Hi,
I have a list of project I would like to limit to certain users.
I can make it possible by using the browser project permission and limiting them to certain group of users. However, if I allow browser project to the Reporter (since I need to allow see issues those users can create them), everybody can see that project in the proyect list. Same happens if I allow browser project depending on a user picker custom field.
In my opinion, there should be an easy way to limit the list of projects a group of users can see, but I don't see it.
Anyone can help me?
Thank you!
First, by default JIRA has a horrible permission scheme that violates security best practices by allowing everyone that can logon to do just about everything.
JIRA works by GRANTING access. You can't restrict access. By default, it grants access to the group used to logon (see Global permissions to see the "can use" groups and admin groups). This is where users are getting their access.
This may be a big effort, but it will pay off down the road by making it easy to control access.
Most of the 'old timers' use project roles. It meets the best practice for security and gives complete control to the project lead for access to their project. JIRA comes with many project roles, but you can add more if you have a special need.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.