Asana User Permissions

Thanks Sara for your reply.
“Few weeks ago” maybe some months ago in fact… but there’re details.

I think ASANA needs to distinguish what is feature and what is bug.

A guest who can modify a task wrote by the project admin, or a operator that can modify a task and complete it without the check of the assigneer… for me it’s a security bug.

And how you rightly teach to me (in the wonderful WAVELength blog) bug is ever a priority.

Thanks

2 Likes

Hi All,

I am exploring Asana after encountering the same issue at another popular kanban app that sounds like jello :slight_smile:

I had invited someone to be a team member. Things went well until he started exploring for himself. One day & unknown to me, he moved one of my cards to his own private board!!! I saw a notification that he moved the card to “another board” and when I clicked the link, it said I have no permission to access his board LOL

As one of the other users said, this was probalbly accidental. But … what if one day a team member falls out and sabotages the system by deleting or amending projects and tasks?

Admittedly, team members ought to have the ability to contribute to projects … but let that be by way of comments on other members’ projects / tasks and not by way of editing or moving or deleting projects/tasks.

If anyone else has found an app that has this issue covered, please give me a heads up :slight_smile:

have a good day!

4 Likes

Hey guys,

Starting to expand use of Asana within my org. Previously, it was just used with senior managers, but now we’re pushing down to the next level of managers. Since I work in Africa, tech skills are sometimes lacking and worried about accidental task deletions. It would be great to restrict permissions for some users.

For example, Asana could use the “Team Settings” > “Member” tab. I currently only see the option to remove members. Better to create a matrix where the columns are different permission levels and the “admin” can check boxes for who has what permission. In this case, the “admins” would be the select members listed in the “Team Settings” > “Advanced” tab that had approval rights for admitting new members.

NB: Currently not on a paid Asana plan, but would jump to it with better permission controls. :slight_smile:

A use case for me might be using Asana for notes, policies or research. These are things we don’t want to loose. Asana could be a great place for keeping permanent notes and SOPs, but the possibility that an employee might delete said notes is a real risk. Imagine using Asana for an employee handbook … only to discover that some vacation policy has disappeared.

I’d love to see at least a project level permission where tasks within the project can have multiple project owners (who CAN edit tasks), but the same project can also be viewed by others who only have “view” capability.

Perhaps the project could have a permissions checkbox that owners set up that allows for permissions for non-owners to: see or not, edit or not, comment or not.

3 Likes

Adding this thread here: Desperately Needed: Member permission levels (admin, read-only, editor, etc.). This is the real show-stopper for Asana. Please look at this thread with the examples of how other companies do this easily.

4 Likes

Hi ASANA,
this thread has more than 3 months.
Do you plan something?
Are you studying something about?

Thanks.

1 Like

We have the same issues. Allowing everyone the ability to change the due dates inside a project is a serious concern. As the owner of a project, other members should not be able to change dates, delete tasks, reassign them, etc.

2 Likes

We have just rolled out Asana to our team for content management, workflow and calendar. The biggest flaw for us is that anyone that is a member of our group can add, delete, change anything at any time. We need some members to be “view (or read) only,” where they can see all the activity around tasks and the calendar, some to be “editors” for certain projects, etc. Even though we have asked people not to change certain things, once they had access they did by accident. This feature is very common is platforms like Dropbox, Google sheets/calendars and others where multiple people access the same content. I almost considered this a fatal flaw to not use Asana at all, but decided to give it a try.

3 Likes

Bear in mind, that task can belong to multiple projects, Projects belong to the teams. read-only permission is quite difficult to do right, since in one project you can have editor rights and in other - read-only, which should preveal? Should having “editor” permission in at least one project allow editing all tasks that belong to the project? What about having collaborators to a task, should “collaborators” be split into “readers” and “editors” or every collaborator should get level of involvement (editor/reader)? Should Custom Fields introduced in read-only project be not editable, but in “editor” project to be editable?

These questions raised above reveal all complexities of feature that you are requesting. And there is no simple answer. Current editor/no-access is much simpler, and works in majority of cases. But I do see valid points in your request. Unintentional or intentional vandalism can be a real problem, especially in bigger organizations. That’s just statistics.

2 Likes

Then maybe it’s a combination of task/project permission levels and member permission levels. Other platforms have dome this seamlessly with both asset permission and people permission. It’s very common. See these examples:

Dropbox:

Spredfast:

1 Like

+1, we need this same feature really bad. We use Projects for managing sprints and we need them to be locked down with only view access to certain members.

2 Likes

Yes, this is already a problem and we haven’t fully rolled Asana out to our team yet.

1 Like

Hello!

I am part of a huge organization, and it is very normal for an employee to get assigned to and removed from a team to be reassiged to another. In our team there has been lots who have left which meant that I had to remove them from the Asana team, remove them as collaborators in all corresponding tasks, and ultimately unassign them from all the tasks assigned to them. This is to ensure that they won’t be able to see and modify those tasks, since they’re no longer part of the team.

However, this manual activity has been very tedious especially for those members who’ve been in the team for so long, which meant thousands of tasks to be “cleansed.”

I have two (2) solutions for this:

  1. An option to “archive” a member from the team list. It’s as if removing them from the team (which means they won’t count towards the member limit), but still retaining the assignments / collaborators. Since they are marked as “archived” they won’t be able to see the tasks even if they are a collaborator / an assignee.
  2. An option to lock tasks for further modification and setting them as read-only

I think both solutions can work together.

I guess my goal is as follows:

  1. Make the rolling off of a member as smooth as possible. No need to perform tedious manual tasks
  2. To retain the information and still find the tasks assigned to / followed by an ex-member

Or actually, I have a third solution: To enable searching within stories.

  • was assigned to _____
  • was followed by _____
  • was modified by _____
  • etc.

This way, even if a member is removed from the team, and stripped off all his/her task assignments, the remaining team members could still be able to find his/her tasks, and that those info (assignee and collaborator) are retained.

What do you guys think?

Regards
Allen

5 Likes

Great ideas @LenSantos! We can understand the logic for this. The idea of user permissions is one that we discuss a lot at Asana. On the one hand, we can see how some users would want this and on the other it makes us wonder how to blend user permissions with one of the fundamental aspects of our product: transparency. That said, we do hear the suggestion. I, too, am curious to hear what others think.

5 Likes

I am a Project manager for a Web Agency, and I have had to struggle with the removal of past employees a few times recently. Also, I have over 50 projects at once in my planning, which I need to assign to the appropriate team member for different reasons.

My job goes with follow-ups, client updates, team updates, tasks creation and assignment/reassignement, QA, etc. The problem I have is that I need to keep a tight deadline management, and when anyone can go in a taks and start changing the description, the due date and such, it makes it that much harder for me to keep track of what’s on time, what’s late and what’s past due.

As I do understand your concern for transparency, I would suggest the implementation of user roles in a way that lets everyone access the information, but only admins or Project Managers would have the ability to modify a deadline, change a description and assign tasks.

3 Likes

We use extensively asana for a few years now and while I understand the transparency point, you still need some limits, We had to fire one person for deliberately deleting tasks, then we had multiple deletions (mistakenly) for very important tasks that resulted in late fees, so we had to come up with other ideas for reminders of important task outside Asana. so please… please… get us this feature…

5 Likes

We are using a work around of printing things to PDF and sending instead of adding new member specifically because of the lack of permissions. It’s certainly not ideal, but we like the other features on Asana, so doing this for now. There are so many ways this can be done and many other products have this option. I hope this feature is added soon!

2 Likes

Hello there!
Any news on this subject? This is indeed a critical and much needed feature… Waiting for it to be implemented before onboarding my whole compnay to Asana…
Thanks!

6 Likes

Any updates on this? I use Asana to manage a team of 24 and tasks are frequently changed/moved/etc. by accident. It’s really annoying and I have to make a copy of every task and copy it to a personal section to keep a record to refer back to if something is changed.

It would be great if the project manager could make individual tasks read only at the least. I can’t imagine this would be too difficult and would be great temporary fix until further permissions/controls are introduced.

Asana support, are there any updates regarding a feature like this or do you have any better workarounds than the system I am currently using?

Thanks!

6 Likes

@Alexis can we have some sort of update on this? It seems to be very important to many, many users.

2 Likes