Control Workflow Permissions only through conditions or validators?

I've just realised that any user (in fact I have anon users who can browse projects) can see and use the workflow buttons on all of my tickets that they can see. Is the only way to control this, ie; to stop anon users or the non assigned user, from being able to do this, to add the permission condition that only the assignable user can execute the transition, on ALL of my workflows and ALL of my transitions?

I'm hoping not :) thats a lot of work to set up/re-configure!

Love to know what others have done or if I've just completely missed something obvious.

Thanks :)

2 answers

1 accepted

1 vote
Accepted answer

I'm going to log a feature request for a control or controls to be added at the permission scheme level, so when set you can control who can 'use' the workflows, overridden only by the conditions/validators used in actual workflows if they exist. A little bit like in Bamboo, you can have global variables, which are overridden only by plan variables if they exist. :)

Hi Annastashia,

Did you create this request. I have just come to the same realisation as you, which annoys me greatly. If you provide a link to the request I would be happy to vote it :-)

BR
Anders

I think I saw it when it was created, and I think Atlassian closed it as "won't fix", because the conditions already exist.

Hmm, that sucks.
I cant see why an anonomous user should be able to do anything other than seeing the issues when he only has the browse project permission.

Because you need to put conditions on workflow transitions. It's valid to have none, sometimes you do want anonymous users to be able to do things.

It's really a useful thing to have even more complex globalised attitudes, it's simply not needed - the system already supports what is being asked for and making administration even more complex than it already is is not what Atlassian seems to want to do.

However, I would strongly support having defaults set on any new transition, so that an administrator has to consciously decide to remove them, rather than unconciously forget (or not know) to add them.

Point taken - and the default setting would be nice.

thanks Nic

You should link to the issue you created, I would vote it up.

I take Nic's point, but if you had a general permission "Move items through the workflow", you could easily lock it down to developers or whatever. If you wanted more specific conditions you could just add Anyone to that permission, then use workflow conditions.

I am a reasonably experienced jira administrator, yet this still catches me out.

0 votes
Daryl Chuah Atlassian Team Jan 15, 2013

Hi there

Yes you have miss out thing which is setting the Condition for Transition : https://confluence.atlassian.com/display/JIRA/Configuring+Workflow#ConfiguringWorkflow-Applyingconditionstotransitions

You can refer on the JIRA's built-in conditions that will only allow certain condition for example: only allow issue's assignee or reporter to execute the transition.

Hope it helps :)

Cheers

Hi yes, many thanks I ssaw that as a solution and have tried that, but it means a lot of work as I have go through and add this to all of my transitions across all of the workflows. I was wondering if there is any alternate, any higher level I can apply it to rather than at the transition by transition level? :)

Daryl Chuah Atlassian Team Jan 15, 2013

From my understanding, unfortunately i guess this is the only way to do it by applying it on all the workflow transition that you wan to have condition.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 29, 2018 in Jira

How to set up an incident workflow from the VP of Engineering at Sentry

Hey Atlassian community, I help lead engineering at Sentry, an open-source error-tracking and monitoring tool that integrates with Jira. We started using Jira Software Cloud internally last year, a...

1,082 views 0 8
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you