I've looked everywhere, but I can't find a way to restrict non-managers from seeing the Time Tracking report. This is dangerous for us right now as anyone could determine the rates we are billing based on this information. Is there a way to restrict being able to see this report?
You can't. Browse Project gives you permission to view the reports.
But how come anyone has access to your invoices, and therefore can deduce your rates by dividing the invoiced amount by the # of hours? I don't think it's the time tracking you should try to hide.
I disagree. The time tracking and time it takes to complete something should be kept secret, if appropriate. In our case there are several reasons. Government contracts are public knowledge and if someone, even an employee, looked up what the terms are they could see all the details. Likewise, customers that join a team (a very common practice) may use this to make their own assumptions on fixed-price projects. Obviously a straight correlation between the two is not the whole truth since there are many other costs. But it causes disturbance within the channel.
Another possibility is taking the information to a competitor and using it to critic your timelines and steal a contract away. It happens all the time.
The bottom line is that there are many reasons people may want to keep the time tracking only to management.
Okay. Fair enough. But even if you hide the Time Tracking report, somebody can easily extract that information from a simple excel export of the project's issues. Add the hours in the Time Spent column and you get the same result.
My point is, you can't make this data safe from anyone with basic Browse Project permissions. A third party plugin like this one for field-level security wouldn't make sense either, since your developers must still be able to log time. If a user can log time on any issue, he can view the logged time for any issue, add them up and get the information you want to keep secret. I don't see a way around that. At best, with a field-level plugin, you might be able to hide the time-tracking information from a specific group of users that would not be allowed to log work.
Ya, I looked at that one. We are also using the Cloud-based implementation. That plugin is online onpremise. It looks like this is a lot battle. I'm actually researching this for a Fortune 500 company. One of their services divisions has this requirement and I completely get it. We wanted to make it easier to integrate with some other systems, which JIRA does. Unfortunately this is their show stopper issue and we will have to recommend something else.
Thanks for checking though!
If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot