Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to restrict a group or user from performing a particular transition in a workflow

bhushan
bhushan
Contributor
October 6, 2023

Hi Team,

I would like to restrict a group or user from performing a particular transition in a workflow.

If my workflow has  'To do' 'In progress" and 'In review' statuses, The user or group can perform transition from 'To do' to 'In progress' but not from 'In progress' to 'In review'.

Please share your suggestions.

Answer
Watch
Like Be the first to like this
1714 views

9 answers

5 votes
CEDRIC DEVAUX
CEDRIC DEVAUX
Contributor
October 6, 2023

Hi,

 

The solution is:

  • Create a group without peoples are not allowed to transition from "In Progress" to "In review"
  • Add a condition to allow transition with the group previously created

Or alternative solution, you can use also project role:

  • You add people in the project role to allow transition
  • In the workflow, you add a condition based on project role

Cedric

Reply
3 votes
Aaron Morris
Aaron Morris
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 6, 2023

As others have already answered, this is not possible off-the-shelf.  You must use a third-party app to create a negative condition that prevents a specific user group from transitioning.

In addition to the suggestions from @Rezgar Cadro _Totem Dev_, I will add Jira Miscellaneous Workflow Extensions (JMWE) to the list of options.  I believe it is slightly less expensive than some of the others.  In JMWE, you can create a User Condition that uses a custom expression to create a negative restriction:

!user.groups.includes("my-group-to-restrict")

The completed condition looks like this:

JMWE - restrict user group.png

 

And here's a Scribe I created with step-by-step screenshots.

View More Comments
Aaron Morris
Aaron Morris
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 6, 2023

To answer the question less directly, I would avoid this pattern.  In my experience, it can be more problematic (less maintainable, harder to troubleshoot) than explicitly allowing users, groups, and project roles.

So, if you have the flexibility, I would design a permission scheme based on groups or project roles that explicitly allow the transition rather than disallow it.  This would be easier to maintain, and you can stick with Jira's native conditions.

A common difficulty with the negative pattern is that you can have users assigned to multiple groups.  So, for example, suppose we implement a condition that prevents "User Group B" from completing a transition.  If a user is assigned to both User Group A and User Group B, they will be prohibited from the transition even though their membership in User Group A would otherwise allow it.

But of course, I have no context about your use case, so I don't know if this problem is relevant to you. ;-)

Like
Reply
3 votes
Thorben _SPIEGEL-Gruppe
Thorben _SPIEGEL-Gruppe
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 6, 2023

Hey, 

you can only allow users or groups to perform a transition. Restrictions aren't possible. This meens if just some of your users should only be allowed to execute certain transitions these need to have a "User in Group" of "User in Projectrole" etc. condition. For details, check the documentation:
https://support.atlassian.com/jira-cloud-administration/docs/configure-advanced-issue-workflows/#Conditions 

Reply
1 vote
Rezgar Cadro _Totem Dev_
Rezgar Cadro _Totem Dev_ October 6, 2023

While you can't do that with built-in workflow conditions, here are a few options:

  1. With built-in Jira Automation you can detect transitions from unauthorized users, roll them back and e.g. send a notification. 
  2. [Add-on] With ScriptRunner you can create custom workflow conditions with custom logic,  e.g. that checks the calling user's groups and prevents the transition (how to)
Reply
1 vote
Hariharan Iyer
Hariharan Iyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 6, 2023

You can Edit the Workflow and add a Rule to do this as mentioned here - https://support.atlassian.com/jira-software-cloud/docs/add-or-remove-workflow-rules-in-team-managed-projects/

 

Specifically, you'll be looking for this type of rule - "Restrict who can move an issue"

Reply
1 vote
Natali Afouxenidis
Natali Afouxenidis
Contributor
October 6, 2023

Hi, you can add conditions on a transition to control whether it can be executed by a user or groups. Have a look here: https://support.atlassian.com/jira-cloud-administration/docs/configure-advanced-issue-workflows/

Reply
1 vote
serkan_sezer
serkan_sezer
Contributor
October 6, 2023

Hi, In the data center version, you can try the "just run this migration" features in the conditions tab of the workflow

Adsız.png

View More Comments
bhushan
bhushan
Contributor
October 6, 2023

we are on Jira cloud and thanks for the response.

Like
Igor Dugalic
Igor Dugalic
Contributor
October 6, 2023

It's the same in Cloud.

Condition -> User Is In Any Group (Condition to allow only users in a given group to execute a transition.)

Like
bhushan
bhushan
Contributor
October 6, 2023

User Is In Any Group (Condition to allow only users in a given group to execute a transition.)

This condition will allow particular group to execute transition but not restrict the group

Like
Igor Dugalic
Igor Dugalic
Contributor
October 6, 2023

But you can add all the groups except the one that should not execute it.

Like
Reply
1 vote
Tomáš Vrabec
Tomáš Vrabec
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 6, 2023

Cloud? Data Center? Any plugins available or pure Jira? Please fix your question :-) 

View More Comments
bhushan
bhushan
Contributor
October 6, 2023

Cloud and pure Jira :)

Like
Robin Stemmers
Robin Stemmers
Contributor
October 6, 2023

Hi All

If I read this correctly, I would update the workflow with an new status with that status linked to a group.

Let me know if you need mor of an explanation.

Like
Reply
0 votes
Christopher Maxwell
Christopher Maxwell
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 6, 2023

Hi Bhushan,

You've got some good answers here. Only thing I would add is to make sure you are not using Simplified Workflow and are instead using Jira/Customized Workflow?

https://support.atlassian.com/jira-software-cloud/docs/use-the-simplified-workflow/

https://www.linkedin.com/pulse/simplified-workflow-vs-customized-jira-software-savio-david

 

If you are using customized workflow, you can add a condition to every transition that you want to restrict. For example, using the "User is in project role" condition:

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events