Set permissions and access for testing
Azure DevOps Services | Azure DevOps Server 2022 - Azure DevOps Server 2019
To fully utilize Azure Test Plans, it's crucial to understand and configure the necessary permissions and access levels. This article outlines the steps, so you can do the following tasks:
- Grant access to manual testing features
- Manage test plans and test suites
- Set permissions for creating and deleting test artifacts
By following these guidelines, you can ensure that your team has the appropriate access to efficiently manage and execute test plans.
To manage access to manual test features, you can grant specific permissions to users or groups at the object or project level for the following tasks:
- Object-level (Area path):
- Edit work items in this node: Add or edit test-specific work items like test plans, test suites, and test cases.
- Manage test plans: Modify test plan properties, such as build and test settings.
- Manage test suites: Create, delete, and modify test suites.
- Project-level:
- Manage test configurations: Add or edit test configurations and variables.
- Manage test environments: Adjust test plan settings.
- Create test runs.
- Delete and restore test-specific work items.
- Delete test runs.
Test controllers, used for load tests, are managed at the organization or collection level. For more information, see Install test agents and test controllers.
Prerequisites
- Access levels:
- Have Basic + Test Plans access
- Or have specific subscriptions like Enterprise, Test Professional, or MSDN Platforms.
- Permissions:
- To manage project or object-level test-related permissions or to permanently delete test artifacts, be a member of the Project Administrators security group.
- To manage access levels or organization-level permissions, be a member of the Project Collection Administrators security group or have your Edit instance-level information set to Allow.
- Access levels: Be a member of the Azure DevOps Server Administrators security group.
- Permissions:
- To manage project or object-level test-related permissions, be a member of the Project Administrators security group.
- To manage collection-level permissions or manage access levels, be a member of the Project Collection Administrators security group, or have your Edit instance-level information set to Allow.
For more information, see About access levels and Change access levels for users or groups.
Grant access to manual testing features
For full access to Test Plans, users must have Basic + Test Plans access level. Users with Basic access and permissions to permanently delete work items and manage test artifacts can only delete orphaned test cases.
Manage test plans and test suites under an area path
Do the following steps to grant permissions for managing test artifacts at the area path level.
Sign in to your project (
https://dev.azure.com/{Your_Organization/Your_Project}
).Select Project settings > Project configuration.
Select Areas > ...(ellipses) > Security.
Set the permissions for Manage test plans and Manage test suites to Allow.
Set permissions for managing test artifacts
When it comes to testing artifacts like test plans, test suites, and test cases, the process for deleting them is distinct from deleting nontest work items.
Users with Basic access and with permissions to permanently delete work items and manage test artifacts can only delete orphaned test cases. That is, they can delete test cases created from Work that aren't linked to any test plans or test suites.
Important
When you delete test artifacts like test plans, test suites, and test cases, note the following information:
- Permanent deletion: We only support permanent deletion of these artifacts.
- No recycle bin: Deleted test artifacts don’t appear in the recycle bin and you can't restore them.
- Associated child items: Deletion affects associated child items, including child test suites, test points across all configurations, testers (the underlying test case work item remains unaffected), test results history, and other related history.
- Removal from TCM data store: The deleted test artifact is removed from the test case management (TCM) data store, and the underlying work item is deleted.
- Child item deletion: A job runs to delete all child items both from the TCM side and the underlying work items. This process may up to a few minutes depending on the number of artifacts being deleted.
- Irreversible deletion: All information in the work item tracking data store and TCM data store is permanently deleted and cannot be reactivated or restored.
Note
To turn on the Project Permissions Settings Page preview page, see Enable preview features.
Do the following steps to set permissions for managing test artifacts.
Sign in to your project (
https://dev.azure.com/{Your_Organization/Your_Project}
).Select Project settings > Permissions.
Select a user or group.
Select from the dropdown menus to change the permissions for each item.
In the following example, we grant users assigned to the Team Admin group permissions to view test runs and manage test configurations and environments.
Updated permissions automatically save.
In the following example, we grant members assigned to the Test Admin group permissions to delete test runs.