Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Restricting access of users

Andreas Gschwari
Andreas Gschwari September 25, 2019

I have set up 2 projects in my Jira and I want 2 different groups of people to see each project and not have access to the other one. 

We are a publisher, so we have several devs working for us and obviously I can't have one developer see bugs/details of another developers project. 

I have done the following: 

- Invited Developer A to Jira

- Added Developer A to a specific Group 

- Added Developer A to their project within Jira

 

The problem I have is that Developer A can see a second project I have set up, despite the fact that I have not added him to that second project (it's a test at the moment, so not a big deal). Why can he see that project, despite me not having added him? How can I restrict people to their projects only? 

I have tried to read up on lots of answered questions here and documentation, but it's incredibly convoluted and does not make a whole lot of sense right now.

Answer
Watch
Like Be the first to like this
1280 views

3 answers

1 accepted

2 votes
Answer accepted
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
September 25, 2019

First, by default JIRA has a horrible permission scheme that violates security best practices by allowing everyone that can logon to do just about everything.

JIRA works by GRANTING access. You can't restrict access. By default, it grants access to the group used to logon (see Global permissions to see the "can use" groups and admin groups).  This is where users are getting their access.

  1. The FIRST thing you need to do to get control is to remove any groups with logon privileges from the permission scheme unless you absolutely want everyone to have that permission.
  2. Then I suggest you setup Project Roles for the various functions like, tester, QA, Browse Only, etc.
  3. By using project roles, one permission scheme will cover all projects. The project admin controls project role membership
  4. If the project leads want everyone that can logon access to the project they can add the logon group to a project role with the desired permissions.

This may be a big effort, but it will pay off down the road by making it easy to control access.

Most of the 'old timers' use project roles. It meets the best practice for security and gives complete control to the project lead for access to their project. JIRA comes with many project roles, but you can add more if you have a special need.

Reply
0 votes
dinis brazão
dinis brazão December 30, 2019

Hi. this is not an answer - just another doubt - This way, all users can still see the projects they are not envolved with. They cannot see their issues but they still see a lot of projects and I don't want that. How can I set this so that a user only sees listed the projects he has access to?

View More Comments
Joe Pitt
Joe Pitt
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 31, 2019

If they can see them the permission scheme is giving them access. JIRA doesn't restrict access, it gives access. However by default it gives it to everyone by giving it to all users that can logon. The out of the box permissions are junk. You need to rework them as @Michael Wohlgemuth and I said above. Next Gen projects I believe have a public/private setting if you're using them. I don't.  

Like
dinis brazão
dinis brazão December 31, 2019

I cnahed the 

Default software scheme

so that only users who have an administrator or a deeloper role in the project can do stuff there (or browse projects).
All my projects are using that scheme.
Still, all users are able to see the projects list (then, they don't see the tasks when they open projects where they don't have a role). But they are seeing the projects list as well as seeing the boards' listing.

Like
Reply
0 votes
Michael Wohlgemuth
Michael Wohlgemuth
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 25, 2019

Hy @Andreas Gschwari 

you need to adjust the project permissions.

For a start, change the "Browse Projects" permission to a project role (or a group), then add a user to that project role (or group). Users not in this role (or group) should then not be able to view any issues in the project. 

regards

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events