After reviewing similar cases in mf-24 deployments, this permissions error during defect-to-test-case linking involves multiple security layers that must all align correctly.
Project Permissions:
The tester role needs more than just read/write access to test cases and defects. Entity linking is a separate permission scope in ALM. Go to Project Customization > Project Users > Roles and verify the tester role includes:
- Test: Modify Test (standard)
- Defect: Modify Defect (standard)
- Cross-Module: Create Entity Links (often missing)
The third permission is critical and not included in default tester role templates. Without it, users can edit test cases and defects individually but cannot create relationships between entities.
Workflow Transitions:
Defect workflows in test-case-mgmt can block linking based on defect status. The link operation is treated as a defect modification, so if your defect is in a status that restricts modifications, the link fails.
Review your defect workflow configuration. Common blocking scenarios:
- Defects in “Closed” status with no allowed transitions
- Defects in “Fixed” status restricted to developer role only
- Workflow rules that prevent modifications after certain time periods
The solution is to either:
- Allow relationship modifications in all workflow states (recommended)
- Create a separate workflow transition for “Add Link” that’s permitted in restricted states
- Update the workflow to allow testers to modify defects in any status when the change is only adding a relationship
Field Security:
Mf-24 introduced granular field-level security for relationship fields. Even with correct module permissions, the specific relationship field between test cases and defects might be restricted.
Navigate to Project Customization > Entities > Test > Fields and locate the “Defect Links” field (field name varies by project). Check the field security settings:
- View: All project members (should include tester role)
- Modify: Often restricted to test-lead or admin roles by default
Update the “Modify” permission to include the tester role. This field-level security is separate from entity-level permissions and frequently causes linking failures.
Library Access:
If your test-case-mgmt uses shared test libraries, permissions become more complex. Test cases in libraries have their own permission structure independent of the project where defects exist.
Verify library permissions:
- Go to Libraries > [Your Test Library] > Security Settings
- Check if testers have “Contributor” or “Editor” role in the library
- Ensure library permissions allow creating links to external entities (defects in project repository)
Cross-repository linking requires write access in both the library (for test cases) and the project (for defects). A tester with project access but library read-only permissions will encounter the error you’re seeing.
Verification Steps:
- Test with an admin account to confirm linking works (isolates permission vs. configuration issues)
- Review ALM audit logs to see the exact permission check that’s failing
- Verify test cases are not in locked or checked-out state
- Confirm defects are in a workflow status that permits modifications
- Check if cross-module linking is enabled in project settings
Resolution:
The most common cause in mf-24 is missing “Create Entity Links” permission in the tester role combined with field-level security restrictions on the relationship field. Update both:
- Add cross-module linking permission to tester role
- Grant tester role modify access to defect relationship fields on test cases
- If using libraries, ensure testers have contributor access
- Review defect workflow to allow relationship modifications in all states
After addressing these four security layers - project permissions, workflow transitions, field security, and library access - testers should be able to link defects to test cases successfully. The key is understanding that entity linking in ALM requires explicit permissions beyond standard CRUD operations on individual entities.