Group security - can issues be restricted by group?

We have vendors working on our project as well as an internal dev team. We need to be able to let vendors see only the JIRA issues relevant to them. So how can we do this? Can we create a group for each vendor and only give them access to issues that have a particular value in a field...I'm thinking of doing this off a Component field so that if they are working on that component, they'd have access to see the JIRA issues on it. Will this work? Also, is this only possible on premise or can this be done in the cloud?

5 answers

1 accepted

Thanks everyone for your help. We're going to see if we can get the internal issue security feature to do this. Hope we can.

0 vote

If you are interested to only show some issues only for certain groups, you might be interested in configuring the Issue Level Security. Possibly, you can have the Issue Security by default to be showing Reporters and Internal team only.

Thanks but does this cover my scenario? I can't tell from the detail in the Issue Level Security write up. Here is my specific example. We have one project called project X. I have 3 groups: Internal, Vendor 1 and Vendor 2. Internal users can have access to see any issue in JIRA. Vendor 1 is limited to see only issues that are for component 1. Vendor 2 is limited to only see issues that are for Component 2. The issue itself would have a component field and values 1 and 2. So for issues with component value 1, only vendor 1 and internal users should be able to see, search, access them. For isses with component 2, only vendor 2 and internal users shoudl be able to see, search, access them. Is this possible with issue level security or any other feature in JIRA...and also only on premise? or also via cloud?

I'm thinking that you could have the two issue security level. One is only for Internal + Vendor1, while the second is Internal + Vendor2. Question is, who create the issues? If it is the internal users, you can allow the permission for only Internal users to set the security level and set them according to the components.

If the issues are being created by all of the three groups, then I think you might want to have a simple modification/customization on the issue security level. The script would check if the reporter is from which group and set the issue security level on creation accordingly.

If you want to to it using components you could do it implementing a listener I guess and set a secuity level according to the selected component...

Suggest an answer

Log in or Join to answer
Community showcase
Maarten Cautreels
Posted Thursday in Off-topic

Friday Fun: What's your favourite beer/drink

As a Belgian, beer-lover and home brewer, beer is one of my great passions. I love the fact that with just a few ingredients (usually just water, hop and malt) you can create so many different tastes...

282 views 38 9
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot