Add external QA user with rights to log issue/view their own issues?

I need to add a few 'external' users who can report bugs, view their reports and our responses, but do nothing else.

Is there a step-by-step guide on doing this? I thought it would be a very common scenario, maybe even a pre-configued option.

I may be looking in the wrong place, but I cannot find up-to-date info on this.

1 answer

1 accepted

1 vote

This is quite a complex thing to do, for two reasons

First, Atlassian distribute Jira/OnDemand with a really bad default security model. They create three groups - admins, users and developers, and they use the jira-users group to determine "can log in" rights. That in itself is fine, but the bad thing they do is then use it for other things, like "can browse project" and so-on. This means that by the time most admins reach a "I want to limit user access" point, they've had their permission schemes utterly ruined because "can log in" has defaulted to be synonymous with "can use project". Which is very bad.

You'll need to unpick that problem - the most simple approach is to create a single new group called something like "project users", put all your current users in it, and then go through every single permission scheme, swapping jira-users for project-users, so that jira users only ever means "can log in" (and maybe some global stuff like if you've got a "jira support" project)

Once you've done that, you can create an "external users" group, (or use roles, roles are better) and use that in a permission scheme to allow "create", "browse" and maybe "comment" in your external project(s).

Secondly, a more simple one - there's a counter-intuitive thing in Jira that means it interprets "can browse" as "anyone who MIGHT be able to browse". So, when you say "reporter can browse project", it doesn't give browse rights to just the current reporter on the issue, it grants it to anyone who *might* be a reporter and hence opens the entire project. There is a "reporter only browse" permission which needs to be enabled on a system level, which allows only the reporter of the issue to browse that issue, ubt I don't know if it's available on OnDemand.

Thanks, Nic. That looks like what I've been trying, it just seemed to round-about that I thought since I'd last used Jira, Atlassian must have introduced some feature of which I was unaware....
Thanks again - the second point you make may help, I look into it.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published yesterday in Marketplace Apps

Tips on how to choose the best estimation method for your planning

Planning and grooming sessions all come with their own sets of rules. Team members meet to estimate stories or other work items, all according to an agreed-upon process. And with every session comes ...

55 views 0 11
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you