You can use the security features to extend the ability to run
certain jobs to one of your access groups. For example, you might
have a group of device driver programmers that you want to allow to
run jobs that are relevant to their work, without cluttering their
view of the system with other jobs. However, you do not want to allow
the programmers to edit the jobs. To create this scenario:
- Create an access group for this role in your organization (for
example, DeviceDriverDevs).
- Assign the new access group as the Access property
of all the projects you want the users to be able to run.
- Make sure the steps of the projects have appropriate Access properties
also. Any steps that the users do not have access to are skipped when
the job runs.
- Assign the permission Execute Builds to the group.
- Add all the users who need to launch these builds to the new DeviceDriverDevs
group. You may also need to make administrators of the system members
of the group. When you change the Access property of the projects,
users who are not members of the DeviceDriverDevs group lose the ability
to view, run, or edit the project.
Note that users can be members of many groups, and permissions
are cumulative. You could have a group for another project team (for
example, PlatformDevs) and a user who was a member of both groups
would be able to view and launch projects that had either group set
as the Access property.