Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Limit the list of projects when creating an issue

Hi

I want to configure that a certain group of users has only access to specific projects (in jira cloud).

I've used following guide to accomplish this: 

https://confluence.atlassian.com/jirakb/how-to-restrict-project-access-to-different-isolated-user-groups-290750862.html

 

After this the group of users can only browse their projects, which is ok.

However, when creating a new jira-issue, the user can still see all project in the listbox of available project. This is not wanted of course.

 

Could you please explain me how to restrict the listbox of projects ?

2 answers

Check all your permission schemes, looking at "Create Issues" and who/what that's granted to. Just now, in my own instance I found a few permission schemes giving access to any logged-in user, and others granting access to users with application access. Correcting those permissions -- even against schemes used by other projects -- did the trick. Now my users in one project may only create issues within one project. 

Hi @Luke Brothers Do you mean you give access to "any logged-in" user? could you please further explain on the above how you did the trick to restrict user to create issues within one project (that he /she was not given access to), so that the user would not be able to create issues in the projects that they are not granted permission to. (though they are still able to see the list of projects in the project field). Thank you so much in advance. 

Hi @Yi Voon Phan I don't believe I have users who can view other projects but only create issues in some specific projects. I needed to limit the projects users could see when creating issues. I accomplished this by opening all permission schemes and ensuring the "create issues" permission was accurate. I found that some permission schemes uses by other projects were giving all users permissions. So...even though these other permission schemes weren't used by my particular project they still allowed users access to other projects. 

0 votes
Fadoua Community Leader Feb 09, 2018

Hi Joost,

If you remove the users access to the projects you don't want them to see, they will no longer be able to see them on the list of projects.

Browse permission will be the first one to check.

I don't understand. 

 

All my other projects have another security sheme in which is defined that only another usergroup may browse.

 

For example : 

given : 

  • usergroups : A and X
  • projects A1, A2, B, C, D

 

  • usergroup A may only have access to projects A1 and A2
  • usergroup X can have access to all projects

 

I've configured :

  • security schema "for usersgroup A"  with browse-permission set to "usergroup A". I've associated this schema to projects A1 and A2
  • security schema "for all other users" with browse-permission set to "usergroup X". I've associated this schema to projects B, C and D.

 

When a user from group "usersgroup A" creates an issue, he still can see project B in the listbox of available projects.

 

I hope this helps to understand my problem.

Fadoua Community Leader Feb 09, 2018

Ok thank you for the details!

Issue Security applies to issues not to projects. Users can still see the projects on the list but shouldn't be able to browse issues inside the project.

So could you please provide a step by step instruction on how to accomplish my needs?

Sorry the link I provided is for JIRA server not Cloud

Fadoua Community Leader Feb 09, 2018

The Browse Permission is the only one that removes the projects from the list. Since you have Issue Security added to the project it is taking over.

let me ask other champions.

There's a quirk here that I think we're missing.

This is going to sound very odd, but it comes out of two things - the code is easier, and it gives you a flexibility that some (rare) cases need.

I think you've got the security and visibility of existing issues right, and I think you understand it in full.

The confounding problem is that "create" is not the same as "browse".  Us humans would instinctively think "if I can't see a project, then I can't do anything with it, so it should be invisible".  But, hard Vulcan logic does not do that unless you explicitly state it, and Jira does not state it.

So, if you grant someone the right to, let's say, edit issues in a project, then they can technically edit the issues, even though they can't see them.  Jira blocks that accidentally though, because in order to ask you what you want to change, it needs to tell you what is there, so as you can't see it, you can't do it.  Most actions on issues fall into this category.  Even though you might have permission to edit/delete/log-work/schedule issues, it gets blocked because you can't see it.

But, with "create issue", that does not happen.  There's nothing to see, so Jira does not accidentally block it.  It goes "yep, you can create this".  And then tells you that you can't see what you just created.  And, if you can create an issue in a project, then that project is offered to you on the project selection on the create menu and screens, because you can create!

So, what you want to do is modify the project permissions so the users without "Browse" don't have "Create" either.

(Before you ask for an example of where it useful - HR complaints against other individuals, compliance reporting and whistleblowing - you sometimes want to report something once and hide it from everyone, including the creator)

Like # people like this

Hi Nic

Thanks for the feedback. So do I understand correctly that this is expected bevhaviour, and no solution/workaround is available ?

 

Please keep in mind that we are using Jira Cloud. 

It is expected behaviour, there is no "work around" because there is nothing wrong.

You just need to alter the permission schemes to limit the projects in which your users have "create", similar to what you did for their browse permissions.

That's just the problem ... In my permission-scheme I already configured that the "create issues" permission is limited to the specific user-group. I also tried to configure with a specific project-role. But nothing seems to limit the available projects in the listbox when creating a new issue.

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you