I've searched for previous questions about this topic here, but most are quite old or unanswered, and our approach to how we're managing users in JIRA is a bit different than the other people who have asked the question before.
I want to have a bit more control over sharing options in regards to filters and dashboards. Ideally, we'd like to give users the ability to share filters with other individuals (not just the options for "everyone," "groups," and "projects" when configuring filter/dashboard permissions), as well as limit the options for sharing filters/dashboards and groups (i.e. remove the options for "everyone" and "groups," leaving only "projects" as an option).
We're going to be using JIRA to manage many different clients - all users will have an account, so anonymous/external users aren't a concern here (we've set up global permissions as such so that no external users can access anything at all). However, we don't want any risk of our clients seeing each other's project data, but it's okay for our internal users to see other client information. As a brief overview, this is how we manage users and user permissions:
In our own JIRA testing, we've confirmed that if a user doesn't have permission to view a project, then he or she can't see the issues within a shared filter. So, if a filter is shared with "everyone" or "group," that user can only see the name of the filter, the name of the owner of the filter, as well as with who that filter is shared. However, we don't even want our client users to see this information about filters intended for use on other client (or our own internal) projects.
From my research to see what we can do here, I don't think what I'm trying to acheive here is possible via default JIRA in admin management. Looks like we either need some add-on or custom development to acheive this.
Thanks for your help and time in advance!
Users can only selected projects, groups and roles that they are members of for sharing. Wouldn´t that be enough? You probably see all of them because you are a member of "everything"
Just try it with a restricted user...
Thanks for your answer, Thomas. We have tried as a restricted user - the thing is, we have all of our client users (no matter which client it is) in one single user group. It's much easier for us to manage user permissions for all client users this way. Since that's the case, they have the options of sharing with "everybody," "group," and "project." If they share with everybody or group, any other user can see their shared filters/dashboards. Sure, those users can't access the actual project or issues in projects to which they aren't assigned, but they can see the name of the filter and the owner of that filter, and we don't even want that much visibility between our clients.
I think you need a two-part fix:
As a result, a client could share a filter/dashboard with their project or project role, All your internal users could view it, but no other companies could.
I found this link with information about editing the sharing options, and it says it's confirmed up through 6.3: https://confluence.atlassian.com/jirakb/how-to-remove-the-everyone-share-option-from-filters-boards-301663662.html
See how to use Jira on the go! Demo Den Episode 5 is here: meet Jira Mobile with Jira Product Manager Rayen Magpantay. Demo Den is in our monthly series where a Jira PM demonstrates...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events