I have Jira OnDemand. We are helping two companies integrate their products and neither wants to track bugs against their development efforts. I want to create a private project for them, and us to create issues. External parties are outside our domain so they can only have access to the specific Project/Issues.
Remove the "jira users" group from all your permission schemes.
Create new group(s) to replace it
Do not put the companies people into groups/roles that would allow them into the projects you want to hide from them.
Standard advice here - do NOT use jira-users for anything other than "can log into Jira". Annoyingly, the default setup breaks this rule immediately.
For more detail, see https://confluence.atlassian.com/display/JIRA/Managing+Project+Permissions
Thx. Still learning the Admin config world of options. We have a bunch of projects, currently being accessed by my engineers. I noticed our global permission scheme give users access to browse all issues.
If I understand you: I edit the "Default Permission Scheme" and delete the Users ability to "browse projects." Essentially blocking all existing Users visibility too temporarily, but can go back in and add them to the Project(s) 1 by 1. For future users, they become "users" with NO access to any projects until I add them by project name. right? Kinda?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, that's broadly correct.
How I would actually approach the re-adding is to all the ROLE of "users" to have "browse projects". Then you can add your users into the project on a project by project basis, while reusing the same permission scheme. Or if you need to do it equally, create a new group and use that in the scheme, so that when a user is added to it, they get access to all the projects using that scheme.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I'm catching on. I thought maybe I could keep an open global permission scheme, then just "block" or "restrict" specific User's access on a project by project basis. 90% need access to all, only 10% need access to only 1 project. I'll keep playing with it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.