#Creating Roles – Workspace & Project Permissions Guide
Roles define what users can see and do in Hawzu. They are the foundation of access control and are used across workspaces, projects, and groups.
Hawzu supports two types of roles:
- Workspace Roles – Control access at the workspace level
- Project Roles – Control access within individual projects
You can use system roles out of the box or create custom roles tailored to your organization.
#Role Types in Hawzu
#Workspace Roles
Workspace roles apply across the entire workspace.
System Workspace Roles:
- Owner
- Workspace Manager
- Workspace Coordinator
- Workspace Member
- Workspace Viewer
Workspace roles control:
- User and group management
- Project membership and role assignment
- Workspace-level settings
- Audit logs and integrations
#Project Roles
Project roles apply within a specific project.
System Project Roles:
- Project Manager
- Project Coordinator
- Project Member
- Project Viewer
Project roles control:
- Test cases, executions, and releases
- Defects and requirements
- Project-level configurations
#Creating a Workspace Role
Workspace roles define what a user can manage or view at the workspace level.
#To create a workspace role:
- Navigate to Workspace → Roles
- Click Create Workspace Role
- The Create New Workspace Role modal opens
#Workspace Role Fields
Role Name
A unique and descriptive name (required)
Role Description
Optional explanation of the role’s purpose
#Workspace Permission Categories
Workspace permissions are grouped for clarity.
#Visibility Permissions (Read-only)
Control what the user can see across the workspace:
- Browse Projects
- View Users
- View Workspace Roles
- View Groups
- View Custom Fields
- View Parameters
- View Integrations
- View Access Tokens
- View Audit Logs
- View Workspace Settings
Ideal for auditors, reviewers, or read-only users.
#Project Coordination Permissions
Control project membership management:
- View Project Membership
- Add Users to Projects
- Remove Users from Projects (except Project Managers)
- Assign Project Roles (except Project Managers)
#Group Management Permissions
Control workspace group operations:
- View Groups
- Create Groups
- Edit Groups
- Delete Groups
#Creating the Role
- Select the required permissions using toggles
- Use Select All for quick configuration (optional)
- Click Create Role
The role is now available for assignment to users and groups.
#Creating a Project Role
Project roles define what users can do inside a project.
#To create a project role:
- Navigate to Project → Roles
- Click Create Project Role
- The Create New Project Role modal opens
#Project Role Fields
Role Name
Unique name within the project (required)
Role Description
Optional description
#Project Permission Categories
Permissions are grouped by feature area.
#Requirements
#Releases
#Executions & Test Runs
- View
- Create Execution
- Update Execution
- Execute Tests
#Test Cases
#Test Suites
#Shared Steps
#Custom Fields
#Parameters
#Defects
Each permission can be enabled independently.
#Creating the Role
- Enable permissions as required
- Use Select All within a category if needed
- Click Create Role
The project role is now available for assignment.
#Role Assignment & Inheritance
Roles can be applied in multiple ways:
- Direct Assignment – Assigned directly to a user
- Group-Based Assignment – Inherited from group membership
- Combined Access – User has both direct and inherited roles
#Best Practices for Role Design
#Keep Roles Purpose-Driven
Create roles based on responsibility, not individuals.
Examples:
- QA Lead
- Test Executor
- Release Coordinator
- Auditor
#Prefer Groups Over Direct Assignment
- Assign roles to groups
- Add users to groups
- Reduces maintenance and errors
#Use Least Privilege
- Grant only the permissions required
- Avoid overloading roles with unnecessary access
#Separate Workspace and Project Concerns
- Workspace roles → governance & administration
- Project roles → execution & delivery
#Audit Regularly
- Review custom roles periodically
- Remove unused or overlapping roles
- Validate inherited access paths
#When to Use Custom Roles
Create custom roles when:
- Teams need fine-grained permissions
- Default roles are too broad
- Compliance or audit requirements exist
- Different teams work in the same project with different responsibilities
#Next Steps