do not allow jira-users group to be member of a project

For Security reasons, we would like to be sure that no team leader can add "jira-users" to a role that has a role browsing permission. In that case, that means that anyone can see his project.

But some admin JIRA beginners may make a mistake by adding the wrong group instead of putting several names in the right column.

In other words, I would to be sure that any team leader can add a group member of his project.

Is there a way to do that ?

 

5 answers

I would supplement monitoring suggested by @Gabrielle Bautista [ACP-JA] with the thorough 'awareness training', explaining team leaders what is a desired practice, what is the impact if they do not follow instructions and why it is important that they should not add jira-users group to their project roles. I am sure that it will take you less time to prepare the communication about it than looking for the technical prevention solution. Inform-Trust-Check.

0 vote

I'm afraid there's no way to stop a project admin from adding jira-users to a role.

You'd need to hack some code to do it.  If it's just to try to stop them making a mistake, you could probably embed some javascript that removes or blocks the option (javascript isn't for security as you can bypass it, but if it's just to stop accidents...)

0 vote
Joe Pitt Community Champion Oct 13, 2015

Training. And a couple days off without pay for a couple people should send the message if they still do it.

0 vote
Daniel Wester Community Champion Oct 13, 2015

Take a look at Delegated Admin Pro for JIRA. https://marketplace.atlassian.com/plugins/com.wittified.jira.delegated-admin

It allows you to filter out groups for permissions and notification schemes AND at the same time you're able to reduce the number of global admins on your instance.

If you can, you could also check all the project roles for this group name and send an email to you daily if someone adds it (not really a prevention but monitoring). 

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Sunday in Agility

You asked for it, so we delivered: images on issues have arrived

A picture tells a thousand words. And agility boards have just released their latest feature: cover images on issues – so now your board can tell a story at first glance. Upload attachmen...

671 views 3 11
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you