How can you tell when permissions were changed on a board?

It appears that the permissions on a board where changed.  (from unrestricted to restricted back to unrestricted)

How can we tell when the change occurred? 

We have access to the database, and we are happy to use SQL if that makes it easier.

2 answers

1 accepted

0 votes
Accepted answer

I don't think that's logged anywhere.  It's assuming you trust your board administrators.

You could check the admin audit log, but it would have had to have been enabled before the changes were made, and I'm not sure that it catches board permission changes.


No dice on the Audit log.  Our data goes back to 2014.  These changes were made sometime in the past two weeks.  I searched for the user who made the last change (restricted to unrestricted) - not found.  I also searched for words in the name of the board as well as for the board ID number.


Any chance the changes would be logged in the database?



Nope, that's where the audit log comes from.

Any possibility that there's a date-changed field that might capture it?  (I don't have a database schema/diagram or I'd start searching,)

I understand it's not a tracked object for the audit log.  I'm just grasping for any way to tell when things changed, even if I can't tell who made the change.  At the heart of the issue is that a user (or users) was (were) denied access to a board, and we're trying to figure out how it happened.  The owner of the board is positive that they didn't make any changes.  Any suggestions are welcome.



No, it's not tracked, as I said already.

There are two ways the users could have lost access though - either one of the board administrators changed the permissions, or the users were removed from the setup that was allowing them to see it, and put back in later (e.g. if  the board was shared with Group X, and Dave was removed from X, he would not be able to see the board until added back into X)

I understand it's not in a log.  I was able to get a lead on a method that might work in certain circumstances.  It involves restoring backups of the database, and trolling the last-visited information for the users.  This might provide the information we need IF the user did it in the normal way, IF it was the last time that they visited, and IF the backup happened to catch things at the right time.  That's too many IF's for our current situation, but IF the circumstances happened to be just right there might be circumstantial evidence that things changed when someone went to the appropriate page.  In the end we elected not to pursue that course of action.  For this instance it was not worth the work required, especially given the uncertainty of success.

Thanks for providing information.

You could also try searching for the board id and "RapidBoard" in the Tomcat access logs in the jira.home/logs directory

Thanks Matt.  Unfortunately that did not reveal the specifics we need.


Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 27, 2018 in Portfolio for Jira

Introducing a new planning experience in Portfolio for Jira (Server/DC)

In the past, Portfolio for Jira required a high degree of detail–foresight that was unrealistic for many businesses to   have–in   order to produce a reliable long-term roadmap. We're tur...

2,411 views 15 19
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you