Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

do not allow jira-users group to be member of a project

Emmanuel Rouillard
Emmanuel Rouillard October 13, 2015

For Security reasons, we would like to be sure that no team leader can add "jira-users" to a role that has a role browsing permission. In that case, that means that anyone can see his project.

But some admin JIRA beginners may make a mistake by adding the wrong group instead of putting several names in the right column.

In other words, I would to be sure that any team leader can add a group member of his project.

Is there a way to do that ?

 

Answer
Watch
Like Be the first to like this
438 views

5 answers

1 vote
Bogdan Gorka
Bogdan Gorka
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 14, 2015

I would supplement monitoring suggested by @Gabrielle Bautista [ACP-JA] with the thorough 'awareness training', explaining team leaders what is a desired practice, what is the impact if they do not follow instructions and why it is important that they should not add jira-users group to their project roles. I am sure that it will take you less time to prepare the communication about it than looking for the technical prevention solution. Inform-Trust-Check.

Reply
0 votes
GabrielleJ
GabrielleJ
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 13, 2015

If you can, you could also check all the project roles for this group name and send an email to you daily if someone adds it (not really a prevention but monitoring). 

Reply
0 votes
Daniel Wester
Daniel Wester
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 13, 2015

Take a look at Delegated Admin Pro for JIRA. https://marketplace.atlassian.com/plugins/com.wittified.jira.delegated-admin

It allows you to filter out groups for permissions and notification schemes AND at the same time you're able to reduce the number of global admins on your instance.

Reply
0 votes
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 13, 2015

Training. And a couple days off without pay for a couple people should send the message if they still do it.

Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 13, 2015

I'm afraid there's no way to stop a project admin from adding jira-users to a role.

You'd need to hack some code to do it.  If it's just to try to stop them making a mistake, you could probably embed some javascript that removes or blocks the option (javascript isn't for security as you can bypass it, but if it's just to stop accidents...)

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events