External Staff Control

(Redmine Plugin)

Protect your Intellectual Property !

The External Staff Control Plugin adds a security layer to your Redmine by classifying users into internal and external staff.
This plugin supports you to prevent external staff to gain access to internal information of your company without your consent.
External users only see projects they are member of. Internal users will experience the same Redmine functionality as they always have without any restrictions.

Features:

  • handle the access permissions of all users according to the least privilege principle
  • access control for projects, issues, wikis, links, issue history, news, activities, etc.
  • access violations are reported in your Redmine logfile
  • Dead links are rendered as restricted links

General resource visibility comparison (external vs internal user)

The illustration on the left provides a general overview of the difference in resource visibility between an external and internal user. The visibility restrictions for external users apply for all resources in the respective projects.

Resource Access Permission

Fully control the permissions of your internal and external staff. The plugin follows the least privilege principle to protect your assets. Every new user in your Redmine gets status “external staff”. As soon as you classify a user as “internal staff”, the user gets access to all public projects.

URL Crawling Protection

URL crawling is prevented by redirecting unautorized access (403) warnings to a resource not available (404) notification. This prevents that the existence of certain projects will be revealed by simply crawling through possible project names or iterating the issue counter.

Protected Project View

Project View Comparison (internal vs. external staff)

External users only see projects they are member of. Internal users will experience the same Redmine functionality as they always have without any restrictions.

Managed Issue Rendering

Issue View Comparison (internal vs. external staff)

External users only see information related to the project they are a member of. Items which link to information of a project inaccessible to the external user, history entries, a related issue list item, wiki page links, issue links, etc., are hidden by the External Staff Control Plugin.

System Requirements

Redmine:
Ruby:
Database:
Operating System:

3.4 – 4.2
2.3 – 2.7
MySQL, PostgreSQL, Microsoft SQL Server
Microsoft, Linux

Release Note

External Staff Control v1.1.0
Compatible with Redmine 4.2.x, 4.1.x, 4.0.x, 3.4.x.
Simplified installation process across all compatible Redmine versions.

Online Demo
free
  • 24h full version trial
  • no signup
  • .
  • .
  • .
  • .

popular
Single Server License
245
  • unlimited users
  • covers all standard Redmine features
  • URL Crawling Protection
  • dead link rerendering
  • 12 month support + updates
  • license for 1 production environment

Multi Server License
833
  • unlimited users
  • covers all standard Redmine features
  • URL Crawling Protection
  • dead link rerendering
  • 12 month support + updates
  • license for unlimited production environments