I'm trying to lock down certain parts of JIRA using permission schemes, and I'm unclear which project permissions allow you to interact with a project that you cannot browse.
With some testing, I've found that the "Create Issue" permission will allow a user to create an issue in a project (and, by extension, view the list of components and versions in that project) even if the user does not have permission to browse the project.
I can see a comprehensive list of project permissions in Managing Project Permissions, but I can't find an authority on which permissions are still (wholly or partially) effective without being able to "Browse Projects".
Anything related to an issue (like Edit, comment, move etc) are dependent on "Browse" issues because a user can do those only if they can see the issue.
Anything related to the project (Administer, Create only these two if I remember correctly) are not dependent on "Browse".
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot