I've got a number of projects in an OnDemand instance 3 of which I want to limit the viewing of by one particular user. I've created a second permission scheme for 'external' and have applied that to the project I want to be viewable by this user. The 2nd permission scheme includes a user grouping called 'external' which I have added to particular functions.
However, as the user remains a member of the user group / project role "users" (which is used in global permissions to allow logging in/out etc they are still able to see all 4 projects.
How do I limit this one user to be able to see one project only (whilst still allowing them to log in)?
A users can view a project only if he has the browse project permissions.
So first thing i would like you to check is who is added to the browse project permission.
That one user is able to see all issues in that project is because either he directly added to the browse project permission or a group is added to that permission of which he is a member.
My recomendation would be transfer group based permission scheme to project role based permission scheme. e.g. you add project role - Users to the browse project permission scheme. This way everytime you need to restrict visibility of your project all you would need to do is add/remove that person from project role - Users. No need to touch the permission schem every time.
You need to separate out the "can log in" permission completely. You're nearly there by the sound of what you've said so far.
Go into global permissions and look at what group or groups are given "jira user". The default is a group called "Jira users", but you may have changed that, so it's worth checking. Once you know what group(s) you've got in there, you will have to do two things
1. Remove it from ALL "browse" permissions in ALL of your permission schemes.
2. Work out a different way to grant "browse" to all your existing users (Except this new user who shouldn't be able to see your private projects). One way is to have a group like "internal users" that you add to the roles as appropriate, another is the manual slog through adding individual users, and so-on
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG