Symptoms
Permission Enforcement Flow
Risksheet applies multiple layers of permission checking when a user attempts to edit a cell. Understanding this flow helps diagnose which layer is blocking (or failing to block) an edit:Fix 1: Enable Instance Field Permissions
By default, Risksheet does not enforce Polarion’s per-instance field restrictions because the native “Read-only Fields” property has no API. To enable field-level permission checking based on Polarion’s Permissions Management, set the following project property in Polarion administration:- Open Polarion Administration for your project
- Navigate to project properties or global administration
- Add or modify the property
nextedy.risksheet.checkInstanceFieldPermissions - Set the value to
true - Reload the Risksheet page
Fix 2: Understand System Field Restrictions
Certain system fields are always read-only in Risksheet regardless of any permissions configuration. Save attempts to these fields are silently ignored:
Additionally, columns are automatically set to read-only in the following cases:
You can also explicitly mark any column as read-only in the configuration:
Fix 3: Resolve Formula-Permission Conflicts
When formula-generated fields interact with permission restrictions, unexpected save failures can occur. This is a subtle issue that typically surfaces after data migrations or Polarion upgrades. The conflict sequence:- A formula recalculates a value (for example, auto-generating the
titlefield from hazard + effect) - The recalculated value differs from the stored value (for example, titles were truncated to 80 characters during a Polarion migration, but the formula generates the full-length title)
- Risksheet detects a change and marks the item as edited
- On save, Risksheet attempts to write the recalculated value
- Permissions block the save because the field is read-only in the current status (e.g., “Approved”)
- The save fails with a permission error, even though the user only changed a different field (e.g., status)
- Open the browser developer console (
F12) - Attempt the save operation
- Look for error messages indicating which fields triggered the permission check failure
- Compare the formula output with the stored value in Polarion’s work item editor
- If the values differ, the formula is regenerating a value that does not match what is stored
- Correct the stored values: Update the stored values in Polarion to match the formula output (e.g., fix truncated titles by editing them in Polarion’s native editor while the item is in a draft status)
- Temporarily change status: Move the work item to a status that allows editing, save the formula-recalculated values, then move back to the restricted status
- Use Check Stored Formulas: Navigate to Menu > Rows > Check stored formulas to identify all formula values that differ from stored values
Fix 4: Configure Downstream Item Permissions
To prevent editing of downstream linked items (tasks from other documents or projects), use thedownstreamReadonly configuration setting:
downstreamReadonly is set to true:
- Task cells linked from other documents appear as read-only
- Task creation is blocked for read-only items (the
canExecutecheck prevents it) - The context menu hides “Add Task” options for read-only downstream items
downstreamReadonly property defaults to false.
Additionally, task-level read-only state is tracked separately from master item state. The system uses systemTaskReadOnly and systemTaskReadOnlyFields to control which specific task fields are editable, independent of the parent risk item’s permissions.
Fix 5: Resolve Item Creation Permission Errors
If you see the error message:- Verify the user’s project role in Polarion Administration
- Ensure the role grants “Create Work Items” permission
- Check if the user has write access to the specific document where the Risksheet is embedded
- Verify the user is not using a Reviewer license (see Fix 6)
Fix 6: Handle Reviewer License Restrictions
If you see the message:- Reviewer license: Read-only access. The
reviewermode activates, restricting editing and showing review-specific UI controls - Named User license: Full read-write access based on project permissions
Fix 7: Handle the Child Document Bug
There is a known issue where items from child documents may appear editable in the grid, but the save operation fails with a permission error. This happens because Risksheet cannot always detect the correct permission state for items inherited from child documents. Symptoms:- Cells for child document items show as editable (clicking activates the editor)
- Typing a new value works, but clicking Save produces an error
- The error indicates a permission denial for the specific field
The child document editing bug fix status should be verified against the current Risksheet release notes. If you encounter cells that allow editing but block saves for items originating from child documents, this is the known issue. Future versions address the permission detection for child document items.
Verification
After applying the fixes above, you should now see:- Fields correctly marked as read-only for work items in restricted statuses (cells display with the
readonlyCSS class) - Clicking non-editable cells does not activate the cell editor
- Formula-generated fields no longer trigger save failures when stored values match formula output
- The
You do not have permissions to create new items.error resolves after granting project permissions - Downstream task cells respect the
downstreamReadonlysetting - Permission-restricted fields are indicated visually in the grid (read-only cells have a distinct appearance)
See Also
- Cell Editing Issues — general editing problems and read-only cell behavior
- Save Operation Failures — save-related errors and conflict resolution
- Access Denied Errors — access control, project permissions, and licensing issues
- License Validation Errors — license activation and validation failures
- Date Column Save Errors — date-specific save issues related to format property bug
- Error Messages Reference — complete error message catalog