I honestly read every article in the official help page and in the forum and watched every related video on this topic. Still, I can not produce the desired effect, which is to give certain user, a read-only access to our project in JIRA (which by the way, seems and it should be a very simple task!).
By read-only, I mean the user must not be able to edit, create, comment, etc.
The steps I have undertaken:
1. Created a group for read-only users (Read Only) and have added read-only users to the group (in this case only one of the already created users)
2. In the User Administration at Application access, I enabled Can sign in for the new group
3. I removed the read-only user from all other 'internal' groups such as the default 'jira-users' group, so only jira-read only group has been left
4. I created a Project Role called Read Only and added the group to it
And now the the most confusing for me part:
5. I added the Read Only Role to the project's default Software Permissions scheme
6. I granted permissions to Browse Projects permissions (from the forum I see that this is what users recommend for read-only access) to the Read Only project role
I also tried all kinds of other steps that I found in videos and forums.
Still, every time that I log-in as this user, which is only added to group 'jira-read only', I can edit, comment, create and etc.
When I try the permissions helper and put the user and for example Edit Issues permission name, I get that this user has the edit issues permissions, although he/she are only added to read-only group (for which I have taken all the described in the help page and forums steps to be accurately active)
P.S No one should waste hours of their time just to create a read only access! Also, much of the information in the help pages in not up to date and detailed enough.
Thank you in advance!
Best practice would be to use Project roles for this. By default, Jira offers a set of predefined roles, but you can extend this to match your organisation's needs (for more info, see Atlassian documentation).
Next, you would assign groups (or individuals in rare and exceptional cases) to those roles at project level. Just make sure to exclude your read only users from all edit functionalities.
It might even be a good idea to create a Read Only Role you can then use in your Permission Schemes instead of the Read Only group. It will add more flexibility to your project permissions management in the long run.
Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs