When I add an attachment in JIRA, I can see a lock that defaults to "Viewable by all users", but also allows me to restrict the attachment based on a Project Role. It lists two roles: Users and Administrators. I have other roles defined in the system. Can I restrict the attachment based on these other roles? They are not showing up in this restriction list. Ultimately, we would like to restrict some attachments to a role called "Specialists" because these attachments may contain confidential information.
I do believe that the security option is for the comment and not the attachment. There is an existing JRA for this.
The only workaround that I can think of is to dump the attachment to another issue which has the proper permission rights and link the attachment issue to the main issue.
An alternative would be use an external document repository like SharePoint or Subversion and integrate them with JIRA by using a plug-in like DocMiner:
Then you would have a lot of control about document permissions among many other benefits like version control, awesome integration, etc.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG