#System Roles
System roles are built-in roles provided by Hawzu. They are available as
standard role choices and appear with the System badge on the roles page.
System roles are read-only reference roles. They cannot be edited or deleted
from the role details view.
#Workspace Roles
Workspace roles control access across the workspace.
#Workspace Owner
The Workspace Owner is a protected workspace ownership role with broad
control. This role cannot be removed or downgraded by others.
#Workspace Manager
Workspace Managers are administrators of the workspace. They can manage users,
groups, roles, and workspace-level configuration except ownership and deletion.
They have full access to every project by default.
Allowed actions
- Access all projects with full privileges
- Add or remove users from the workspace
- Assign and update system roles below Manager
- Manage custom roles, groups, integrations, and access tokens
- Create, update, and delete projects
- View audit logs when available
- Manage workspace settings
- Modify project settings for any project
- Perform project work across projects
Restricted actions
- Cannot delete the workspace
- Cannot transfer ownership
- Cannot change or downgrade the Workspace Owner
- Cannot remove or modify Workspace Manager peers when restricted by workspace rules
Special rules
- Does not need a project role to access or participate in any project
- Always assignable inside any project
- Has authority across all projects even when not explicitly added
#Workspace Coordinator
Workspace Coordinators are operational leads who help manage project membership
and support execution across multiple projects. They do not have access to
workspace-level security or administrative settings.
Allowed actions
- View the project list and access assigned projects
- Add users to projects they manage when allowed
- Assign project roles inside projects they belong to
- Participate fully in assigned projects
- Create and edit project work based on their project role
- View the workspace user list when available
Restricted actions
- Cannot invite or remove users from the workspace
- Cannot modify workspace system roles
- Cannot manage integrations, custom roles, or access tokens
- Cannot delete or modify workspace settings
- Cannot see workspace-wide audit logs
- Cannot access projects they are not explicitly added to
Special rules
- Must have a project role to participate in a project
- Cannot override Workspace Manager or Owner authority
#Workspace Member
Workspace Members are standard users who can participate in projects they are
added to. They do not have workspace-level visibility or administrative access.
Allowed actions
- Access only projects they are added to
- Perform actions based on their project role
- Update their own profile settings
- View only information related to assigned projects
Restricted actions
- Cannot see workspace-wide user lists
- Cannot see groups, roles, custom fields, or integrations
- Cannot create or delete projects
- Cannot join projects without invitation
- Cannot modify workspace settings
Special rules
- Must have project roles to access project content
- Keeps a minimal workspace footprint
#Workspace Viewer
Workspace Viewers have read-only visibility across the workspace and cannot be
assigned to projects or participate in project activity.
Allowed actions
- View the list of all projects at a high level
- View workspace users and groups as read-only information
- View workspace roles as read-only information
- View global dashboards and summaries
- View workspace settings as read-only information
Restricted actions
- Cannot access project content
- Cannot be assigned a project role
- Cannot participate in executions or workflow
- Cannot modify anything
- Cannot see integrations, tokens, custom fields, or audit logs
Special rules
- Workspace Viewer can never be added to any project
- Restricted to observational visibility
#Project Roles
Project roles control access inside specific projects.
#Project Manager
Project Managers control configuration and activity within specific projects.
They can manage project work and team assignments inside the projects they
manage.
Allowed actions
- Manage project roles and membership
- Manage project settings
- Create, update, and delete project work
- Create, update, and delete releases
- Create, update, and delete test cases, requirements, steps, and parameters
- Execute and manage runs
- Manage project-scoped custom fields
- View reports and analytics
- Delete items inside the project
Restricted actions
- Cannot delete the project
- Cannot bypass workspace-level permissions
Special rules
- Workspace Manager and Workspace Owner outrank Project Manager
#Project Coordinator
Project Coordinators help manage project content but do not have destructive or
administrative capabilities. They are operational leads inside a project.
Allowed actions
- Create and update requirements, test cases, defects, parameters, and shared steps
- Execute test runs
- Create execution cycles
- Comment and upload attachments
- Perform contributor-level actions
Restricted actions
- Cannot delete major items such as requirements, test cases, or releases
- Cannot manage project roles or users
- Cannot change project settings
- Cannot manage project custom fields or integrations
- Cannot delete runs or cycles
#Project Member
Project Members are contributors who participate in testing activity but cannot
create structural project work.
Allowed actions
- Execute test runs
- Add comments
- Update test statuses
- Upload attachments
- View project work
- Report defects
Restricted actions
- Cannot create requirements or test cases
- Cannot modify structural content
- Cannot manage project settings
- Cannot add or remove users
- Cannot manage releases or custom fields
#Project Viewer
Project Viewers have read-only access to a project. This role is useful for
stakeholders or clients who need visibility without participating.
Allowed actions
- View project work such as test cases, requirements, defects, runs, releases,
and reports
Restricted actions
- Cannot execute runs
- Cannot comment or upload attachments
- Cannot create or update anything
- Cannot delete anything
- Cannot manage project roles or settings
#Next Steps