Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to use cross team filters without permission problems Edited

Hi,

I am observing that if a search filter references a project that the current user does not have access to, the filter won't work at all and show an error.

For example we have 3 projects PROJECTA, PROJECTB, PROJECTC and I create a filter for a board to see all security issues:

labels in ('security') and project in (PROJECTA, PROJECTB, PROJECTC)

 This works OK if you have permission to all projects. But I want to keep share this filter so that users from PROJECTA or B or C can also use it to see the overview of security issues. Some users have access to A and B, some to B and C, or only B, etc. All combinations are possible. 

Problems is that if a user doesn't have access to one project, for example PROJECTA, the whole filter will stop working for that user.

- A value with id '10031' does not exist for the field 'project'.

 

What are you people using as a workaround alternative? And is there a JIRA Server feature request to fix this as this is making life a lot harder. The only thing I can think of is grant all users access to all projects. Or create one filter per project. Both don't scale if you have tens or hundreds or projects.

 

 

2 answers

I am not aware of any work around for this to display Search Results in JIRA. It is fundamental to the design of JIRA that a user must have the Browse Projects permission for all the projects referenced in a filter in order to see the results of the filter. If the user does not have permissions to any one or more of the referenced projects, then no results will display.

If it is not an issue to let the user see the results that would come from the project to which they do not have permissions, then you could set up a Subscription to the filter and email the results to the user. 

I have not tried to search for a change request on this topic in Atlassian's backlog.

0 votes
John Funk Community Leader May 04, 2021

Hi Isaac,

One option might be to grant Browse Projects permission to all users for all 3 projects. Then add an Issue Security Level to each project uses a Project role. Then you can apply the same Security Scheme to all issues, but it will control access by being in a particular role in that project. 

Thanks, but that doesn't really scale either.

John Funk Community Leader May 05, 2021

Why wouldn't that scale? 

I don't want users to have browse permission on 100s of projects and then having to remind everyone they need to set a security level on each issue to prevent other people from seeing it.

John Funk Community Leader May 05, 2021

No, you create a generic Security Scheme that is used across all projects and set the Security Level as a default so that it is automatically applied to every created card. 

I don't think it was intented to work like this, so wouldn't to invest in this method and then atlassian maybe changing things at some point. I have also seen that default values, for example for resolution, are not set when using the API. 

Also it would allow anyone in the project to remove the security level, exposing the issue to broadly.

John Funk Community Leader May 05, 2021

Well, in my opinion, that's exactly what it is intended to do - control access to an issue. I believe that is your intent unless I am missing something. 

And not sure what the API or resolution has to do with your question at all if you want to clarify that part. If not, not biggie. 

And, no, who can set or remove the security level is controlled by the permission scheme as well. Simply only allow Administrators to set the security level. 

You can do what you want - the solution will solve your problem and answers your question. You asked for a work around which is what this is. Not sure how else to help you. 

We have issues being created via the API via external tools. Most tools only cover the basic JIRA fields so relying on any other fields such as security level can lead to problems.

I don't want to limit who can change the security level, our intention is that developers can decide to make issues "internal only" and I don't want to take that permission away.

John Funk Community Leader May 05, 2021

Those are additional requirements that were not mentioned in your original question. You can simply add the Developer project role to the permission scheme for who can set the security level. 

Also, I am not sure that the security level would interfere with the creation of the issue using the API as it is added as a part of the creation process. 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Marketplace Apps & Integrations

Staying organized with Jira: best practices for a better project management

Project managers know this problem: A “mountain of work” lays in front of you, and you don’t know how and where to tackle them. Different to-dos lie ahead, but just one task after the other can be ha...

206 views 2 1
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you