Unable to access Jira with newly created Permission Scheme

Uzma Kazmi June 20, 2012

Hi All

Trying to setup a new permission scheme to ensure an external supplier can access the relevant project only. I have followed the instructions provided to manage project permissions and project role membership, but as soon as i remove the default permissions scheme the user is unable to login to Jira. When both schemes are added the used has access to all projects.

Any help will be greatly appreciated.

Kind Regards

Uzma

1 answer

0 votes
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 20, 2012

There's two things to check here.

First, go into Admin -> global permissions. Here, you need to look at "who can log into Jira" - that determines who can log into the system, and is usually set to "jira users" (and admins, of course!)

Secondly, there's the permission scheme for each project. I suspect you've actually got most, if not all, of this right, but you've stumbled into the usual trap and used the default of "the group called jira-users can do things"

The thing I'm going for here is that I suspect you've accepted the (annoyingly bad) defaults and accidently mixed up "can log in" with "can do stuff" groups. I'm afraid you'll need to unpick jira-users from your permissions scheme (ideally, set up the group jira-users to do *nothing* other than "can log in").

Uzma Kazmi June 20, 2012

Unable to see Global permissions, so have logged a support request.

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 20, 2012

Oh, bother, OnDemand again, I'm sorry, I didn't notice that.

I think that's all done to off-the-shelf setup, so I suspect they'll simply ask you to remove jira-users from all your permission schemes. (This isn't actually a bad thing, worth dealing with now rather than later - I always recommend having a group for "can log in, but do absolutely nothing else" so you can have confidence in your permissions)

Suggest an answer

Log in or Sign up to answer