Which project permissions are not dependent on "Browse Projects"?

AL July 23, 2014

I'm trying to lock down certain parts of JIRA using permission schemes, and I'm unclear which project permissions allow you to interact with a project that you cannot browse.

With some testing, I've found that the "Create Issue" permission will allow a user to create an issue in a project (and, by extension, view the list of components and versions in that project) even if the user does not have permission to browse the project.

I can see a comprehensive list of project permissions in Managing Project Permissions, but I can't find an authority on which permissions are still (wholly or partially) effective without being able to "Browse Projects".

2 answers

0 votes
AL July 24, 2014

I've also found that I can create a link to a ticket which I'm not allowed to browse. (If I can browse ABC-123, and I can't browse DEF-999, I can still create a link from ABC-123 to DEF-999 if the "Link Issues" permission has been granted to "Anyone" in DEF.)

0 votes
Jobin Kuruvilla [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 23, 2014

Anything related to an issue (like Edit, comment, move etc) are dependent on "Browse" issues because a user can do those only if they can see the issue.

Anything related to the project (Administer, Create only these two if I remember correctly) are not dependent on "Browse".

Suggest an answer

Log in or Sign up to answer