It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to restrict a group to viewing only certain issues within a project?

Hey all,

 

We have a situation at work where we need some external customers to come in and add tickets to our system (this is much easier than keeping two JIRA instances synced etc.). What is most desirable is creating the one project but only allowing the external customer users to only view tickets they were 'tagged' in. I'm unsure how this tagging would work.

At the moment I can lock the group of users down to a single project, and I've read how to allow only reporter and assignee to view a ticket, but what about a whole group? Any help would be greatly appreciated.

Cheers! 

1 answer

0 votes
Nic Brough Community Leader Feb 07, 2017

I assume you've read the stuff about issue security levels when you say "I've read how to allow only reporter and assignee"?  It's the same place as that, you can name groups in the security levels. 

It's generally better to use roles if you can (and put the groups in the roles), but that's a guideline, there's good cases to allow groups (e.g. having an auditor group)

Hey Nic,

I've setup a security level that includes the external customers group and have applied it to that project, but when a regular user creates a ticket, the external customers group can still see it. Or does the inverse need to be true (the regular users group need to be applied).

The issue security seems very confusing.

Thanks! 

Nic Brough Community Leader Feb 07, 2017

The permissions can be complex, and the issue security layer on top does make it more confusing.

I find it easier to think from the top down in this case.  Start with the JIRA permissions - a user can log in, which might give them some project access.  So, you look at the permission scheme.  While that looks complicated, for visibility, it's actually easy.  Someone who has "browse project" can see all the issues in the project.

Issue security adds another layer.  It does not override permissions.  A user must have "browse project" to see issues in the project, no matter what the issue security.  What it is for is allowing you to hide issues within the project.  You set a security level, which defines "who can see this issue"

For your case, it sounds like you want to allow "regular users" to see all the issues (so include them in the security scheme, and set the security level field to "hidden" or whatever) and "external customers" to only see a few - do not set a security level for those issues.

 

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira Core

How to manage many similar workflows?

I have multiple projects that use variations of the same base workflow. The variations depend on the requirements of the project or issue type. The variations mostly come in the form of new statuses ...

1,097 views 7 0
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you