you have permission to modify configuration).Assignment Not Saved Cause : Network error, permission issue, or session timeout.Solution : Check browser console for errors, refresh the RISKSHEET, and re-attempt assignment. Verify you have write permission to the field.Comparison with Assignee Field Type User reference columns use the ref:user type, which is similar to but distinct from Polarion’s native assignee field:
Aspect User Reference (ref:user) Native Assignee Configuration Via type: ref:user Native field binding User Role Filter Configurable via typeProperties Uses Polarion defaults Display Format User ID (e.g., user.smith) User name or ID Single Assignment Yes Yes Editing Requires readOnly: false Default editable Project Role Aware Yes Yes
KB Articles Source Code
GetSetUtil.javaRisksheetViewServlet.javarisksheet.jsonSheetConstants.tsAppConfig.ts 
