Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Issue invisible when created within epic and when "Issue Security Scheme" is associated to a project

Gautham Kantharaju
Gautham Kantharaju February 4, 2022


Below are the steps to reproduce the issue,
- create a company based project

- project permissions based on roles (development and management)

- associate "Issue Security Scheme" to the project which has only management role

- create an EPIC

- when an issue (story or task or bug) created within the EPIC using "Create issue in epic" button the issue created will not be visible to the development unless security level is updated to "None" by the management

screenshot of an EPIC before associating the "Issue Security scheme",

Selection_187.png


  screenshot of an EPIC after associating the "Issue Security scheme" and when tried to create an issue within the EPIC,

Selection_188.png

As you can see issues Test-4 (JTT-30), Test-5 (JTT-31) and Test-6 (JTT-32) issues are visible but not accessible. When tried to access below is the screenshot of the result,

Selection_189.png

 

When "Issue Security Scheme" is disassociated from the project then Test-4 (JTT-30), Test-5 (JTT-31) and Test-6 (JTT-32) issues are visible but not linked to the EPIC (JTT-25). Below are the screenshots of the result,

Selection_193.png
Selection_192.pngSelection_191.pngSelection_190.png

Alternative / interim solution been used,

- Create an issue (story or task or bug) using "Create button" and then link to an EPIC. This works and the issue is visible.

Selection_194.png

Test-7 (JTT-33) is visible and linked to an EPIC (JTT-25)

 

Am I missing something. Really appreciate any help with regards to the issue. Thank you!

Answer
Watch
Like Be the first to like this
520 views

1 answer

1 accepted

1 vote
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 4, 2022

There is a lot in there, so I may be missing something, but I am not seeing a problem with this.   

I'd like to paraphrase your question to check that I understand what you are seeing.

Let's say we have two users with access to the project, you and me.  Your single management security level has a rule that says "Gautham can see issues in this level", and does not include me at all.

You create two issues:

  • ABC-1 Epic
  • ABC-2 Story

If you set the security level on ABC-2, I can only see the Epic.  When you look at the Epic, you can see the child story listed, but I do not.

Now you remove the security level on ABC-2.  Then you add the security level on the Epic..  Now I can only see ABC-2.  When you look at it, you'll see the Epic Link and other Epic fields.  I do not, because I can't see the Epic.

Is that what you are seeing?  If so, what is the problem?

View More Comments
Gautham Kantharaju
Gautham Kantharaju February 4, 2022

Hi Nic,

I did had more information to describe the problem :)

 

The example that you have mentioned is generally how the security level works. That's not the problem though.

 

Using your example!!

Assume that there is an ABC-1 EPIC, and you create an issue ABC-2 Story within the ABC-1 EPIC, in a perfect world you should be able to see, access, update and assign the ABC-2 story issue correct? but that's not the case you will not be able to access the ABC-2 issue unless I "Gautham" (with ability to change the security level) update the ABC-2 issue security level to "None".

 

Is the issue created within an EPIC assigned with security level by default? If yes, then it make sense.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 4, 2022

I'm sorry, I don't understand the question, or what you think the problem is.

If you use issue security to hide an issue from someone, they can't see the issue.  Other issues have nothing to do with it.

Like
Gautham Kantharaju
Gautham Kantharaju February 5, 2022

When created an issue using "Create issue in EPIC" option,

Selection_195.png

 

Have to specify two things,

1. Issue type - story or task or bug
2. Summary of the issue

Selection_196.png

and please note that not assigning security level. When the issue gets created by default security level is set because of which issue not visible.

In my understanding the expected behaviour should be,

- if issue reporter is part of security scheme i.e. does have the permission to set the security level then issue should be visible to them but should be hidden and not visible to others.

- if issue reporter is not part of the security scheme i.e. does not have the permission to set the security level then issue should not be hidden and visible to all.

 

Let me know if my understanding is incorrect.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 5, 2022

No, that's not right, you have gone down into it too far.  It is a lot more simple.

  • If issue reporter is part of security scheme, they can see the issue
  • If issue reporter is not part of security scheme, they can not see the issue

That's it.  It really is that simple.  The ability to set a scheme doesn't matter.

Like
Gautham Kantharaju
Gautham Kantharaju February 7, 2022

Thank you for the information. I have updated my previous comment, please can you correct me if I am wrong.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 7, 2022

Ok, yes, that makes more sense.

The permission to set a security level is separate from the actual security level.  If someone does not have permission to set issue security, the "level" field will not even be offered to them.

A person must be part of a security level for it to be offered to them in the "level" field.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security