I need a highly granular security scheme for a JIRA project, where each issue has its own distinct, group of users permitted to access it. I intend to implement this by defining a separate issue security level for each new issue when it is created. The issues and their associated security levels are created programmatically.
Quite simply, no, this won't scale. You'll rapidly run into problems with performance, globally, and the administration screens for the levels will quickly grow to a point where they can't be rendered. If your issues in this project are rarely created and used, you'll be ok, but I'd say you'll start to notice problems when you reach a couple of hundred.
I'd define a single scheme which names a group-picker as the visibility and then set that picker (you'll still have way too many groups, but that won't cause you anywhere near as many problems)
There is one way around it. If you base you permission schemes on something like watchers this kind of allows you to simply allow someone to browse, comment, work on issues on a pretty individual base per ticket. It does however force you to keep the watchers field up to date with whoever needs to be on the ticket. It makes sense that you limit the "Manage watchers" permission, as this could grant people to involve others.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.