Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Restricting issue creation of certain issue types based on user project role / group Edited

Hello,
I have two roles in Jira system (developers, testers). I want testers can only create/edit/view/delete bug issue type (other issue type i.e. user story they can view only). Is it possible in Jira v7.8? How can I set it up easily?

Thank you

6 answers

Hi @Martin Cerny

You can restrict edit action to groups with workflow status properties.

Check this article:

https://www.j-tricks.com/tutorials/permissions-based-on-workflow-status

Like Javier Vidal likes this

Hi Martin,

I solved this issue using Script runner's behavior, used below code in initializer and it showed Issuetypes based on logged in user, you can validate user against project roles or even groups

 

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.security.roles.ProjectRoleManager

import static com.atlassian.jira.issue.IssueFieldConstants.ISSUE_TYPE

def projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
def allIssueTypes = ComponentAccessor.constantsManager.allIssueTypeObjects

def user = ComponentAccessor.jiraAuthenticationContext.loggedInUser
def issueTypeField = getFieldById(ISSUE_TYPE)
def availableIssueTypes = []

//use this def and if code to check project roles
/*def remoteUsersRoles = projectRoleManager.getProjectRoles(user, issueContext.projectObject)*.name

if ("Testers" in remoteUsersRoles)
{
availableIssueTypes.addAll(allIssueTypes.findAll { it.name in ["Task", "Experiment"] })
}
*/

//use this def and if code to check groups
def remoteUsersRoles = ComponentAccessor.getGroupManager().isUserInGroup(user, "jira-administrators")
if (remoteUsersRoles) {
availableIssueTypes.addAll(allIssueTypes.findAll { it.name in ["Task", "Experiment"] })
}

else {
availableIssueTypes.addAll(allIssueTypes.findAll { it.name in ["Task"] })
}

issueTypeField.setFieldOptions(availableIssueTypes)

 

Hope this helps.

 

Regards,

Priyanka

Not the OP, but this was super helpful to us at Airbnb today! Thank you for sharing, saved us the time of figuring it out ourselves :)

Like Priyanka Lavania likes this

Happy to know it helped :)

@Priyanka Lavania 

 

Hi Priyanka,

this was working fine,

My task is to restrict specific users in groups restricted from creating certain issue types

EX: STORY

for a specific PROJECT.

any suggestions or extension of the script ??

Hi Siva,

Glad to know its working for you, when you define the behaviour you can select specific project, it allows project and issuetype mapping. Try it out and let me know.

 

Regards,

Priyanka

Like siva likes this

@Priyanka Lavania 

done with that , works great.

just need a script from you as im not a good judge of scrips.

 

need to update EPIC end date with the end date of the STORY in the EPIC at the time of resolving.

( this should happen only  if the story is the last in the epic)

Hi Siva,

I think I missed your comment, I am able to do something similar with Tasks and sub tasks, that the parent task should be auto closed when last sub task is closed, this can be done using the combination of workflow transition and condition, let me know if you still need this, will try to tweak my current code and post.

Regards,

Priyanka

HI @Martin Cerny

Actually, we can not control on basis of issue type in Jira. permission scheme will apply for all the issue type.

I don't think so this will be possible.

As reference documents were given by @Mark Markov which is related to issue security level but not the restricting to create/edit/delete issue in jira.

Issue security levels are created within issue security schemes and let you control which user or group of users can view an issue.

Hey,

Check it here

https://community.atlassian.com/t5/Jira-questions/Restricting-issue-creation-of-certain-Issue-Types-based-on-user/qaq-p/701283

 

You can also use the script in a postfunction on Create transition. Script will check the user if it belongs to particular group or role and set the Issue Type values.

As mentioned above, you can use Issue Security Schemes to prevent certain groups of users from viewing issues.  You need to set Issue Security level on each issue.

This however doesn't prevent any users from creating issues.  For this you could add a validator on the 'create' transition in the workflow, to check the user is in the required project role.

Thank you for tips. I am now able to restrict create action for ceratin issue type for not admin users (I not sure if the below works for specific user group, but it is fine for me now).

  • I cloned existing workflow
  • In validator on the "create" transition i did:
    • deleted: Only users with Create Issues permission can execute this transition.
    • added: Only users with Administer Projects permission can execute this transition
  • I assigned new workflow for issue types where I wanted to restrict create action
  • I unassigned issue type where I wanted to restrict create action from original workflow

 

But how to restrict edit action? The process above cannot be applied. Any hint?

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira

⏰ Day in the life of a Jira Admin!

Hello Community! We thoroughly enjoyed this just-for-fun conversation in the Jira Admin Group about what it's like to be a Jira Admin. For #JiraJuly, our talented designers created these graphics t...

209 views 2 15
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you