Users with read&write permissions on a project are able to delete and create views. Since everyone who works on a projekct needs read&write permission effectively everyone has the right to delete and create views, which is dangerous especially for kanban views (because buckets are lost on deletion, see Buckets lost when kanban view is deleted and restored).
I propose to change that only admin users of a project should have the right to manage views
1 Like
Makes sense. I’ve added an item to the backlog for this. Since views are a new feature, I’ll try to add this in time for the next stable release, which will also contain views.
Now implemented in 1074a8d916 - please check with the next unstable build (ready in ~45min).
1 Like
(just realized my test and conclusion where totally off - coming back later to this)
Checked with v0.23.0+546-e88f95e501 and a user with read+write in a project is still able to create and delete views on that project
Looks like I broke a test and because of that no unstable build was done. This should now be fixed, please check again when this ci build is done successfully (again, ~45min).
2 Likes
Says “Only project admins can edit views” now Thank you!
1 Like