We're using the cloud version of JIRA and I have set permissions to only a select few role to create issues in each project (mostly I use roles to provide permission).
Everything else otherwise works perfect; users can only browse projects they are added to. However, I just noticed that anyone is able to hit the "Create" button on the top nav and create issues in any of the project they want to.
What am I doing wrong?
Within the different project roles I have created, I have added users who belong to jira-software-users & jira-confluence-users but I have not associated any of the role directly with user-groups (not even sure how to do that). Is this creating the problem?
If so, these JIRA groups are assigned by default to each user based on application access and these groups are also essential for managing global permissions.
Reetam, you can check within each project using Permission Helper, you select the user and it will show his permissions, if there is a group with such permission you can check if the others users are on this group(s) as well.
I checked your instance but could not identify the root without an example, so can you test this procedure?
Also on this document you can check better how the permissions works, just in case you still have doubts.
Please let me know if it helped!
Go to the permissions schemes page and go to the 'default permission scheme' (assuming that's the scheme you are using) and then under create issues ensure that the correct groups are there.
You can also check that the permission are correct in individual projects by going to the project summary page and going to permissions.
Thanks All for the quick assistance. I checked the permission scheme and in a few of them, "create issue" permission was provided to the "reporter" which I believe gave everyone the permission to create issues in every available project through the "Create" button.
Removed it and now everything works just perfect.
Once again, big help. Thanks.
Thanks for signing up for Jira Ops! I’m Matt Ryall, leader for the Jira Ops product team at Atlassian. Since this is a brand new product, we’ll be delivering improvements quickly and sharing updates...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs