Custom Roles
Organization administrators can create custom user roles based on the organization's actual needs and flexibly define role names and permissions.
Add Role / Custom Role
- Click on "Roles and Permissions" under Member Management to enter the roles and permissions management page.
- After clicking "Add Role" in the top right corner, input the role name and role description, then click "Next".
- You can configure role permissions by selecting:
Currently supported resources and permission points include:
| Resource | Permission Point | Permission Description |
|---|---|---|
| Organization | Settings | Permission for setting basic information of the organization, including organization name, description, logo, email, website, location, etc. |
| Project | Create | Permission to create projects within the organization; note: if using independent mode, the creator will be added as a project member by default. |
| Fork | Permission to fork projects within the organization. | |
| Settings | Permission for basic information settings of organization projects, including project name, description, modules, etc. | |
| Code | Push | Permission to push code within the organization's projects; note: if the project has protected branches, the rules of the protected branches take precedence. |
| Download | Permission to download code within the organization's projects, including clone and download zip package. | |
| Issue | Create | Permission to create issues within the organization's projects. |
| Update | Permission to update issues within the organization's projects, including setting issue assignees, labels, milestones, related PRs, boards, etc. | |
| Close/Reopen | Permission to close or reopen issues within the organization's projects; note: the creator of an issue defaults to having update permissions for the title and description, and close/reopen permissions. | |
| Pin | Permission to pin or unpin issues within the organization's projects; note: each project can pin up to 6 issues. | |
| Lock | Permission to lock or unlock issues within the organization's projects; when locked, only project members can participate in issue discussions. | |
| Project Label | Create | Permission to create labels within the organization's projects. |
| Update | Permission to update labels within the organization's projects. | |
| Delete | Permission to delete labels within the organization's projects. | |
| Milestone | Create | Permission to create milestones within the organization's projects. |
| Update | Permission to update milestones within the organization's projects. | |
| Delete | Permission to delete milestones within the organization's projects. | |
| Branch | Create | Permission to create branches within the organization's projects; note: if the project has protected branches, the rules of the protected branches take precedence. |
| Delete | Permission to delete branches within the organization's projects; note: if the project has protected branches, the rules of the protected branches take precedence. | |
| Tag | Create | Permission to create tags within the organization's projects; note: if the project has protected tags, the rules of the protected tags take precedence. |
| Delete | Permission to delete tags within the organization's projects; note: if the project has protected tags, the rules of the protected tags take precedence. | |
| Pull Request (PR) | Create | Permission to create PRs within the organization's projects. |
| Update | Permission to update PRs within the organization's projects, including setting PR assignees, labels, reviewers, testers, milestones, related PRs, boards, etc. | |
| Review | Permission to review PRs within the organization's projects. | |
| Audit | Permission to audit PRs within the organization's projects, including resetting all review statuses. | |
| Test | Permission to test PRs within the organization's projects, including resetting all test statuses. | |
| Merge | Permission to merge PRs within the organization's projects; note: if the target branch has protected branches, the rules of the protected branches take precedence. | |
| Close | Permission to close PRs within the organization's projects. | |
| Reopen | Permission to reopen PRs within the organization's projects. | |
| Comment | Create | Permission for comments within the organization's projects (including issue comments, PR comments, PR code reviews, commit comments, discussion comments), and organization discussion comments. |
| Resolve | Permission to resolve PR code review problems within the organization's projects, marking specific code review issues as resolved. | |
| Discussion | Create | Permission to create discussions within the organization's projects or organization-wide discussions. |
| Update | Permission to update discussions within the organization's projects or organization-wide discussions, including adopting answers for question-type discussions. | |
| Lock | Permission to lock or unlock discussions within the organization's projects or organization-wide discussions. | |
| Pin | Permission to pin or unpin discussions within the organization's projects or organization-wide discussions, including overall and single-category pins. | |
| Close/Reopen | Permission to close or reopen discussions within the organization's projects or organization-wide discussions. | |
| Board | Update | Permission to update organization boards, including updating board content, settings, adding custom field settings, etc. |
| Close/Reopen | Permission to close or reopen organization boards. |
- Organization and project member management permissions do not support customization.
- In custom permissions, only project label permissions are available; organization label permissions are not applicable. Organization labels are still managed and operated by organization administrators and maintainers.
- Some associated resource permissions exist in custom permission resources. When configuring custom role permissions, the system will automatically select dependent permissions.
Interdependent permission points include:
| Resource | Permission | Dependent Resource | Dependent Permission |
|---|---|---|---|
| tag | Create | Code | Push + Download |
| tag | Delete | Code | Push + Download |
| Code | Push | Code | Download |
| Project | Fork | Code | Download |
| PR | Merge | Code | Push |
| Board | Update | Issue + PR | Update |
| Branch | Create | Code | Push + Download |
| Branch | Delete | Code | Push + Download |
| Milestone | Update | Issue + PR | Update |
- After completing the permission configuration, click "Save". If creation is successful, it indicates that the custom role has been created successfully.
- The newly created role will appear in the role list. On the left side of the role row, you can edit the role:
- Click "Edit" to edit the role name and role description.
- Click "Permission Edit" to reconfigure the role permissions.
- Click "View" to view the role name, description, and selected permissions.
- Click "Delete" to delete the custom role.
Custom Role Restrictions
When creating custom roles, please note:
- Maximum Number of Roles: Each organization can create up to 50 custom roles.
- Role Name: Role names must be unique and cannot duplicate system preset role names.
After creating the role, you can start inviting members. Invited members will be assigned all the permissions configured for the role.