Hello Guys,
Sorry if this has been discussed over and over again. I have actually read the documentation and I seem to be lacking some understanding. I created a project A. The project is a procurement project to which I have added only administrators and Finance groups As shows below
I have created some project roles as well shown below
I have copied the default permission scheme and assigned the copied one to the Procurement project. To my surprise, everyone can see all the projects regardless of group added under the people section of the project. This has confused me really. So with more readings, I am thinking I need to edit the permission scheme to use.
While editing the permission scheme, at the view project section, I am not sure of what to use. The intention is that only allowed people in the "people" section of the said project should even see the project. So what is the generic way of saying here that only members of the project should see the project?
Thanks for reading and thanks in advance for all your answers.
The access model has not changed since Jira 3.6, although some of the default groups did change with Jira 7.0. Best practices for security purposes is to only give users what they need. JIRA uses the Grant model which supports this, not a ‘restrict’ model,
The principle is:
The problem most new users have traces back to Atlassian’s default settings of allowing the "group of users that can log in and use an application", permission to everything in a project. This ends up meaning "can use application" becomes "can log in and see everything"
So, you need to delete that group from all the permission schemes. If you do that right away life will be much easier. In your screenshot it is the 'any logged in user'
Didn't I write that?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
mostly.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I don't feel so bad for stealing your "don't allow delete" paragraph now. :-)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Joe,
Thanks for your time and your answer. I appreciate. Sorry for the delay in replying.
I have not seen anything yet call manage application yet in jira cloud. So a wild guess would be either "Site Administration > Application access" as shown below
Or another guess is "Jira > settings > Applications" shown below
Ultimately , I have seen in "Site Administration > Applicaiton Access > view configuration button" a list of group, so I created a group called DreamTeam and make it the default "can sign in" group
I also have not seen in project roles how to make one a default project roles. So I went back to the permission schemes all the 3 projects are using and assigned the browse projects to a role "Regular Member" and this role has no members. I am not sure at this point if we are on the same page
If we are on the same page then , I will go on and change required permission to be granted to project role regular member
thanks again
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.