It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Add watcher to issue security secured issue

Hello,

We are using the add watcher field (https://marketplace.atlassian.com/plugins/com.burningcode.jira.issue.customfields.impl.jira-watcher-field/versions#b156).

And we have a project secured by issue security schemes.

Is it possible to allow browse issues just to users that are in "watchers" role and to edit the watchers after creation?

In issue security scheme I could add "User Custom Field Value (Add Watcher)", but I cannot add new users to watchers. Everytime I try I get message "The user "ttester" does not have permission to view this issue. This user will not be added to the watch list." althought he has permissions to browse project. How can I setup such a configuration?

Best,

Robin

1 answer

1 accepted

2 votes
Answer accepted
Andy Heinzer Atlassian Team Oct 06, 2017

Because you are using issue level security, you can't actually use the watcher field in order to grant this user access to that issue.   It's not project permissions that are preventing this, it's a limitation of the issue security.  But I think this is by design.

If you check out the Issue Level Security: Adding members to a security level, it explains that:

A security level's members may consist of:

  • Individual users
  • Groups
  • Project roles
  • Issue roles such as 'Reporter', 'Project Lead', and 'Current Assignee'
  • 'Anyone' (eg. to allow anonymous access)
  • A (multi-)user or (multi-)group picker custom field.

This doesn't permit you to use watchers to give security access specifically.  However what you could do is create a multi-user or multi group custom field, and have that custom field appear on this project.  From there you could change the issue level security to grant users access that are on that field.  From there you can manually edit that custom field for all the issues where you want to grant this user/group access.  

It is not as simple as using the watcher field would be, but this one way to be able to manage and adjust access to issues when using security levels in Jira.

This worked nice. Thank you.

This is silly and barely qualifies even as a workaround.  The big problem is that you cannot remove the existing watchers field, so adding a second one is going to cause confusion.

A watchers field is just a list of users, not fundamentally different from the custom user field you mentioned, so it seems like a huge oversight to not allow users to include watchers as a selectable group for other purposes.

I have to agree, that while this fulfills the ask, it's a terrible work around.  We encourage administrators to reduce fields as much as possible, not a duplicate field that already exists so that we can accommodate basic functionality.  @Andy Heinzer are there plans to fix this in future releases?

@Andy Heinzer I see this feature request: https://jira.atlassian.com/browse/JRASERVER-7663

And it has been marked as resolved, but I can't tell if it was fixed or just resolved as there's a work around.  Would it be possible to get clarification?

Thanks.

Andy Heinzer Atlassian Team May 29, 2019

Hi Brian,

Technically that feature request was implemented and marked as resolved.  However I fear that the title is a bit more broad that what I think you are looking for here.  Before that request it wasn't possible to grant the watchers entity permissions at all in Jira.

However the original question here was in regards to using the watchers field as a means to restrict user visible content within a issue security scheme, not a permission scheme.  They are certainly related concepts, but technically these are different mechanisms within Jira.   As such I don't feel that JRASERVER-7663 applies to this particular case.

Instead I think the current feature request to watch for the original question is now JRASERVER-5982.  The issue is listed as gathering interest status.  There is not a clear time table for if or when it might come to Jira Server, but it is being tracked.

Andy

Like Brian McClung likes this

Thank you for the response @Andy Heinzer !  I've added my vote to that issue!

Brian

The ticket you linked to is over FOURTEEN YEARS old.  I have voted for it as well but I am not going to hold my breath.

There is also another related ticket created for this missing functionality: https://jira.atlassian.com/browse/JRASERVER-45488.

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you