Hub 2023.1 Help

Default Roles

Hub provides a set of predefined default roles: System Admin, Project Admin, Contributor, and Observer. For a comparison of the default permissions granted to default roles, see Permissions Comparison for Default Roles.

You cannot delete the System Admin, Project Admin, or Contributor roles. However, you can update the set of permissions that are assigned to these roles, change their names, and modify their descriptions.

If you want to create a custom set of permissions that are available to a group or user account, you can create new roles or edit predefined roles.

System Admin

The System Admin role is intended for use by the users who are responsible for the administration of your Hub installation.

This role is assigned all available permissions in Hub.

Project Admin

The Project Admin role is intended for use by the users who manage projects. The following permissions are assigned to this role by default:

  • Read Organization

  • Read Project Basic

  • Read Project Full

  • Create Project

  • Update Project

  • Read Role

  • Create User

  • Read User Basic

  • Update Self

  • Create Group

  • Read Group

  • Update Group

  • Delete Group

Contributor

The Contributor role is intended for use by the users who are members of a project team.

Starting from version 2023.1, this role logically replaces the Developer role used in older versions of Hub. The difference between the Contributor and the Developer role is that the Developer role doesn't include the Read User Full permission.

To prevent permission escalation, both roles coexist in Hub installations that were upgraded from versions older than 2023.1. The Developer role remains in the existing projects, while the Contributor role is the default team role for the projects created after the upgrade to 2023.1.

This role is assigned the following permissions by default:

  • Read Organization

  • Read Project Basic

  • Read User Basic

  • Read User Full

  • Update Self

Observer

The Observer role is intended for use by users who monitor the progress of a project. This role basically enables read-only access for a project. This role is assigned the following permissions by default:

  • Read User Basic

  • Update Self

Last modified: 27 October 2023