Currently we are using JIRA only company-intern. For an upcoming project it is planned to provide a dedicated user account to one of our clients. We've got it managed, that our new user client which belonges to group clients, can only see and access the project suitable for him. The solution was to create a new permission scheme and linking it to a project.
What we're struggling with are the following two points:
1. Published filters from other users, which are provided for anyone, also appear for our new user client. On the one hand this makes sense because client is also anyone, but unfortunately this allows conclusions to our other clients names. Question: Are there any other solutions except the one, that users must not provide there filters to anyone? We think, that the requested discipline for this policy is not sufficient.
2. We are also using Fisheye parallel to JIRA and all users are able to put an activity stream (also with Fisheye history) on their dashboards. So client is able to see all committed changesets (in fact only the commit comments but that is already enough) via the Fisheye activity stream. Question: Is it possible to lock a specific dashboard (without activity stream) per user? If not: is it possible to revoke the Fisheye-rights for a specific user?
1. There is no other solution to what's been suggested, however, regardless of the filter, the user still needs permission to the projects/issues to see any search results returned.
2. The Fisheye permission is tied with the "View Version Control" permission in the permission scheme.