Natively, the best you can do is set up a kludge whereby the users are blocked from creation - this is ugly because they can still go and start the create process, but then it fails validation, so they've been misled into entering their data only to be told it's not valid.
Add-ons such as the Behaviours function in the Script Runner can make this far better for the users by disallowing options, but still won't protect a determined user.
The only way to do this "properly" are to move bugs into their own projects so that you don't have to allow "create" in the main project for your users, or hack the core code.
![Nic Brough [Adaptavist]](https://avatar-cdn.atlassian.com/053c857b7b2c424c1d3c24a86cb95aa9 "Nic Brough [Adaptavist]"){kind=avatar}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.