I was asked for creating a new Jira project. I created it but as far as I know I have to create and assign a proper permission profile which will limit the access to this profile, because the default permissions profile allows everyone to access anything in the entire organization. Is this right?
Furthermore, the project owner can invite people to access the project - this is why I don't understand how it should be configured properly.
It's a little more complex than that. You need to look at two things.
First, there is the "permission scheme". This is a set of rules that says who in your system can do what with a project. It does not usually refer directly to individuals or groups (it can, but we strongly recommend that you do not do that). It usually refers to jira-roles and dynamic roles.
So, if you have a look at the default permission scheme you will find it says things like "Browse: role users", "Log work: role developers" and quite often people will do things with dynamic roles like "Log work: assignee" (which allows the current assignee to log work while it is assigned to them).
The second part of it is to understand the roles. These are collections of people in the project, either individuals or groups. You have to look at the project to see this, and yes, this is where a project administrators (often, but not always the "owner") can add and remove users and groups on the project
In the default permission scheme, you have a rule "Browse: role users". By default when you create a project, JIRA will drop a group like "jira users" into the role of "users". The jira users group is usually "everyone who can log in", so the default is to let everyone into the project.
I usually recommend at least changing the default add of any groups into roles (under admin -> groups) so that no-one is added automatically. Then I usually set the permission scheme so that the "project lead" has "project administration" and then let them choose who they want to add to users, developers and other roles.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG