Join 34,000+ subscribers and receive articles from our blog about software quality, testing, QA and security.

User with Read Only access can still add/edit?



I have created a new user with read only access, but I found that the user can still add results and seems to have full editing privileges.
I have checked that the read only role does not have any of the add/edit permissions ticked.
Has anyone run into this problem before? Is there something more I need to do other than set them as read only?
Many thanks in advance,


Hi Lisa,

Thanks for the post. If a user is set to read-only but they are still able to make changes it is likely they may have alternate permissions set on a project level, or they are a member of a user group that has project-specific permissions.

I’d recommend checking the project level first by going to Administration > Projects, then going into the configuration for the project that they were able to make changes to. On the project configuration page, go to the “Access” tab, and locate the user in the list. On that page, you’ll see a column for global role, showing the user’s default permissions, and the next column will show any project specific roles that have been assigned to them. If there is no option selected there it will default to the global role.

Beyond that, you will also want to check on the same access tab if there are any user groups created that have project-level permissions. Again, if nothing is selected it will default to each user’s global role, but if a user is in a group that has project specific permissions selected, it will override the default user role. If any groups there are listed with permissions selected, go back to edit the user and remove them from any groups if necessary.

If you’d like, you can find more details about setting up user permissions in the guide here:

If you’ve checked the above and you’re still having issues with read-only users being able to make unwanted changes, please reach out to the support team at and we’ll be happy to help.


Hi Jacob,

Thanks for the info, that has sorted out the issue.