Black projects setting a security scheme


Is it possible to create a security scheme for black projects that not even the Sysadmin can see?

It is critical to either mask fields, for hide the data, or simply if you are not a member of a restricted group you can't get access without a password?



4 answers

1 accepted

0 votes
Answer accepted
Daniel Wester Community Champion May 20, 2013

Like Nic said - you can't. JIRA's security model is based on opt-in - not exlusionary. That said you could have your sysadmins log in as sysadmin-bob, sysadmin-harvey etc instead of using their 'normal' accts of bob and harvey. That seperation of duties might help some.

0 votes

No, Jira doesn't do any of these things. Specifically answering your two questions:

You CAN set a security scheme which doesn't include system administrators, that's quite simple - just leave them out. However, as system administrators, by definition, they have access to the security scheme and the rights to change it, and/or their own profiles to let them in.

Security schemes hide the entire issue based on an arbitrary "level". Permission schemes hide entire issues or projects on a more generalised basis. (The difference is a permission scheme says things like "only group X", "only assignee", or, for advanced cases, "only the person who reported the issue". Security schemes do it by "on;y group Y can see issues with security level Z"). However, there are no field-level permissions, and no password protections.

Perhaps I will write plugin to address this requirement

I don't think you can.

I think you can write something that will block or hide data from admins (although I suspect you might find it quite difficult). But, as an admin, I can disable or remove plugins...

I think you'll need to tweak the core code to stop admins from being able to see it and remove it, and of course, you then have the issue that your admins won't be able to support the system because you've blocked them.

I am the SysAdmin, and I believe I found a way through that will satisfy my security folks, thanks for the feedback and promopt replies.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Feb 26, 2019 in Jira Software

How to prevent the propagation of unused project schemes, workflows & screens in Jira software

Atlassian ranks project attributes as the third most important factor impacting performance in the category of data. It’s not surprising, since project attributes are precisely the rules used to ma...

627 views 0 7
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you