Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Issue Security allows for user to view search results for all issues?

Sarah Kladstrup
Sarah Kladstrup January 30, 2019

I am attempting to implement a set of permissions and issue security schemes to only allow "External Users" to see tickets. When I log in as an external user, I can only open the ticket with the "external user" security level. However, I am able to search and add any column I want and that information is displayed to this user. I am certain these other issues have a different security level of "employees only". What's the point of the issue security scheme if it shows everything anyways, or am I missing a permission I should restrict?

Answer
Watch
Like Be the first to like this
357 views

1 answer

1 accepted

0 votes
Answer accepted
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 30, 2019

Hello Sarah,

Could you please elaborate a little bit more about what you meant with the sentence below:

However, I am able to search and add any column I want and that information is displayed to this user. I am certain these other issues have a different security level of "employees only".

It is not clear on how you are displaying issues to other users out of the security level. Could you give us an example with screenshots so we can better understand it?

That been said, I can clearly confirm there is some misconfiguration in your security level if you are able to see any information of issues that are added to a Security level which you do not belong.

Even searching for issues, it will not display issues if you are not added to its security level as you can see below.

1 - When I am added to the security level test:

Screen Shot 2019-01-30 at 18.25.00.pngScreen Shot 2019-01-30 at 18.25.27.png

2 - When I removed myself from the security level:

Screen Shot 2019-01-30 at 18.32.42.pngScreen Shot 2019-01-30 at 18.32.54.png

We will be waiting for your answer.

View More Comments
Sarah Kladstrup
Sarah Kladstrup February 1, 2019

Petterson,

Thank you for your quick reply and all your help! I realized that while in the detailed issue view, there was a security level displayed, that was not reflected in a search of the project's issues (so all tickets were effectively "none"). I had set most of these with the bulk issue tools. This is a different issue altogether, but still confusing. Even re-bulk editing left some issues without a security level.

I ensured all tickets had a security level via the search results, and now I'm getting the permissions/visibility I would expect for our "external users" group.

Thanks,
Sarah

Like
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 1, 2019

Hello Sarah,

Thanks a lot for your feedback. I'm glad to know you were able to find the root cause of the lack on your security level.

Have a nice weekend!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events