section "Issue Links" missing / not shown

Hi there,
I have two projects, on project 1, an issue is "related to" an issue in project 2.
On project 1, as user with admin rights I see the link

On the linked issue "ICL-24", as user b, I don't see the link, but the comment, that it is linked.

what do I have to change, so that the link is shown on both sides?

The admin user, is seeing the "issue links" section on ICL-24 so I expect, that this is something user rights related, but I don't get currently the problem.

Thanks for helping.


2 answers

1 accepted

0 votes
Accepted answer

I suspect your instincts are correct. Can you check what your users can see in each project?

The reason is a security one, which is easier to explain by example - let's say you have two issues and two people. Alice and Bob can both see Issue-1, but only Alice can see Issue-2. You link the issues. Alice can see both and everything works fine. Bob is denied access to Issue-2.

Now, if Bob could see the link to Issue-2 when he looks at Issue-1, then there's a security issue because he suddenly knows it exists, what type it is, the summary and so-on. That breaks "Bob can't see issue-2", so Jira hides the link from him entirely to prevent leakage.

In a lot of organisations, this wouldn't actually be a problem. But Jira can't assume that.

In short, check "Bob" can see both issues that are linked together!

The really interesting thing on this topic is, that a groovy script, which is executed by Bob on a transition post action, is able to see and edit the issue-2, without beeing able to the issue-2 in browser anyway...

Thanks you both.

Oooh, that IS interesting. Two possibilities spring to mind

1. Groovy is powerful and hooks directly into the API, it may be able to ignore restrictions. Although, I suspect you'd have to explicitly code the script to use functions that are unrestricted

2. We've only looked at "browse" permissions. It is actually possible to create a workflow transition that has no conditions, which means anyone can execute it. I have a nagging doubt that even if Bob cannot see the issue (no "browse" rights) then he can still execute transitions that are unprotected by conditions. The UI stops that, I think, but it wouldn't stop a scripted action.

Bob execute a transition on issue-1, whichs fireing following script...

issueLinkManager = componentManager.getIssueLinkManager()
ComponentManager componentManager = ComponentManager.getInstance()
MutableIssue currentIssue = issue
if (currentIssue.getTimeSpent() >0 )
                cus = componentManager.getJiraAuthenticationContext().getUser()
                now = new Date().format('dd.MM.yyyy k:mm')
                issueLink ->
                    if ( == "Relates")
                                linkedIssue = issueLink.getSourceObject()
                                MutableIssue timetrackIssue = componentManager.getIssueManager().getIssueObject(linkedIssue.getKey())
                                wli = new WorklogImpl(null, timetrackIssue , 0,, 'Zeitübertragung aus ' + currentIssue.getKey(), Date.parse('dd.MM.yyyy hh:mm', now), null, null, currentIssue.getTimeSpent() )
                                ComponentManager.instance.worklogManager.create(cus, wli, 0, false)

                log.debug "Issue " + currentIssue.getKey() + " hat keine gebuchte Arbeitszeit"

This code manipulates directly the linked issue issue-2, which Bob can't access by browser anyway.
I don't care, I like that the code ignores that Bob can't access issue-2, because the project of issue-2 has very limited access.
However, this can be some security topic on other customers.

0 votes

Make sure user b has "Borwse Project" permission on both the projects.

So... In short, check "Bob" can see both issues that are linked together!

Hi Jobin,
thats something, I have already checkt.

The project Test, can be browsed for test purpose by "anyone", but link still wasn't shown.

"Browse project", this was just the half of the problem.
On issue JLTA-76 also issue security schema was applied.


Yup, that is the next :) If the issue is protected by a security scheme, users won't see it unless they are part of that security level.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

1,310 views 5 11
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you