Permission Schemes/Project Roles/User Groups

So i have two projects. Two project roles (Project_Admin and Project_User). Created two user groups (users_programA and users_programB).

So I added a user, added him to users_programA user group. users_programA user group has the project role of Project_User.

I have a default permissions scheme that has the project role of Project_User to create, edit, view issues, etc.

When the user logs in, he can create an issue, but then cant view it or anything. Do I have to assign that permissions scheme to the user group and if so, how do i do that?

1 answer

1 accepted

1 vote
Accepted answer

No, permissions are all project related, nothing to do with groups.

It sounds like you have everything set up correctly, but I'd go over it VERY carefully. I.e.

  1. User is definitely in the group users_ProgramA
  2. The group users_ProgramA is definitely in the role of Project_User, in ProjectA
  3. ProjectA is definitely using the default permission scheme
  4. The default permission scheme definitely has Role(Project_User) able to Create, Edit, View etc

(I suspect the problem is line 3 or 4 to be honest)


Are you using any form of "security scheme"? That could break all the generalised stuff above quite spectacularly and it's the only thing I can think of that you haven't mentioned!

Thank you, I will take a look again at what you suggested. I do not have any security schemes

Ok, so following you.

1. User is definitely in group users_programA

2.I go to Projects > ProgramA > People. Project Role Program Users is listed and in that row under groups is says users_ProgramA.

3.I go to Projects > ProgramA > Permissions and Default Permission scheme is showing.

4.If i view the default permission screen, it has the project role Program Users is show on almost everything.

Ok, that's sort of good - you have set up everything correctly. Only thing I really missed is that on line 4, I should have said "check the 'browse' line most carefully" - not too worried about the others, but 'Create' and 'Browse' are the important ones for this question. The check here is not quite that they are the same, but that every user/group who has 'create' is in 'browse' as well (don't care if the 'browse' permission has more users/groups in it, just that everyone who can create, can browse too)

The only other thing to check is that the user is logged in correctly (not anonymous), and doesn't have duplicate accounts mixing it up - get them to click on their profile and list off their user login and all the groups they're in.

If that's all correct, then I'm completely stuck, unless you've got some extra security plugin or something.

Here are some screen shots.

Ah-ha! I think the 3rd screenshot explains it. I would expect you (Assuming David = DavidK) to be able to create and view issues. But I would expect Brian to be able to create issues, and then not be able to see them after he creates them.

It's the "browse projects" permission in the "project permission" section. It's not a good use of English in this screen in my opinion, it should really say something more like "Can browse the issues in this project".

Short answer - I think you need to add "Project Role (project_users)" to the browse permission.

Yup, that did the trick. I thought that meant something else.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

864 views 3 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you