Black projects setting a security scheme

Greetings,

Is it possible to create a security scheme for black projects that not even the Sysadmin can see?

It is critical to either mask fields, for hide the data, or simply if you are not a member of a restricted group you can't get access without a password?

Thanks,

dc

4 answers

1 accepted

This widget could not be displayed.
Daniel Wester Community Champion May 20, 2013

Like Nic said - you can't. JIRA's security model is based on opt-in - not exlusionary. That said you could have your sysadmins log in as sysadmin-bob, sysadmin-harvey etc instead of using their 'normal' accts of bob and harvey. That seperation of duties might help some.

This widget could not be displayed.

No, Jira doesn't do any of these things. Specifically answering your two questions:

You CAN set a security scheme which doesn't include system administrators, that's quite simple - just leave them out. However, as system administrators, by definition, they have access to the security scheme and the rights to change it, and/or their own profiles to let them in.

Security schemes hide the entire issue based on an arbitrary "level". Permission schemes hide entire issues or projects on a more generalised basis. (The difference is a permission scheme says things like "only group X", "only assignee", or, for advanced cases, "only the person who reported the issue". Security schemes do it by "on;y group Y can see issues with security level Z"). However, there are no field-level permissions, and no password protections.

This widget could not be displayed.

Perhaps I will write plugin to address this requirement

I don't think you can.

I think you can write something that will block or hide data from admins (although I suspect you might find it quite difficult). But, as an admin, I can disable or remove plugins...

I think you'll need to tweak the core code to stop admins from being able to see it and remove it, and of course, you then have the issue that your admins won't be able to support the system because you've blocked them.

This widget could not be displayed.

I am the SysAdmin, and I believe I found a way through that will satisfy my security folks, thanks for the feedback and promopt replies.

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Published Apr 22, 2018 in Jira Software

How-to setup a secured Jira Software 7.9.0 on Ubuntu 16.04.4 in less than 30 minutes

...PermissionsStartOnly=true User=www-data Group=www-data ExecStart=/opt/jira/bin/startup.sh ExecStop=/opt/jira/bin/shutdown.sh TimeoutStartSec=120 TimeoutStopSec=600 PrivateTmp=true [Install] WantedBy...

1,073 views 5 11
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you