to not loose any tasks due to deletion we are using access roles to not allow users deleting tasks. Also we have splitted editor and project manager access roles (editor our normal coworkers which are not allowed to change dates, share project or folders, or delete tasks, project managers which are allowed to change dates and share projects and tasks).
Now we encountered a problem: if a project manager shares/assignes a task from his project to a coworker this coworker can delete the task. This works as long as the coworker does not have any access role in the project defined.
So two examples:
1) projectmanager shares a task with a coworker, coworker has no access role defined in the project (so is not able to see any other tasks or even the project) --> coworker is able to change dates of the task and to delete it, projectmanager can change dates but not delete the task
2) projectmanager shares a task with a coworker and also gives the coworker access to the project as editor --> coworker is not able to change dates of the task and also not to delete it, projectmanager can change dates but not delete the task
So is it possible to set the standard access for case 1 to edtor? At the moment it seems to be Full Access.
To say that the prject manager shall always give access to the project is not a way, as some coworkers do not need to see the whole project but only their task.
Any idea to avoid the security risk of case 1?