Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Project Permission Edited

It seems the default permissions in Jira is if you have access, you see everything. If you want to create private projects and grant to all users on demand, it seems to require planning. Did I understand that correctly?

Adding a contractor to a single project, it looks like I need to go and fix all our other projects permissions to make that work. Then somehow fix projects other employees may create so the contractors do not see them.

Is there an easier way to default to private across the board, including newly created projects, but then optionally share with a larger audience per project?

 

[Update]

Wow, it has been a very long time since I jumped into the community and it looks very healthy with quality responses. I'm impressed!

3 answers

1 accepted

2 votes
Answer accepted
Mikael Sandberg Community Leader Feb 08, 2021

Yes, you are correct, the default permission scheme basically allows anyone with access to your instance to do almost everything.

And changing it to limit what can be done does require planning. To make it easier I would start by limiting who can create new projects, and for existing projects either change the default permission scheme to be more strict or create a new one that fits the way you want most of your projects to work. I would avoid using groups, instead use project roles, that way the Project admin can decide who gets access rather than having an Jira admin add/remove users from groups.

Jack Community Leader Feb 08, 2021

Generally speaking folks have it so new users go into a default role and that role is the default for the default permission schemes. So, assuming you have a contractor come on board and you wish to restrict to a single project you can remove them from the default role and they will disappear from all projects from a permission perspective. Now add the appropriate permissions for this one individual in the one project.

Okay, so no way to force "private" next generation projects then?

Mikael, I prefer the roles as well and use the next generation "Access" screen. It puts the power with the owner of the project then and less central command for needless things.

Jack, I do have default permissions to no access to any products.

 

It looks like what I was hoping for in the next generation was administrative control to force new projects to be private. If they want public, then come to the administrators for assistance. Unfortunate.

1 vote
John Funk Community Leader Feb 08, 2021

Hi Darren - I would setup a base project the way you want it and then create all new projects based on that base project. Then you can deviate from there.

Not sure what you mean John. Is there a way to create my own project templates for employees to use that I missed?

John Funk Community Leader Feb 08, 2021

You create a project and set it up with all of the schemes you need. Then when you create a new project, use that project as the one you base the new project on. It will not copy all of the People information over, but it should be bare bones and not have all of the normal default ones. 

Like Darren Martz likes this

Hello @Darren Martz 

Are you working with Classic software projects, or Next Gen software projects, or both, or other types of projects?

Who is making the projects? Are Classic projects made using the same configuration that is used in existing project or does each project get a unique configuration?

Besides the permission to see the data (i.e. Browse Projects), do the projects have other custom permission settings?

When the private project should be shared with a "larger audience", is that larger audience going to be the same group (i.e. all authorized JIRA users) every time, or is each project going to need a custom "larger audience"?

All but 1 project is next gen and there may be a need for another depending on the project requirements. 

Employees are open to create projects on demand which is ideal to remove friction, but it seems we could use administrative restrictions to force all projects to be private. Its looking like that does not exist and is not achievable.

Sharing a project with a larger audience would be with a selected group, not absolutely everyone (ex: contractors). How would that work then on roles?

My expertise lies with the Classic projects rather than the Next Gen projects, so I'll have to defer to others to provide suggestions.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
Community showcase
Posted in Jira Software

Presenting the "Best of 2020" Jira Software roundup!

Catch up with Atlassian Product Managers in our 2020 Demo Den round-up! From Advanced Roadmaps to Code in Jira to Next-Gen Workflows, check out the videos below to help up-level your work in the new ...

7,018 views 8 28
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you