Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Default filters expose all issues - how can I manage the default out of the box filters Edited

Default filters expose all issues - how can I manage the default out of the box filters

We have a project - utilizing the cloud abilities, we have 7 different groups connected to the main project.

Each group is not supposed to view the other group's issues.

Permissions are set for each group. this works fine

BUT JIRA CLOUD has default filters the expose everything to everyone 

How can I restrict viewing through these filters. They bypass the permission schemes

 

 

3 answers

0 votes
John Funk Community Leader Jun 29, 2021

Hi Eleanor,

I am not sure what you mean by "default" filters, but you can create and use any filters you would like and only share them with particular groups or project roles. 

Can you provide some more information as to what you are trying to do? Or where you are using the filters

Default filters.JPG

 

These are the filters, that come out of the box from JIRA CLOUD, the filter is set by JIRA

I can not override it or save it as the same name Jiraa assigned.

The filter displays all issues belonging to the project.

I have a permission scheme by the filter ignores the scheme.

John Funk Community Leader Jun 29, 2021

If all of the issues are on the same project, the only way you will be able to hide some issues from other users on the same project is to use Issue Level Security. You can find more information about how to implement that here:

https://confluence.atlassian.com/adminjiracloud/configuring-issue-level-security-776636711.html

John Funk Community Leader Jun 29, 2021

Individual boards may use different filters - and those filters might be shared with different users. But that only applies to whether the users can see the boards or not - not the actual issues. So if they just create their own filter, they could see all of the issues. 

The only around that is to use issue level security. 

The issue security scheme exists - and is in use, very good in areas I can access.

I did not find a way to implement the security scheme on the default filters 

still looking

The Dashboards and Other boards do not implement default filters, only filters I created. The default filter is supplied by Atlassian, can not see save, edited, removed....

 

John Funk Community Leader Jun 29, 2021

Users should not see issues that they cannot see as a part of the security scheme - including the project level issues.

You can test by having the user run a filter for key = ABC-123

where ABC-123 is the key of an issue they should not see based on the security scheme. If they don't see it in the filter, they should not see it in the list of issues. 

0 votes
Jack Community Leader Jun 29, 2021

Individuals can only see issues that they have permissions to see. For example if Fred doesn’t have access to project tempo then any default filters that might include issues in that project will not be visible to Fred. However maybe you were seeing something different? If you could give some real examples of where you’re seeing problems I might be able to investigate this a bit further.

The permission scheme  

1) in order to allow the users to view the project have the browse project permission,

2) all Boards, Dashboards are managed by filters that restrict displaying, only the correct group can view their issues,

3) there are default filters, supplied by Jira, when you create a new project these filters are not editable, nor can I hide them

4. the default filter displays all issues with no regard to the security level nor the permissions. it is attached herein.

 

 

All issues JQL without save.JPGDefault filters.JPG

There is similar issue -  

https://jira.atlassian.com/browse/JRACLOUD-71176

wonder if this has been handled?

https://community.atlassian.com/t5/Jira-questions/Edit-Delete-Default-Filters/qaq-p/1302120

 

the above also explains the problem.

Wonder if there is any workaround/solution?

Jack Community Leader Jun 29, 2021

TBH I am not using issue security but am quite surprised to hear that any filter default or otherwise would show issues to a user that stand in conflict with the security scheme.

@John Funk , you use security schemes I think? Are you seeing this behavior? If so this should be a bug that needs reporting.

John Funk Community Leader Jun 29, 2021

I can confirm that if you are using issue level security that you cannot see issues in the issues list if you don't not have access to the issue through the security. So it is working as intended. 

Jack Community Leader Jun 29, 2021

Perfect!

Atlassian KNOWS THERE IS A PROBLEM:

"The Browse Project permission may make project details visible to all users in directories and while searching Jira

There’s a known issue when granting a User custom field valueReporterCurrent assignee, or Group custom field value the Browse Project permission. In these cases, a project becomes visible to any logged in user on your Jira site.

The issue is caused by an intentional design in Jira’s backed that couples the Browse Project and View issue permissions. We’re currently working to decouple these permissions."

 

https://support.atlassian.com/jira-cloud-administration/docs/manage-project-permissions/

Jack Community Leader Jun 29, 2021

Thanks for sharing @eleanor kerman

John Funk Community Leader Jun 30, 2021

This is not the same as the problem you have posted, unless I am misunderstanding your need.  You want to have multiple users on the same project only see certain issues on that project. This has nothing to do with that, 

Like Jack likes this

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira

⏰ Day in the life of a Jira Admin!

Hello Community! We thoroughly enjoyed this just-for-fun conversation in the Jira Admin Group about what it's like to be a Jira Admin. For #JiraJuly, our talented designers created these graphics t...

706 views 2 21
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you