• Community
  • Products
  • Jira
  • Questions
  • I see that the Project Permission "Administer Projects" includes the ability to manage project ROLE membership. How can I remove that specific permission?

I see that the Project Permission "Administer Projects" includes the ability to manage project ROLE membership. How can I remove that specific permission?

I see that the Project Permission Administer Projects includes the ability to manage project ROLE membership. How can I remove that specific permission? We want all our users to be able to manage Versions and Components for our projects, but we do NOT want them to administer ROLE membership.

1. How can we give them the Version & Component rights WITHOUT giving them the Role administration rights? Can the Administer Projects rights be edited/changed or can a different Project Permission be created that contains the Version & Component rights but does NOT contain the Role rights?

2. Why are these rights all bundled into a single permission? Roles are very powerful and a typical user could easily mistakenly grant access to the wrong people or groups via the Roles administration screen. It doesn't seem to make sense to bundle this right with the typical project administration rights like Versions and Components.

Thanks,

Susan

4 answers

This widget could not be displayed.

A suggestion to accomplish this would be for each project to use their own permission scheme, where the permissions are granted to groups (projectA-devs, projectA-users etc) , and the names of the groups are then assigned appropriate permissions in the scheme. Your workflows would also need to not use role, but use the "has permission" condition instead. Project admins could still modify roles, but that would have no effect on anything.

This would be very cumbersome to maintain, but, without source hacking, I think this is the only way to accomplish it.

Roles are probably the biggest feature since jira 3.7 in terms of decentralising control and support... I'd consider educating your users maybe before trying to disable this.

This widget could not be displayed.

Roles are powerful and beneficial to project admins - you don't have to make cumbersome or frequent requests of your JIRA Admins in order to control project access. As Jamiementioned, this decentralization is key to providing more control at a project level (and typically makes project admins very happy). 

Susan, you're mentioning an interesting use case, and without attempting to argue merits either way, another, possibly expedient, option would be to leverage roles in your permission schemes and workflows and publicly document which roles provide what access or specific conditions. Train your staff to reference the documentation and adhere to the standards, and follow-up and provide assistance if needed. Usually, by demonstrating the value of the configuration and providing self-service and support, folks will do the right thing.

This widget could not be displayed.

Please have a look at Version Manager for JIRA plugin. This plugin allows you to delegate create, edit and release of version to user or project role independend from administer project permission.

Best regards
Holger

This widget could not be displayed.

"How can we give them the Version & Component rights WITHOUT giving them the Role administration rights?"


Is it still true that there is no easy way to separate those permissions by default without using a plugin or any of the workarounds mentioned above?

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

97 views 1 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you