Create Private Project That Only Group Members Can See (Unless Mentioned)

Patrick Dufresne October 24, 2017

I'm trying to create a project for our team and this project needs all it's issues to be private so only group members can browse issues.

One exception is that I want it so I can add watchers to issues and by doing so that user now has access to that particular task.

Right now it seems as though I can only do an all or nothing type approach.

I've added issue level security so only group members can see it but I can't figure out the adding followers outside of the group mentioned above to tasks.

 

1 answer

0 votes
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
October 24, 2017

I don't know why you put issue level security if you want the entire project protected. I suspect your normal permission scheme has the jira-users (or similar logon group) in the list. Try taking that group out and only add the group you want and watchers.  However, I'm not sure if you can add someone as a watcher that doesn't at least have browse permission. 

Patrick Dufresne October 24, 2017

So my end goal is for no one to see any tickets within a task unless they are assigned a task or are a added as a watcher.

It's kind of silly how there isn't a Permission Helper simply for someone being able to view an issue.

 

How exactly do I set it up? Let's assume I use the default scheme so all users can see all tasks.

 

Could I simply do that and use issue security and add those filters instead to restrict them being able to see anything

Patrick Dufresne October 24, 2017

Additionally if I have issue security up and running, is that the default for every issue. Or do I need to specify that security level for issues manually?

 

Right now I have it so that users within a group, current assignee or additional watchers can view issues. But regardless of if those issue security conditions are met the user can see all issues within my project.

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
October 24, 2017

Your first instinct was right.  You need a project with:

  • Most, if not all, users have browse project (plus edit, comment etc)
  • A certain set of people have Create issue

Then an issue security scheme that says

  • Level 1:  Assignee + A custom multi-user-select field

Then

  • a post-function that sets the issue security to level-1 on the create issue  transition

Note that you can't use "watcher" in permissions and security scheme, hence the use of a custom field.

Patrick Dufresne October 24, 2017

This seems to make sense, the only thing that's unfortunate is that my only option is: 

 

"Set issue security level based on user's project role", meaning this wouldn't apply for anyone, it would only apply if an administrator were to create an issue.

Would I need to create a bunch of post functions, one for each user type there could be?

Patrick Dufresne October 24, 2017

Also how would I retroactively adjust existing tasks to add security permissions.

Patrick Dufresne October 24, 2017

So I think I got most of it figured out, the only thing I don't get is "project role - "atlassian-addons-project-access""

 

Despite what it says I can add a comment. Should I ignore this? What does this mean? How do I remove this from being a condition? It's not a required condition for my issue security level so not sure why it's telling me this is an issue.

 

Capture.JPG

Patrick Dufresne October 26, 2017

Not sure if this would fall under this issue but I' like to do the following: 

 

https://community.atlassian.com/t5/Jira-questions/Automatically-Add-Someone-to-Custom-Field/qaq-p/660658

Suggest an answer

Log in or Sign up to answer