Asana User Permissions

users
permissions

#64

Thanks Myroslav_Opyr, this works - If I know that something was deleted. My problem is that with a few hundred projects & about 4 thousand active tasks, it has become difficult to even know if a task was deleted.


#65

Exciting news! Check it out here: New: Comment and View Only Permissions


#66

Thank you for the new feature of Comment and View Only Permissions.

But Asana still needs further member permission management feature urgently.
Imagine, any team member, even a member who is out of the company has permission to delete the whole team along with all its tasks and projects. This is unbelievable.


#67

“Only Comment” is a great first step.
Now we wait the real user right management tools!


#68

Exciting announcement number two! Now you can set Boards as comment-only :slight_smile:


#69

Comment only is great but our organization is also finding the need to restrict who can create custom fields, create new tags, and archive/delete projects.


#70

I have a payments project which is divided by sections so we can add payments to each section. (Each section is a internal company) that way we know from which company need some to be paid each payment. Someone in my team accidentally deleted one of these sections so we now lost all historical data regarding payments of that section as they all moved to another section and we can’t differentiate which are from the deleted section and the real for the current section.

With a simple user permission to add tasks but not delete or at least not permanently delete task this would never happen :frowning:


#71

Is there any way to lock down comment fields permanently, so that once a comment has been entered and time-stamped, it can’t be edited or deleted? Or, is there any type of custom field that has this attribute?

Use case: I am helping a client use Asana to manage company goals. Sub-tasks are quarterly goals, and the goal-owners update the status of each goal 2x per quarter, using comments to the sub-tasks. When I showed the template to the CEO, his first question was, “Can users delete or change the content of a comment once it has been entered?” His concern is that he wants a permanent historical record of all updates on performance that can’t be altered or deleted, including by the person who entered an update. Is there any way to achieve this in Asana?


#73

I have to chime in here also. Asana user permissions are absurd, normal users have way too much ability to muck things up, whether intentionally or not. One of the team members I onboarded said he was afraid because it felt like he had admin permission and wanted me to doublecheck that I set up his account right, this was after he already accidentally modified things.

Comment-only projects is a great step in the right direction. Though this is too limited, such as there being no ability to apply comment-only to recurring tasks. Even when the tasks are part of that comment-only project, once they are marked completed, they recur with a project-less state.

As the business owner trying to lock business operations in to a trusted system, I feel like I’m programming on a foundation of quicksand with Asana. There’s a lot that I really love about Asana, and it’s really disheartening to think that I have to go back to researching options for software that I can really build my business on.


#74

Beware! Your data is at risk!!!

I have been using Free version of Asana (below 15 member team). Today one of my team members demonstrated how privacy & data security could be breached.

  1. I invited one of the team members via his office email id
  2. He receives email, using which he creates his account and starts using asana
  3. One day, he changes his email id from that of office to his personal
  4. How he has access to all information, notes, tasks, attachments thru his personal email which he can access whenever and wherever.

I also do strongly believe that that there has to be user mgmt with admin having most of the rights.

This is dangerous!


#75

I envision Following rights

  1. Add / Delete Users
  2. Create Task / Delete Task
  3. Edit Task
  4. Change profile info
  5. Change email id
  6. See reports
  7. View Task

#76

Umm… he has no more access than when he used the work email? What stopped him from accessing it whenever wherever with work email? That’s how asana works.


#77

Agreed: Too often some people feel the need to loop in the world which creates discussions beyond the scope of the task.


#78

Any updates on user permissions? Read-only, comment-only, edit rights, etc.; we’d like to increase transparency into projects by inviting specific users as view-only or comment-only but don’t want them to have edit access.


#79

I have voted for change. see top of thread for vote button