Security level, users only see own issue (reporter). Not working..

Duco Zitman August 12, 2015

I'm using JIRA Cloud hosted version. We want to setup a security level for a few users. The security level allows these users to only view their own created issues, or when they are assigned to an issue. Now this isn't working, I've followed numerous guides, such as this one, but it's not working. In the end a user can still see all the issues. I'm not sure if this is a bug, or that I'm making a mistake somewhere along the line. I would love for a Atlassian employee to watch along and provide tips and/or confirm if this is actually a bug or not. 

 

regards, Duco

2 answers

1 vote
Jaime S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 12, 2015

Hi, Duco.

Just a little suggestion, instead of using Security Level, you can use Permission Scheme.

All you have to do is change the 'Browser Projects' permission to only allow the 'reporter' to see it. You can add other permissions, like the assignee and the administrators to this permission, so they can also see it (and the administrators will be able to see all of them), as long as groups and project roles that give access to anyone are not there.

This is easier than Security Level.

I hope it's helpful.

Kind regards,
Jaime Kirch da Silveira
Atlassian Cloud Support

Ignacio Pulgar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 18, 2015

@Jaime Silveira In Jira Cloud, as much as I've tested, the permission subject 'Reporter' doesn't seem to work as expected. Instead of referring to "the person who was the reporter of one or more specific issues", it seems to act as a much wider "group of people who have Create Issue permission". Therefore, I think it is not possible to make a user browse only the issues created by himself just through the configuration of his permissions. I read somewhere else that the 'Reporter' subject was changed in order to avoid issues related to recursive reference, like granting 'Create Issue' permission just to the 'Reporter' of that issue; as it would be an issue which does not exist yet, no one could actually create issues with that configuration. Could you clarify this?

Brian Sweet March 23, 2021

@Jaime S Looks like simply adding "Reporter" to "Browse Projects" in a permission scheme did the trick! Thanks.

0 votes
Duco Zitman August 13, 2015

Hi Jaime,

Thanks for your reply and your suggestion. I have a second question:

I've tried searching the documentation but is there a way to let a particular group of users see only x issues based on a certain field. So if field x is chosen, users from group x can only see those issues? And if y is chosen, users from group y can see that? 

Some issues belong to company x, some to y, some to z etc. And I want those issues to be invisible to users of a different company. Could you let me know what the best practice is for this, if possible at all? 

Suggest an answer

Log in or Sign up to answer