I would like to make a group of users that have read only access to all JIRA project. I have found an outdated link that talks about this, but it seems to only be relevant for JIRA 5 and I am using JIRA 6.
How do you create a group, that I can ad users to, that has read only access to all JIRA proejcts in JIRA 6?
It's pretty much the same in version 6 as it is in 5.
You need to create a new group then change the permission schemes to grant it "browse project". Start at https://confluence.atlassian.com/display/JIRA/Managing+Users
The group "read only" is doing what you expect. But it does not grant the right to log into Jira - that is handled by putting people into "Jira users". But, you don't *have* to use "jira users", you can add one or many groups to the "can log in" permission.
I suspect the most simple approach for you is to put "read only group" into "can log in" alongside "jira users" (Admin -> Global permissions). The downside with that is that ALL new users are automatically added to ALL groups in the "can log in" section, which might not be what you want
You can ignore workflow conditions in the later versions of Jira. In 6.2 and below, I used to have to tell everyone "if you do not put conditions on your workflow, then ANYONE can use the transitions", but Atlassian have finally added a new permission of "can use transitions" which now protects transitions from anonymous usage.
If your jira is not open for anonimous user - you should add this user to the group that has use jira permission (i.e. jira-users). If you don't want to - you can add the needed group to use jira global permissions (see https://confluence.atlassian.com/display/JIRA/Managing+Global+Permissionsjira users section)
Thanks for the explanation. I think the easiest route would be to add "can log in" permission to my read only group. This would be much more safe than adding them to the jira-users group. (They woudl receive additional permissions I don't want them to have.)
How do I go about adding the "can log in" permission to my read only group? I see the 'Add Permission' section on the "Global Permissions" page, but I don't see a "can log in" option in the Permission dropdown to give it to my group.
No problem, thanks for your help!
I now have my jira-read-only-users setup with global permissions for 'JIRA Users' and 'Browse Users'. However, when I log in, I am not able to see any projects. (I am not even able to see the Projects menu at the top of teh screen. Am I missing another global permission that is needed?
I have only made the following changes to my jira-read-only-users group:
* Added jira-read-only-users to the Global Permission 'JIRA Users' and 'Browse Users.
* Applied a premissions group to a given project that give jira-read-only-users access to 'BOrwse Proejcts'.
* Created a user and only assigned them to he jira-read-only-user group.
However, I am still able to change the workflow status of an issue to my user added to the jira-users-read-only group. Any other ideas?
Ok, it's just the move of issues through the workflow that you can do with your read-only user?
That's a common oversight by new Jira admins (and it's improved in the latest couple of versions of Jira). You haven't put any "conditions" on the workflow transitions. Jira doesn't do it by default, so admins have to remember to add them as they build a workflow. Even the most simple one of "user must be in the role of user" is not there by default.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG