Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Possible to Have Group Permissions (or Issue Security) based on Custom Field Value?

MAG-II
MAG-II May 1, 2018

Hello -

Is there a way to restrict groups in my JIRA project to see Issues based on custom field values? Here's an example for context -

My JIRA project outlines the hiring process of my company. When I upload Issues I select the Job Title (select list custom field) that they are applying for. Within my project are many different users/groups that get assigned Issues throughout the workflow.

Let's say I have selected the Job Title "Administrator" for an Issue I upload. Is it possible to set a permission in that only users within the group "Admin" are able to see Issues with the Job Title "Administrator"? I have been looking into Issue Security Levels, but am getting confused with the configuration. the "Group Custom Field Value" option lets me select my custom field (Job Title), but I am not able to make any configurations/conditions from there.

Please let me know what you think. Thanks in advance.

Answer
Watch
Like Anneleen likes this
1557 views

4 answers

2 accepted

0 votes
Answer accepted
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
May 1, 2018

@MAG-II Part of your confusion may be wording. You say 'A group in my project is "Administrators' Is that a 'group' of users inside the project, which is better expressed as a user role since they are restricted to projects or a JIRA wide GROUP? If it is really a user role I suggest you name the security schemes the same as the roles so the relationship will be evident. 

Reply
0 votes
Answer accepted
Ivan Tovbin
Ivan Tovbin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 1, 2018

Hi Michael,

If I had to do something like this, I'd definately go with Issue security levels. You can configure each security level to only be available to certain users/user groups/project roles/users or groups in a custom field.

That said there's a couple of options here:

1. Use a workflow post function to set a proper security level based on your "Job Title" field value if you select it during issue creation or workflow transition.

2. If your "Job Title" field value can be set or changed at any given time through issue editing then I'd go with a scripted listener, which would listen for "issue updated" event and set your issue security based on your custom field value.

3. If you don't wanna bother with post functions or listeners you can go (provided you have that addon) with Automation rules, which will do the same thing more or less.

Hope this helps.

View More Comments
MAG-II
MAG-II May 1, 2018

Hi Ivan - 

Thanks for the response. I do select Job Title upon Issue creation, and the value never changes. So that's a good thing. Adding a Security Level post function upon Issue creation would work for each Job Title selection.

I am getting confused with the Issue Security configuration. A group in my project is "Administrators". I only want those users in that group to have access to Issues with the Job Title "Administrator". I'm not sure how to configure the Security Scheme/Security Level correctly. 

Would I name the Security Level "Administrators", and then set the Group Custom Field Value to "Job Title"? Or is there a way to set a condition (if Job Title = Administrator then Security Level = Administrators).

My apologies for being ignorant on this topic. Thank you for being patient with me.

Like
Ivan Tovbin
Ivan Tovbin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 1, 2018

Security levels are easy and it consists of two steps:

1) You first create a security level itseft.

2) Configure who has access to that security level.

Please check this documentation for more details.

After you have your security levels set up, all you need to do is add a post function to your 'Create' transition (make sure it goes last, after all other post functions there), and configure it to set different security levels conditionally based on your custon field value. That will probably require a 3rd party addon though, but if you have Scriptrunner or JMWE, then you're golden.

Like
Ivan Tovbin
Ivan Tovbin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 1, 2018

@MAG-II I might be able to give you a hand with scripting if you'd like. Given your use case it's not really too complicated.

Like
Reply
0 votes
Ahmet Kilic _catworkx
Ahmet Kilic _catworkx November 6, 2019

Hi,

I do have the same problem. Additionally I would not show a field which names "Customer Type" to customer, when a customer type of user logged in.

How could be done?

Thanks in advance.

Regards,

Ahmet

Reply
0 votes
MAG-II
MAG-II May 1, 2018

Thanks for the guidance / terminology on Security Levels. 

 

I do have both Scriptrunner and JMWE. I see via a JMWE post function that I can set the value for Security Level via a Groovy condition. I will begin to explore Groovy documentation in order to figure out how to write such a script. Thanks for the help.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events