Kontroll hyrjesh

Weblate comes with a fine-grained privilege system to assign user permissions for the whole instance with predefined roles, or by assigning one or more groups of permissions to users for everything, or individual projects, components, glossaries, and so on.

Kontroll hyrjesh te projekti

Shënim

Projects running the gratis Libre plan on Hosted Weblate are always Public. You can switch to the paid plan if you want to restrict access to your project.

Limit user access to individual projects by selecting a different Kontroll hyrjesh setting. The available options are:

Public

I dukshëm për këdo.

Mund të kontribuojë cilido përdorues që ka bërë mirëfilltësimin.

Depoja VCS duhet të jetë e ekspozuar për gjithkënd.

Choose this for open-source projects, or when your Weblate instance is private or locked-down.

Protected

I dukshëm për këdo.

Mund të kontribuojnë vetëm përdoruesit e zgjedhur.

Në depon VCS mund të hyjnë vetëm përdorues të zgjedhur.

Choose this to gain visibility, but still have control over who can contribute.

Private

I dukshëm vetëm për përdorues të zgjedhur.

Mund të kontribuojnë vetëm përdoruesit e zgjedhur.

Në depon VCS mund të hyjnë vetëm përdorues të zgjedhur.

Choose this for projects that should not be exposed publicly at all.

Custom

I dukshëm vetëm për përdorues të zgjedhur.

Mund të kontribuojnë vetëm përdoruesit e zgjedhur.

Në depon VCS mund të hyjnë vetëm përdorues të zgjedhur.

Not available on Hosted Weblate.

You will have to set up all the permissions using Site-wide access control.

Choose this on your own Weblate instance if you want to define access in a specific, finely customizable way.

Access control can be changed in the Access tab of the configuration (Manage ↓ Settings) of each respective project.

The default can also be changed by setting DEFAULT_ACCESS_CONTROL.

Shënim

Even Private project statistics are counted into the site-wide statistics and language summary. This does not reveal project names or any other info.

Shënim

Instance administrators can modify the default permission sets available to users in Public, Protected, and Private projects by using custom settings.

Shihni edhe

Kontroll hyrjesh

Administrim kontrolli hyrjesh sipas projektesh

For Public, Protected and Private projects:

Granting users Manage project access (see List of privileges) allows them to assign other users in Public, Protected and Private (but not Custom) projects via adding them to teams.

These are the default teams provided with Weblate; teams can be added or modified by users with sufficient privileges:

Administrim

Krejt lejet e mundshme për projektin.

Shqyrtim

Approve translations in a review.

Available only if review workflow is on.

For Protected and Private projects only:

Translate

Translate the project and upload translations made offline.

Sources

Edit source strings (if allowed in the project settings) and source-string info.

Languages

Manage translated languages (add or remove translations).

Glossary

Manage glossary (add, remove, and upload entries).

Memory

Manage translation memory.

Screenshots

Manage screenshots (add, remove, and associate them to source strings).

Automatic translation

Mund të përdorë përkthim i automatizuar.

VCS

Manage VCS and access the exported repository.

Billing

Access billing info and settings (see Faturim).

These features are available on the Access control page in the project’s menu Manage ↓ Users.

Ndihmëz

You can limit teams to languages or components, and assign them designated access roles (see List of privileges).

Përgjegjës ekipi

Shtuar në versionin 4.15.

Each team can have team administrator, who can add and remove users within the team. This is useful in case you want to build self-governed teams.

Inviting new users

Adding existing users will send them invitation to confirm. With REGISTRATION_OPEN the administrator can also invite new users using e-mail. Invited users have to complete the registration process to get access to the project.

It is not required to have any site-wide privileges in order to do so, access management permission on the project’s scope (e.g. a membership in the Administration team) would be sufficient.

Ndihmëz

If the invited user missed the validity of the invitation, a new invitation has to be created.

The same kind of invitations are available site-wide from the management interface on the Users tab.

Ndryshuar në versionin 5.0: Weblate now does not automatically create accounts or add users to the teams. This is only done after confirmation from the user.

Blocking users

Shtuar në versionin 4.7.

If users misbehave in your project, you can block them from contributing. With the relevant permissions blocked, users can still see the project, but won’t be able to contribute.

Per-project permission management

You can set your projects to Protected or Private (see Kontroll hyrjesh te projekti), and manage users access per-project.

By default this prevents Weblate from granting access provided by Users and Viewers default teams due to these teams’ own configuration. This doesn’t prevent you from granting permissions to those projects site-wide by altering default teams, creating a new one, or creating additional custom settings for individual component as described in Site-wide access control below.

One of the main benefits of managing permissions through the Weblate user interface is that you can delegate it to other users without giving them the superuser privilege. In order to do so, add them to the Administration team of the project.

Per-project access tokens

Shtuar në versionin 4.10.

You can define project-scoped access tokens in API access tab. The API tokens can have expiry date set, and their permissions can be customized by team memberships same as with users.

Shihni edhe

Authentication tokens

Site-wide access control

Shënim

This feature is unavailable on Hosted Weblate.

The permission system is based on roles defining a set of permissions, and teams linking roles to users and translations, read Users, roles, teams, and permissions for more details.

The most powerful features of the Weblate’s access control system can be configured in the Ndërfaqe administrimi. You can use it to manage permissions of any project. You don’t necessarily have to switch it to Custom access control to utilize it. However you must have superuser privileges in order to use it.

If you are not interested in details of implementation, and just want to create a simple-enough configuration based on the defaults, or don’t have a site-wide access to the whole Weblate installation (like on Hosted Weblate), please refer to the Administrim kontrolli hyrjesh sipas projektesh section.

Site-wide permission management

To manage permissions for a whole instance at once, add users to appropriate default teams:

• Users (this is done by default by the automatic team assignment).

• Reviewers (if you are using review workflow with dedicated reviewers).

• Managers (if you want to delegate most of the management operations to somebody else).

You should keep all projects configured as Public (see Kontroll hyrjesh te projekti), otherwise the site-wide permissions provided by membership in the Users and Reviewers teams won’t have any effect.

You may also grant some additional permissions of your choice to the default teams. For example, you may want to give a permission to manage screenshots to all the Users.

You can define some new custom teams as well. If you want to keep managing your permissions site-wide for these teams, choose an appropriate value for the Project selection (e.g. All projects or All public projects).

Custom permissions for languages, components or projects

You can create your own dedicated teams to manage permissions for distinct objects such as languages, components, and projects. Although these teams can only grant additional privileges, you can’t revoke any permission granted by site-wide or per-project teams by adding another custom team.

Example:

Restricting translation to Czech to a selected set of translators, (while keeping translations to other languages public):

1. Remove the permission to translate Czech from all users. In the default configuration this can be done by altering the Users default team.

   Group Users

   Përzgjedhje gjuhe	As defined
   Gjuhë	All but Czech

2. Add a dedicated team for Czech translators.

   Group Czech translators

   Role	Power users
   Përzgjedhje projekti	All public projects
   Përzgjedhje gjuhe	As defined
   Gjuhë	Czech

3. Add users you wish to give the permissions to into this team.

Management permissions this way is powerful, but can be quite a tedious job. You can only delegate it to other users by granting them Superuser status.

Users, roles, teams, and permissions

The authentication models consist of several objects:

Leje

Individual permission defined by Weblate. Permissions cannot be assigned to users, only through assignment of roles.

Rol

A role defines a set of permissions (and can be reused in several places).

Përdorues

A user can belong to several teams.

Grup

Groups connect roles and users with authentication objects (projects, languages, components, and component lists).

Shënim

A team can have no roles assigned to it, in that case access to browse the project by anyone is assumed (see below).

Project-browsing access

A user has to be a member of a team linked to the project, or any component inside that project. Having membership is enough, no specific permissions are needed to browse the project (this is used in the default Viewers team, see List of teams).

Component-browsing access

Granting browsing access to a user in one project gives it access to any component with derived browsing permissions. With Restricted access on, access to components (or component lists) are granted explicitly.

Scope of teams

The scope of the permission assigned by the roles in the teams are applied by the following rules:

• If the team specifies any Component list, all the permissions given to members of that team are granted for all the components in the component lists attached to the team, and an access with no additional permissions is granted for all the projects these components are in. Components and Projects are ignored.

  Using huge component lists might have a performance impact, please consider giving access via projects instead.

• If the team specifies any Components, all the permissions given to the members of that team are granted for all the components attached to the team, and an access with no additional permissions is granted for all the projects these components are in. Projects are ignored.

• Otherwise, if the team specifies any Projects, either by directly listing them or by having Projects selection set to a value like All public projects, all those permissions are applied to all the projects, which effectively grants the same permissions to access all projects unrestricted components.

• The restrictions imposed by a team’s Languages are applied separately, when it’s verified if a user has an access to perform certain actions. Namely, it’s applied only to actions directly related to the translation process itself like reviewing, saving translations, adding suggestions, etc.

Ndihmëz

Use Language selection or Project selection to automate inclusion of all languages or projects.

Example:

A project foo with the components: foo/bar and foo/baz, with reviewing and management rights, in the following team:

Group Spanish Admin-Reviewers

Role	Review Strings, Manage repository
Përbërës	foo/bar
Gjuhë	Spanish

Members of that team will have these permissions (assuming the default role settings):

• General (browsing) access to the whole project foo including both components in it: foo/bar and foo/baz.

• Review strings in foo/bar Spanish translation (not elsewhere).

• Manage VCS for the whole foo/bar repository e.g. commit pending changes made by translators for all languages.

Automatic team assignments

While editing the Team, you can specify Automatic assignments, which is a list of regular expressions used to automatically assign newly created users to a team based on their e-mail addresses. This assignment only happens upon account creation.

The most common use-case for the feature is to assign all new users to some default team. This behavior is used for the default Users and Guest teams (see List of teams). Use regular expression ^.*$ to match all users.

Another use-case for this option might be to give some additional privileges to employees of your company by default. Assuming all of them use corporate e-mail addresses on your domain, this can be accomplished with an expression like ^.*@mycompany.com.

Shënim

Automatic team assignment to Users and Viewers is always recreated when upgrading from one Weblate version to another. If you want to turn it off, set the regular expression to ^$ (which won’t match anything).

Shënim

As for now, there is no way to bulk-add already existing users to some team via the user interface. For that, you may resort to using the REST API.

Default teams and roles

After installation, a default set of teams is created (see List of teams).

These roles and teams are created upon installation. The built-in roles are always kept up to date by the database migration when upgrading. You can’t actually change them, please define a new role if you want to define your own set of permissions.

List of privileges

Fokus	Leje	Built-in roles
Faturim (shihni Faturim)	Të shohë të dhëna faturimi	Administration, Billing
Ndryshime	Të shkarkojë ndryshime	Administration
Komente	Të postojë koment	Administration, Edit source, Power user, Review strings, Translate
	Të fshijë komentin	Administration
	Të zgjidhë komentin	Administration, Review strings
Përbërës	Të përpunojë rregullime përbërësi	Administration
	Të kyçë përbërësin, për të penguar përkthime	Administration, Manage repository
Fjalorth	Të shtojë zë fjalorthi	Administration, Manage glossary, Power user
	Të shtojë terminologji fjalorthi	Administration, Manage glossary
	Të përpunojë zë fjalorthi	Administration, Manage glossary, Power user
	Të fshijë zë fjalorthi	Administration, Manage glossary, Power user
	Të përditësojë zëra fjalorthi	Administration, Manage glossary, Power user
Sugjerime të automatizuara	Të përdorë sugjerime të automatizuara	Administration, Edit source, Power user, Review strings, Translate
Kujtesë përkthimesh	Të përpunojë kujtesë përkthimesh	Administration, Manage translation memory
	Të fshijë kujtesë përkthimesh	Administration, Manage translation memory
Projekte	Të përpunojë rregullime projekti	Administration
	Të administroni hyrje te projekti	Administration
Raportime	Të shkarkojë raporte	Administration
Foto ekrani	Të shtojë foto ekrani	Administration, Manage screenshots
	Të përpunojë foto ekrani	Administration, Manage screenshots
	Të fshijë foto ekrani	Administration, Manage screenshots
Vargjet e burimit	Të përpunojë të dhëna shtesë vargjesh	Administration, Edit source
Vargje	Të shtojë varg të ri	Administration
	Të heqë një varg	Administration
	Të hedhë tej kontroll të dështuar	Administration, Edit source, Power user, Review strings, Translate
	Të përpunojë vargje	Administration, Edit source, Power user, Review strings, Translate
	Të shqyrtojë vargje	Administration, Review strings
	Të përpunojë varg kur zbatohen me detyrim sugjerimet	Administration, Review strings
	Të përpunojë vargje burim	Administration, Edit source, Power user
Sugjerime	Të pranojë sugjerimin	Administration, Edit source, Power user, Review strings, Translate
	Të shtojë sugjerim	Administration, Edit source, Add suggestion, Power user, Review strings, Translate
	Të fshijë sugjerim	Administration, Power user
	Të votojë sugjerim	Administration, Edit source, Power user, Review strings, Translate
Përkthime	Të shtojë gjuhë për përkthim	Administration, Power user, Manage languages
	Të kryejë përkthim të automatizuar	Administration, Automatic translation
	Të fshijë përkthimin ekzistues	Administration, Manage languages
	Të shkarkojë kartelë përkthimi	Administration, Edit source, Access repository, Power user, Review strings, Translate, Manage languages
	Të shtojë disa gjuhë për përkthim	Administration, Manage languages
Ngarkime	Të përcaktojë autor të përkthimit të ngarkuar	Administration
	Të mbishkruajë përkthime ekzistuese me ngarkimin	Administration, Edit source, Power user, Review strings, Translate
	Të ngarkojë përkthime	Administration, Edit source, Power user, Review strings, Translate
VCS	Të hyjë në depon e brendshme	Administration, Access repository, Power user, Manage repository
	Të depozitojë ndryshime te depoja e brendshme	Administration, Manage repository
	Të kryejë “push” për ndryshimin që nga depoja e brendshme	Administration, Manage repository
	Të kryejë “reset” për ndryshimet te depoja e brendshme	Administration, Manage repository
	Të shohë vendndodhje depoje bazë zhvillimi	Administration, Access repository, Power user, Manage repository
	Të përditësojë depon e brendshme	Administration, Manage repository
Privilegje në mbarë sajtin	Të përdorë ndërfaqe administrimi
	Të shtojë projekte të rinj	Add new projects
	Të shtojë përkufizime gjuhësh
	Të administrojë përkufizime gjuhësh
	Të administrojë ekipe
	Të administrojë përdorues
	Të administrojë role
	Të administrojë lajmërime
	Të administrojë kujtesë përkthimesh
	Të përdorë përkthim nga makina
	Të administrojë listë përbërësish
	Të administrojë faturime
	Administroni shtesa të instaluara për krejt sajtin

Shënim

Site-wide privileges are not granted to any default role. These are powerful and quite close to the Superuser status. Most of them affect all projects in your Weblate installation.

List of built-in roles

Administrim	View billing info Download changes Post comment Delete comment Resolve comment Edit component settings Lock component, preventing translations Add glossary entry Delete glossary entry Edit glossary entry Add glossary terminology Upload glossary entries Use automatic suggestions Delete translation memory Edit translation memory Edit project settings Manage project access Download reports Add screenshot Delete screenshot Edit screenshot Edit additional string info Accept suggestion Add suggestion Delete suggestion Vote on suggestion Add language for translation Add several languages for translation Perform automatic translation Delete existing translation Download translation file Add new string Dismiss failing check Remove a string Edit strings Edit string when suggestions are enforced Review strings Edit source strings Define author of uploaded translation Overwrite existing strings with upload Upload translations Access the internal repository Commit changes to the internal repository Push change from the internal repository Reset changes in the internal repository Update the internal repository View upstream repository location
Edit source	Post comment Use automatic suggestions Edit additional string info Accept suggestion Add suggestion Vote on suggestion Download translation file Dismiss failing check Edit strings Edit source strings Overwrite existing strings with upload Upload translations
Add suggestion	Add suggestion
Access repository	Download translation file Access the internal repository View upstream repository location
Manage glossary	Add glossary entry Delete glossary entry Edit glossary entry Add glossary terminology Upload glossary entries
Power user	Post comment Add glossary entry Delete glossary entry Edit glossary entry Upload glossary entries Use automatic suggestions Accept suggestion Add suggestion Delete suggestion Vote on suggestion Add language for translation Download translation file Dismiss failing check Edit strings Edit source strings Overwrite existing strings with upload Upload translations Access the internal repository View upstream repository location
Review strings	Post comment Resolve comment Use automatic suggestions Accept suggestion Add suggestion Vote on suggestion Download translation file Dismiss failing check Edit strings Edit string when suggestions are enforced Review strings Overwrite existing strings with upload Upload translations
Translate	Post comment Use automatic suggestions Accept suggestion Add suggestion Vote on suggestion Download translation file Dismiss failing check Edit strings Overwrite existing strings with upload Upload translations
Manage languages	Add language for translation Add several languages for translation Delete existing translation Download translation file
Automatic translation	Perform automatic translation
Manage translation memory	Delete translation memory Edit translation memory
Manage screenshots	Add screenshot Delete screenshot Edit screenshot
Manage repository	Lock component, preventing translations Access the internal repository Commit changes to the internal repository Push change from the internal repository Reset changes in the internal repository Update the internal repository View upstream repository location
Billing	View billing info
Add new projects	Add new projects

List of teams

The following teams are created upon installation (or after executing setupgroups) and you are free to modify them. The migration will, however, re-create them if you delete or rename them.

Vizitorë

Defines permissions for non-authenticated users.

This team only contains anonymous users (see ANONYMOUS_USER_NAME).

Remove roles from this team to limit permissions for non-authenticated users.

Default roles: Add suggestion, Access repository

Parës

This role ensures the visibility of public projects to all users. By default, all users are members of this team.

By default, automatic team assignment makes all new accounts members of this team when they join.

Role parazgjedhje: asnjë

Përdorues

Default team for all users.

By default, automatic team assignment makes all new accounts members of this team when they join.

Role parazgjedhje: Përdorues i regjur

Shqyrtues

Group for reviewers (see Rrjedha pune përkthimi).

Role parazgjedhje: Të shqyrtojë vargje

Managers

Grup për përgjegjësit.

Role parazgjedhje: Administrim

Project creators

Shtuar në versionin 5.1.

Users who can create new projects.

Default roles: Add new projects

Sinjalizim

Never remove the predefined Weblate teams and users, as that can lead to unexpected problems! If you have no use for them, simply remove all their privileges instead.

Additional access restrictions

If you want to use your Weblate installation in a less public manner, i.e. allow new users on an invitational basis only, it can be done by configuring Weblate in such a way that only known users have an access to it. In order to do so, you can set REGISTRATION_OPEN to False to prevent registrations of any new users, and set REQUIRE_LOGIN to /.* to require signing in to access all the site pages. This is basically the way to lock your Weblate installation.

Ndihmëz

You can use built-in Inviting new users to add new users.