Share via


Set permissions and access for testing

TFS 2017 | TFS 2015 | TFS 2013

To exercise the full features of Azure Test Plans, you must be granted Basic + Test Plans access level or have one of the following subscriptions:

In addition, you can grant or restrict access to various manual test features by granting users or groups specific permissions for an object or project. Many test artifacts correspond to test-specific work item types. So, work-tracking permissions apply to test-specific work items, such as test plans, test suites, test cases and more. You set permissions for work items and manual testing features for area paths and at the project-level. You set permissions to manage test controllers at the organization or collection level. Test controllers are used in performing load tests.

Prerequisites

  • To manage access-levels, you must be a member of the Azure DevOps Server Administrators group.
  • To manage project or object-level test-related permissions, you must be a member of the Project Administrators security group.
  • To manage collection-level permissions or manage access levels, you must be a member of the Project Collection Administrators security group, or have your Edit instance-level information set to Allow.

For more information, see the following articles:

Grant access to manual testing features

To have full access to the Test feature set, your access level must be set to Basic + Test Plans. Users with Basic access and with permissions to permanently delete work items and manage test artifacts can only delete orphaned test cases.

Manage test plans and test suites under an area path

Area path permissions let you grant or restrict access to edit or modify test plans or test suites assigned to those areas. You can restrict access to users or groups.

In addition to the project-level permissions set in the previous section, team members need permissions to manage test artifacts which are set for an area path.

Open the Security page for area paths and choose the user or group you want to grant permissions.

Open Area path permissions for the project

Set the permissions for Manage test plans and Manage test suites to Allow.

Set Area path permissions for the project

Set permissions to create and delete test artifacts

While test artifacts such as test plans, test suites, test cases, and so on are types of work items, the method for deleting them differs from deleting non-test work items.

Important

We only support permanent deletion of test artifacts such as test plans, test suites, test cases, shared steps and shared parameters. Deleted test artifacts won't appear in the recycle bin and cannot be restored. Deletion of test artifacts not only deletes the selected test artifact but also all its associated child items such as child test suites, test points across all configurations, testers (the underlying test case work item doesn't get deleted), test results history, and other associated history.

When you delete test artifacts, the following actions occur:

  1. Removes the deleted test artifact from the test case management (TCM) data store and deletes the underlying work item
  2. Runs a job to delete all the child items both from the TCM side and the underlying work items. This action may take time (up to a few minutes) depending on the number of artifacts to be deleted.
  3. Causes all information in the work item tracking data store and TCM data store to be deleted and cannot be reactivated nor restored.

You must be a member of the Project Administrators group or have the Delete test runs permission set to Allow. You must also have your access level set to Basic+Test Plans or Advanced, which provides access to the full Test feature set. Users with Basic access and with permissions to permanently delete work items and manage test artifacts can only delete orphaned test cases. That is, they can delete test cases created from Work that aren't linked to any test plans or test suites.

For more information, see Delete test artifacts.

As a project admin you can grant a user, team group, or other group you've created to have these permissions. Open the Security page for the project and choose the user or group you want to grant permissions. To learn how to access project-level Security, see Change project-level permissions.


In this example, we grant members assigned to the Test Admin group permissions to delete test runs.

Set project-level permissions for a custom group, Team Admin

Set permissions to manage test controllers

Test controllers are used to perform load testing. To learn more, see Overview of test agents and test controllers for running load tests.

To set permissions for managing test controllers, open Organization settings and choose Security or Permissions. Choose the group you want to grant permissions. To learn how to access organization or collection-level Security, see Change project collection-level permissions.

In this example, we grant members assigned to the Team Collection Admin group permissions to manage test controllers.

Set project-level test permissions for a custom group, Team Admin