It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Restricting access of users

I have set up 2 projects in my Jira and I want 2 different groups of people to see each project and not have access to the other one. 

We are a publisher, so we have several devs working for us and obviously I can't have one developer see bugs/details of another developers project. 

I have done the following: 

- Invited Developer A to Jira

- Added Developer A to a specific Group 

- Added Developer A to their project within Jira

 

The problem I have is that Developer A can see a second project I have set up, despite the fact that I have not added him to that second project (it's a test at the moment, so not a big deal). Why can he see that project, despite me not having added him? How can I restrict people to their projects only? 

I have tried to read up on lots of answered questions here and documentation, but it's incredibly convoluted and does not make a whole lot of sense right now.

3 answers

1 accepted

2 votes
Answer accepted
Joe_Pitt Community Leader Sep 25, 2019

First, by default JIRA has a horrible permission scheme that violates security best practices by allowing everyone that can logon to do just about everything.

JIRA works by GRANTING access. You can't restrict access. By default, it grants access to the group used to logon (see Global permissions to see the "can use" groups and admin groups).  This is where users are getting their access.

  1. The FIRST thing you need to do to get control is to remove any groups with logon privileges from the permission scheme unless you absolutely want everyone to have that permission.
  2. Then I suggest you setup Project Roles for the various functions like, tester, QA, Browse Only, etc.
  3. By using project roles, one permission scheme will cover all projects. The project admin controls project role membership
  4. If the project leads want everyone that can logon access to the project they can add the logon group to a project role with the desired permissions.

This may be a big effort, but it will pay off down the road by making it easy to control access.

Most of the 'old timers' use project roles. It meets the best practice for security and gives complete control to the project lead for access to their project. JIRA comes with many project roles, but you can add more if you have a special need.

Hy @Andreas Gschwari 

you need to adjust the project permissions.

For a start, change the "Browse Projects" permission to a project role (or a group), then add a user to that project role (or group). Users not in this role (or group) should then not be able to view any issues in the project. 

regards

Hi. this is not an answer - just another doubt - This way, all users can still see the projects they are not envolved with. They cannot see their issues but they still see a lot of projects and I don't want that. How can I set this so that a user only sees listed the projects he has access to?

Joe_Pitt Community Leader Dec 31, 2019

If they can see them the permission scheme is giving them access. JIRA doesn't restrict access, it gives access. However by default it gives it to everyone by giving it to all users that can logon. The out of the box permissions are junk. You need to rework them as @Michael_Wohlgemuth and I said above. Next Gen projects I believe have a public/private setting if you're using them. I don't.  

I cnahed the 

Default software scheme

so that only users who have an administrator or a deeloper role in the project can do stuff there (or browse projects).
All my projects are using that scheme.
Still, all users are able to see the projects list (then, they don't see the tasks when they open projects where they don't have a role). But they are seeing the projects list as well as seeing the boards' listing.

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you