Auth only user can browse all projects after switching to Role based Access

All,

I have a need to provide access for external, competing customers to my Jira instance. Currently, most of my projects are configured with Role-based access. When I create a test user and place them in a group that has the Global Permission of "Jira Users" it can still see all of the project names. It cannot see any issues or anything inside the Project, but the Project Name is still browsable. At the same time, I have created 4 new projects solely with Group-based access. These new projects cannot be viewed by this limited test account. Is there some hidden attribute/permission that I need to remove from my projects so they do not appear to my customer logins?

1 answer

This widget could not be displayed.

I suppose that

1. your competing customers are inserted in one or more roles (as single user or in a group) in "Browse Projects" permission or

2. your competing customers are inserted directly as single user or Group to "Browse Projects" permission.

3. Or you add one of these permisions: "User Custom Field Value", "Group Custom Field Value", "Current Assignee" or "Reporter" to "Browse Projects" permission. In that case users can see project name automatically (without being inserted in Custom Field, Group Custom Field or as reporter...).

>> Question: Is there some hidden attribute/permission that I need to remove from my projects so they do not appear to my customer logins?

There are no other hidden attribute/permission that you need to remove from your projects. And it is the same if you add user or group directly to "Browse projects" permission or through roles.

If you want to avoid that all users have access to project names mentioned under third point you need to:
- give access in "Browse Projects" permission only to all users from project and
- additionaly limit access to issues with setting issue security levels. There you can add permislions like "User Custom Field Value", "Group Custom Field Value", "Reporter",...

Thanks Vidic, but this still does not explain why a new user, one that has not been assigned to any roles or groups, and is only part of the global permission "Jira Users" can still see those projects that have role-based access. But not those projects that have group-based access.

I supposed that you add one of these permisions: "User Custom Field Value", "Group Custom Field Value", "Current Assignee" or "Reporter" to "Browse Projects" permission.
Is maybe possible to see permission scheme and roles?

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Aug 06, 2018 in Jira Service Desk

A is for Activate: Share your top Jira Service Desk onboarding tips for new users!

Hi, everyone! Molly here from the Jira Service Desk Product Marketing Team :).  In the spirit of this month's  august-challenge, we're sourcing stories of Jira Service Desk activation fro...

575 views 25 15
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you