read-only user who just sees selected fields from pre-defined query

Andy November 13, 2016

Is it possible to setup JIRA in the following way:

  • read-only user
  • user can only see Jiras from an administrator-defined query (so no browsing to other JIRAs possible)
  • user can only see pre-selected fields (e.g. no comment fields, worklog and certain custom fields

 

2 answers

1 accepted

0 votes
Answer accepted
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 14, 2016
  • Yes
  • Sort of
  • No

JIRA lets people see issues based on their permissions and security.  Permissions work at a project level, so at the most basic access is "a read only user is someone who has only 'browse project' permission".  That lets them see all the issues in the project though. 

To protect indidivual issues, you can set a security level that limits the visibility.  So your "can only see issues from an admin query", can't technically be done, but you can set it up so that a set of security levels hide issues.  The read-only user will only see issues that you do not set a level on, or you include them in the level's rules.

On fields, it's a no because JIRA is for collaboration, so generally people want to be able to see all the information.  You can restrict comments to groups, but that's about it off-the-shelf.  You'll need add-ons to hide other fields - I think Tempo has some control over worklogs, but the one I'd reach for is Quisapps field security add-on, as it can control access to most fields.

0 votes
Andy November 14, 2016

Nic, many thanks!

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 14, 2016

No problem.  There was one other thought I had, as I've done it with another system.

If these "read only" users are not really going to be active JIRA users, you could drop them into another system.  We set up a really simple scrape process - a shell script that

  • ran hourly
  • ran a filter over REST
  • took the resulting issues and reformatted them into a simple html table (dropping fields we didn't need)
  • published the table as part of a static web page outside JIRA

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events