Add external QA user with rights to log issue/view their own issues?

I need to add a few 'external' users who can report bugs, view their reports and our responses, but do nothing else.

Is there a step-by-step guide on doing this? I thought it would be a very common scenario, maybe even a pre-configued option.

I may be looking in the wrong place, but I cannot find up-to-date info on this.

1 answer

1 accepted

Accepted Answer
1 vote

This is quite a complex thing to do, for two reasons

First, Atlassian distribute Jira/OnDemand with a really bad default security model. They create three groups - admins, users and developers, and they use the jira-users group to determine "can log in" rights. That in itself is fine, but the bad thing they do is then use it for other things, like "can browse project" and so-on. This means that by the time most admins reach a "I want to limit user access" point, they've had their permission schemes utterly ruined because "can log in" has defaulted to be synonymous with "can use project". Which is very bad.

You'll need to unpick that problem - the most simple approach is to create a single new group called something like "project users", put all your current users in it, and then go through every single permission scheme, swapping jira-users for project-users, so that jira users only ever means "can log in" (and maybe some global stuff like if you've got a "jira support" project)

Once you've done that, you can create an "external users" group, (or use roles, roles are better) and use that in a permission scheme to allow "create", "browse" and maybe "comment" in your external project(s).

Secondly, a more simple one - there's a counter-intuitive thing in Jira that means it interprets "can browse" as "anyone who MIGHT be able to browse". So, when you say "reporter can browse project", it doesn't give browse rights to just the current reporter on the issue, it grants it to anyone who *might* be a reporter and hence opens the entire project. There is a "reporter only browse" permission which needs to be enabled on a system level, which allows only the reporter of the issue to browse that issue, ubt I don't know if it's available on OnDemand.

Thanks, Nic. That looks like what I've been trying, it just seemed to round-about that I thought since I'd last used Jira, Atlassian must have introduced some feature of which I was unaware....
Thanks again - the second point you make may help, I look into it.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted yesterday in Featured Groups

Tuesday tips & tricks: What is the Atlassian Community?

It's officially Tuesday, which means it's officially time for another tip to help you better navigate this space we call the Atlassian Community. 😄 I got a great question from community member, Sa...

23 views 0 2
View post

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you