Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Permission to create a ticket

Nicolas Leboeuf
Nicolas Leboeuf
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 29, 2020

Hello,

i'm trying to set up Jira to see if it fits our needs.

I need to give a limited access to a group of people. I've created the role, assigned a user, and tried to give the right permissions.

One of the permissions i want is to "Create a ticket". But when i tick "Create a ticket" in the role page, i don't get the button as a user.

After testing, i've found that i need to tick "Transition any issue" under "Work on [project] issues".

That doesn't make any sense for me, but it is what happens.

Is it normal ? Is it a bug in the role system ?

 

Thanks.

Answer
Watch
Like Be the first to like this
2571 views

1 answer

1 accepted

0 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 30, 2020

Yes, this is not a bug, but a result of evolutionary pressures.

Originally, Jira controlled "create issue" by having a simple "create issue" permission.  A transition could be done by anyone who could see and update the issue.  But there was a problem - if you could get the right tokens and work out the url, you could transition an issue that you didn't actually have any other permission for.

This is obviously a security hole, but working out how to do it was such a monumental pain, no-one bothered.  But then we got the remote APIs, and it became a LOT easier to do bad things.

So, to save admins having to put a condition on every single transition, Atlassian added the "transition issue" permission. 

This solved the problem, but, "create issue" is a transition, so it protects that as well.

So that's why you have to do it this way! 

Personally, I don't think it's properly fixed - I'd like a snippet of code that excludes the "create" transition, then it would actually make perfect sense, and would not have tripped you up!

View More Comments
Nicolas Leboeuf
Nicolas Leboeuf
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 1, 2020

I think i didn't understand the "transition" thing, and how it affects the permitted handling.

To be honest, i haven't seen the big blue "Create" button on top. With this button and the right to create a ticket, obviously it works. But not from a column, the button "Create a ticket" being part of the transition system.

I've figured it out by myself at the end of the day, but thanks for explanations and your answers which confirm my thoughts.

The granularity of the rights is a must for my needs, so i won't complain about little UX mistakes like this :)

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security