Can you restrict a group of users to only access their sub tasks?

Ok thanks Nic.  

Accept we might not be able to restrict separating the sub task from the parent but can't we at least stop them viewing other parent tickets not related to theirs?

Seems like maybe with something like the security permission - https://confluence.atlassian.com/adminjiracloud/configuring-issue-level-security-776636711.html ?

Am I also correct to suggest we could also manage their access to other tickets by making them collaborators on their tickets?

Cheers

No, the "issue level security" is the thing that is done at parent level.

You will have to handle visibility of the issues with it on that level, not the sub-tasks.  But you can set issue security such that "group A can see issues in level 1, group B can see level 2, group C can see both, and group D, none"

Issue security does allow you to use user fields in it, so you can make it variable too (for example, group B, the assignee and the person named in custom field X can see this)

Ok thanks Nic, so sounds like we can restrict their access to the wider service desk at least by setting the security at parent level.  The examples are helpful but I don't quite follow what you mean by level?

Also in your 2nd example if we said group B as an asignee could only see the 2nd level (if this is a sub task), wouldn't that achieve it?

Cheers

Sorry.  "Level" is one of the phrases used in the Jira code to describe the "Security level" field. 

Issue security works by setting a field called "Security Level", sometimes seen as just "Level", on a parent issue (it will not appear on sub-tasks).  It's a single select list, and each option on that list can have a different set of restrictions on it.  So you can do stuff like

• Top Secret - only group A can see this
• Secret - group A and role B can see this
• Private - group A, role B and people named in custom field C can see this

If you leave the level blank, anyone with "browse project" permission for the project can see them.

As I said before, sub-tasks inherit the security level of their parent.  So no, absolutely not.  A person can see an issue and all of its sub-tasks, or they can see none of it at all.

Perhaps this has changed since this post but you can definitely restrict visibility to Sub-tasks independent of their parent.  If the configuration of the Security Level includes a user field, a particular user who cannot see the parent issue otherwise would be able to see it if their user id is in that user field.  But they would not be able to see a Sub-task unless their user id was also in that field on the Sub-task since the Sub-tasks inherits, and honors, the configuration of the Security Level on its parent.

But it is still the case that if you don't have access to the parent, you cannot access any of the Sub-tasks.  

It does not work that way, you can put what fields you like on the sub-task and include them in the security level, but Jira still looks at the security of the parent issue to see if someone can see the issue.

Ordinarily Nic you are the last person I would challenge regarding Jira functionality.  However, I tested this in our 8.20 Data Center instance and that's how it works.

The person may be able to see the parent because their id is in a user field that is part of the security level definition.  But they will only see the sub-task(s) where their id is also in the field on those as well.