Lavagna HELP
  1. 1About
  2. 2Install
    1. 2.1Database
      1. 2.1.1MySql
      2. 2.1.2MariaDB
      3. 2.1.3PostgreSQL
      4. 2.1.4HSQLDB
    2. 2.2Configuration
      1. 2.2.1Self contained
      2. 2.2.2Servlet container
    3. 2.3Setup
      1. 2.3.1Step 1, Base url or import
      2. 2.3.2Step 2, Login provider configuration
        1. provider
        2. provider
        3. provider
        4. provider
        5. oauth providers
        6. oauth providers
      3. 2.3.3Step 3 Insert administator
      4. 2.3.4Step 4 Confirm
  3. 3Use Lavagna
    1. 3.1Project
      1. 3.1.1Create Project
      2. 3.1.2Project settings
      3. 3.1.3Edit Project
      4. 3.1.4Archive Project
      5. 3.1.5Delete Project
    2. 3.2Board
      1. 3.2.1Create Board
      2. 3.2.2Edit Board
      3. 3.2.3Archive Board
      4. 3.2.4Delete Board
    3. 3.3Columns
      1. 3.3.1Create a new column
      2. 3.3.2Special columns
        1. the backlog
        2. the archive
        3. the trash
      3. 3.3.3Change the name of a column
      4. 3.3.4Column menu
      5. 3.3.5Change status color
    4. 3.4Card
      1. 3.4.1Create a new card
      2. 3.4.2Access the card menu in a board
      3. 3.4.3Work with a card
        1. the card title
        2. the card description
        3. a label
        4. the card
        5. the card due date
        6. the card to a milestone
        7. with people
          1. the card to a user
          2. operations
        8. with action lists
    5. 3.5Labels
      1. 3.5.1Use labels
      2. 3.5.2Manage labels
        1. a label
        2. a label
        3. a label
    6. 3.6Milestones
      1. 3.6.1Use milestones
        1. a milestone
      2. 3.6.2Manage milestones
        1. a new milestone
        2. a milestone
    7. 3.7Search
      1. 3.7.1Filters
        8. by
        12. text search
      2. 3.7.2Single board search
      3. 3.7.3Global and project specific search
    8. 3.8Operations on multiple cards
      1. 3.8.1Select cards
      2. 3.8.2Operations
    9. 3.9Calendars
    10. 3.10Project Statistics
      1. 3.10.1Filtering
      2. 3.10.2Basic statistics
      3. 3.10.3Chart statistics
    11. 3.11Import data from external sources
      1. 3.11.1Trello
        2. data
    12. 3.12Create tickets via E-mail
      1. 3.12.1Manage ticket E-mail configuration
        1. mail configuration
        2. ticket configuration
        3. configurations
        4. configuration
        5. configuration
      2. 3.12.2Support localized E-Mail notifications
    13. 3.13Manage profile
      1. 3.13.1Profile
      2. 3.13.2Calendar access
      3. 3.13.3Change password
  4. 4Administration
    1. 4.1Configuration parameters
    2. 4.2Login
      1. 4.2.1Anonymous user access
      2. 4.2.2Login providers
        2. (internal provider)
        5. oauth providers
        6. oauth providers
    3. 4.3Users
      1. 4.3.1Add User
      2. 4.3.2Import users from a file
      3. 4.3.3User actions
    4. 4.4Access control
      1. 4.4.1Global and Project Roles
        1. roles
        2. roles for effective access control
      2. 4.4.2Permissions
      3. 4.4.3Manage roles
        1. a new role
        2. a role
        3. a role
        4. project role
    5. 4.5Mail notifications
    6. 4.6Import/Export data
      1. 4.6.1Exporting
      2. 4.6.2Importing
    7. 4.7External integrations
      1. 4.7.1Script creation
        1. events
      2. 4.7.2Script example
      3. 4.7.3Manage the integration

4.4Access control

4.4.1Global and Project Roles

Lavagna supports two types of roles:

  • Global roles: roles defined by the administrators. Those roles applies to every project.
  • Project roles: roles defined by the project administrator. Those roles only apply to the project they belong. roles

By default, Lavagna comes with two pre-defined roles:

  • ADMIN: administration role, with all permissions, can’t be deleted.
  • DEFAULT: default user role, with no management permissions, can’t be deleted. roles for effective access control

The best way to prevent unwanted access to projects is to set up the roles on project level.

However, it is also good to keep in mind that the permissions for a few operations, like update profile and search, are defined in global roles.

To address that, create a global role that only allows search and update profile access.

Assign all users without administration rights to that role.

Then, ask the project administrators to set up their desired roles. Users won’t be able to access a project until the project administrator assign them a role.


To each role belongs a list of permissions, describe in details in this section.

Global application permissions are:

  • Application Administration: access the administration panel, and gives the ability to create new projects
  • Update user profile: modify own user profile
  • Search: access the search bar, and the search feature
  • Global API hook access: API hook access for all the application
  • Project API hooks access: API hook access limited to the project

Project permissions are:

  • Project_Administration: access the project administration panel,and the ability to create new boards

Board permissions are:

  • Board access: access boards in read only mode

Columns permissions are:

  • Create column: create a new columns within a board
  • Move column: ability to move a column around the board, including move the column to the archive, backlog, and trash
  • Rename column: change the column name, and the status associated with the column

Card permissions are:

  • Create card: create a new card
  • Update card: change the card title, description, due date, milestone, watchers, and assigned users
  • Move card: ability to move a card around the board, including to the ability to move the card to the archive, backlog, and trash
  • Create comment: create a comment. In case of user own comment, it’s also possible to update and delete
  • Update comment: update another user comment
  • Delete comment: delete another user comment
  • Action lists: ability to create, modify, and delete action lists. This also applies to the action items within a list
  • Upload file: upload a file
  • Update file: not used in this version of lavagna, but reserved for future use cases
  • Delete file: delete a file
  • Labels: Add or remove labels on a card

4.4.3Manage roles a new role

To add a role, click on the plus button, enter the role name, and click “Add”.

By default, roles have no permissions associated. a role

Manage role

To edit a role, click on the icon.

A dialog with the list of available permissions will open. Select the desired one, and click “Update”. a role

A role can be deleted when there are no users assigned to it.

To delete a role, click on the icon. project role

To edit project roles, go to the Project Settings, and then the “Roles” tab.

Click the icon on the role: the role’s permissions dialog will open. Select the desired permissions, and press “Update”.

Edit project role