Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

limit editing permission, to certain groups, for a particular Issue type

Jenny Chen
Jenny Chen February 7, 2020

I have a question regarding some JIRA functionality and is hoping you could help me.

Is it possible in JIRA to set up permissions, I can have a Group/users only that can edit(add/remove) Watchers for certain issuetype. the group/user is read only on field Watchers for other issuetypes.  That way the group/users have different permissions per issue type on field Watchers or Custom Fields.

Does it work for field Watchers per issuetype? I have created different workflow per issuetype, what property to each status of the workflow to be added to make it work, something may like

jira.permission.managewatcherlist.group=some-group 

 

Thanks

Jenny

Answer
Watch
Like Be the first to like this
1442 views

1 answer

1 accepted

0 votes
Answer accepted
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 10, 2020

There are a few different techniques to control who can edit fields. A common one is to not have any fields in the "Edit Screen" for an issue, and instead use a transition that pops up a transition screen to edit the issue. You can then control access to the transition more granular then you can general edit rights. (There are other methods as well, using scriptrunner or Power scripts, for example)

However, watchers are a different beast.

There is specifically a "Manage Watchers" permission in the permission scheme,

While you can't have different permissions per issue type in the project, you can get creative,

You can assign the Manage Watchers permission to a group (or user) custom field value. ie, have a custom called called. "Allowed To Manage Watchers." You can then control who is allowed to edit the contents of that field. If a user/group gets added to that field, they are then allowed to manage the watchers.

Finally in your workflow in the create transition, you can populate that field.

Its not the most straightforward solution, but it would work.

View More Comments
Jenny Chen
Jenny Chen February 10, 2020

Hi Andrew, Thank you very much for your help.

Should I use post-function workflow in the create transition? I set a group ""Managewatcherlist" in  a "Manage Watchers" permission in the permission scheme, In script I add the user to the group "Managewatcherlist" to control who has "Manage Watchers" permission.  the custom field "Allowed To Manage Watch" has the user as default value. 

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.user.ApplicationUser

def groupManager = ComponentAccessor.getGroupManager()
def user = (ApplicationUser) ComponentAccessor.getCustomFieldManager().getCustomFieldObjectByName("Allowed To Manage Watchers").getValue(issue)

def group = groupManager.getGroup("Managewatcherlist")

groupManager.addUserToGroup(user,group)

ERROR [workflow.AbstractScriptWorkflowFunction]: *************************************************************************************
ERROR [workflow.AbstractScriptWorkflowFunction]: Script function failed on issue: null, actionId: 1, file: <inline script>
java.lang.NullPointerException: Cannot invoke method getValue() on null object
 at Script75.run(Script75.groovy:5)

Can you please check and let me know how to populate that field? 

Thanks,

Jenny

Like
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 11, 2020

I'm not a scriptrunner user so I wouldn't be able to help you with that.

However, I think that is the wrong method anyway. Changing the membership of the group is not the way to go, as the group is shared across tickets, as you update the members of the group, you will change who can access all the tickets.

Lets keep this simple

Make a custom field of type "user picker" that is called "Users who can Manage Watchers"

In your permission scheme, set the Grant the "Manage Watchers" permission to the "User Custom Field Value" to "Users who can Manage Watchers"

(You may need to hit "show more" in the grant permission window to see it.

showmore.JPG

 

showmore2.JPG

 

Then in the postfunction of your create transition, set the list of users in the "Users who can Manage Watchers" custom field to the list of users who can edit.

Like
Jenny Chen
Jenny Chen February 11, 2020

Hi Andrew, Thanks a lot, it works! Jenny

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events