Scope a field rule to a group
Sometimes you want to scope field rules to a specific group. To do this, use the attributes for and not. These attributes are used on tags to make them apply specifically to a single group or to everyone but the people in a single group.
denies , which is defined by the "not" attribute, takes precedence over grants, which is defined by the "for" attribute.
The for and not attributes are optional and should not have empty values.
These attributes can be scoped only to a group, not to a specific user.
The following example defines the Triage Description field as read-only for everyone except those users in the group Triage Committee.
<FIELD name="Triage Description"> <READONLY not="[Project]\Triage Committee" /> </FIELD>
In the following example, any user in the Junior Analysts group is required to complete the Second Approver field.
<FIELD name="Second Approver"> <REQUIRED for="Example1\Junior Analysts"/> </FIELD>
for and not
The following example defines Severity as a required field for users in the ProjectMembers group, but not for those in the ProjectAdmins group. Because denies takes precedence over grants, if a user is in both groups, the "not" statement would be enforced, and the field would not be required.
<FIELD name="Severity"> <REQUIRED for="[Project]\ProjectMembers" not="[Global]\ProjectAdmins"/> </FIELD>
To use multiple groups, you must create a parent Team Foundation Server group that includes the set of groups that you want to use.