While assigning a user to a project role restrict the user list based on added project role

Natalie Lang December 20, 2015

Hi,

Has anyone a suggestion how this requirement can be achieved?

While assign a user to a project role the system should show only the users from already selected group which is assigned as project role.

Reason: we have more than one different user groups. Because of that our project settings (permission schemes, notification schemes, workflow, project groups etc.) are also based on these different user groups.

Note: as we have more than one different user Group, we cannot restrict the users and groups through global permission.

Thank you in advance.

3 answers

1 vote
Natalie Lang December 20, 2015

Hi Nic,

Thank you for your feedback. 

Actually the requirement is, that we want to restrict the different projects and permissions for each user groups and the Project-Administrator.

Since a group should not see the projects and their settings from the other group, we are working with different predefined user groups / project roles, permission scheme, workflows and notification schemes. 
In Addition to that we are using (or planing to use) the atlassian Plug-In "Delegated Project Creator for JIRA" and assigning in this way the project creation permission to the selected groups/person. With this plugin we are defining the various Project templates with their own settings and we can also restrict the templates based on the User-Group. So far everything is working well.

As we are working with the project roles, there are no need to add any individuals to the project. The only thing is, if we have to add an additional person as project role admin. In this case, if the project administrator browse the user list, then he/she should see the users from already assigned project roles only.

I hope I was able to describe the requirement a little clearly and would be happy about a suggestion.

Thanks.

0 votes
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 20, 2015

I think what you're saying is that you want to limit the people in "project administrator" role to just people who are included in the project already?

JIRA permissions are not that granular.  If you can do project administration, then you can add anyone or any group to the project in any role.

(There's also a massive logical problem with that idea - what happens if, as an admin, I add a group, then add someone from that group, then remove the group again?  I've bypassed your rule completely, so you've now created a need for another new chunk of code to automatically remove people)

The short and simple answer is that you need to train and trust your project administrators.  Most of them won't add unwanted people to project admin anyway, there's little or no reason for most of them to do it.  Engineering a complex set of code and rules to try to block behaviour that could easily be trained for is overkill and would reduce the usability of JIRA too (which, for admins, is a nightmare already)

0 votes
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 20, 2015

That's not going to have any effect whatsoever, and just breaks the idea of adding users to a role.

Think of the most simple case - you add a group to a role.  The users in that group are now in that role.  You don't need to add them to the project as individuals as they're already in the role because they're in the group that's in the role.  You'd be limiting the admins to only adding people who are already there, so it's utterly useless.

The schemes you mention do not differentiate between users or groups in roles either, so you're basically asking for something that would have absolutely no effect.

I think you need to go back over your schemes and make sure you understand how they work.

Suggest an answer

Log in or Sign up to answer