Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can I shut off allowing Project Admins to adding/removing people from projects.

Ian Johnsen
Ian Johnsen December 3, 2018

How can I shut off allowing Project Admins to adding/removing people from any project? 

We are moving to having AD as our source of who gains access to a project. Setting up project role AD groups.

 

Thanks!

Ian

Answer
Watch
Like Be the first to like this
390 views

4 answers

1 vote
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 3, 2018

Using project roles is the cleanest and easiest way to control project permissions. Assigning them AD groups doesn't impact the ability to use project roles. Frankly, if you can't trust the project admin to do the admin job they aren't the right person for the job. 

Reply
1 vote
Alexey Matveev
Alexey Matveev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 3, 2018

Hello,

You can not forbid project admins to add people to roles. If you do not want project admins to manage permissions, then do not use roles in the project permission scheme. Use groups instead. But it is not considered to be the best practice.

View More Comments
Alexey Matveev
Alexey Matveev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 5, 2018

@Ian Johnsen As I wrote in my previous post. Do not use roles in the project permission schemes. Use groups.

Like
Ian Johnsen
Ian Johnsen December 6, 2018

@Alexey Matveev I would totally do that but I have 142 projects and that would mean 142 new project permission schemes. If we went that root and had to add a group or change a permissions in the future, would be very tedious to do the change to that many schemes. Right now we have 1 permissions scheme for all 142 projects using roles only in the permissions scheme.

Thoughts?

I really appreciate your insight in this matter :)

Ian

Like
Alexey Matveev
Alexey Matveev
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 6, 2018

You could do it with the ScriptRunner add-on. Though I do not have such a script ready.

Like
Reply
0 votes
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 6, 2018

You can't do it. That is a built in function of project admins. You would have to modify the source code. 

View More Comments
Ian Johnsen
Ian Johnsen December 6, 2018

@Joe Pitt But its doable? How would I go about doing this?

Thanks!

Ian

Like
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 7, 2018

I would look at @Alexey Matveev solution. To modify the source code you'd need to figure out where the code is and everywhere else modifying the code may touch. And every time you update JIRA you'd need to verify the code is in the same place to reproduce the change. It is not a good idea. A better solution may be to give the offenders 2-3 days off without pay. You are attacking a management issue with a complicated and difficult technical solution. Going down that road leads to pain and suffering in the long term. 

Like
Reply
0 votes
Ian Johnsen
Ian Johnsen December 4, 2018

@Alexey Matveev & @Joe Pitt

I 2000% need to find a way to lock this down so that no one can make changes here for any project. Theres gotta be a away to do this. See all the random people being added? I need this area to ONLY be AD groups added by me. Please let me know what it will take to get this done. Each Project will have different AD groups assigned, but each project will use the same Roles.

THANK YOU SO MUCH FOR YOUR TIME :)

Screen Shot 2018-12-04 at 11.32.37 PM.png

View More Comments
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 5, 2018

There is no way out of the box to do what you want. Project Admins can manage project roles. I would search in the marketplace to see if there is a plugin that allows this. Have you brought this problem up with the admins to find out why they think they need to do this? 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events