You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
Hi all. I want to create a database of recruiting candidates.
It all comes down to privacy. If, for example, I create an issue in the same project or another project with the name "CV - John Doe".
I'll attach it to an issue called "Vacancy - Need new Employee".
This CV will be seen by all users of the "Hiring" project. People who are not specifically related to this personnel search will also see it. This is not good, the GDPR will show the middle finger.
Why won't 'Issue Security' help in this case? The answer is obvious: There will be different participants in search projects in groups or project roles. And they will still be able to see all the confidential data of candidates.
There are only two working options left for 'Issue Security': 1. A custom field with the right participants. 2. Custom group.
The first option is extremely inconvenient('cause need hand-writing permission field EACH CVs.), the second option is doubtful, since in a year there will be more than 200 custom groups.
So Issue Security is not suitable. Project Permissions are not suitable.
For our needs to make sure that the linked request from another project (or the same project) can only be seen by people who, for example, are in the 'Technical Experts' field of the current issue.
Is there any way to actually do this? Code, plugins, paid or free?
Actually, you're wrong about issue security, it is the only way to do this, and, as you say, you do it with "a field with the right participant".
Any system, not just Jira, is going to need you to name the right participants in the situation you describe, you have to tell the system who can see the item somehow. In jira, a field is the easiest way to do it, and you could even automate it by following the linked request.
Actually, you're wrong about "Any Systems". There are such systems. And why can't I dislike you? I'm sure it's not possible to automate this in JIRA.
In jira, a field is the easiest way to do it, and you could even automate it by following the linked request.
I can't post examples of things that cannot be done, correct.
You need to automate setting a security level based on a custom user field that you will also need to automate. You will have to put the data into the field by identifying the users on a different issue, and it's probably going to be easiest to copy them into the current issue, not try to guess who they are by not identifying them.