Why do non-related to the project users can see this project on the browse projects page? There is no logical sense in it.
I tried to work it out with the Reporter Rule(show only projects with create permission).
But the Current Assignee Rule and the Reporter Rule(show only projects with create permission) are conflicting.
How can this problem be solved?
I need a few assignee people could see only tasks created for them and in the same time could see only projects, in which they are involved,on the browse projects page.
That is quite sensible.
Thank you in advance.
I solved this problem.
In DefaultIssueSecurityScheme / Edit Issue Security Levels
ps: all very confusing and not logical
still tryin to understand the goal your aiming at.
ok. How can I make some users only see tasks that were created by them without Current Assignee rule?
this is simple.
use issue level security to get this. add reporter and a role of project users that should see this as well. i.e. develpers.
i built something similar on a Support Project.
Permission Scheme says "Browse Project" = jira-users
Issue Level Security
hope this helps proceeding
this is not a bug. you may misunderstood the complex configuration options
once you apply your new issue level scheme to your project these settings will take effect.
only the reporter, the current assignee or in that case users that are in Supporters role can view the issue.
still every active jira user (group jira-user) can browse the project. but as the issues now hold a security level "this your solution is" (like yoda would say)
ps: issue can not be created for assignee"test" to project "project_2" (true).
why user "test" sees "Project_2" in the list of projects (Browse Projects)?
add new group "testgroup1" and make user test a member.
open permission scheme.
remove "current assignee" from "Browse Project" and add "Role: User" (not Group) instead.
"Create Issues" should have "group: jira-users" or "role : users"
now go to your project administration for Project_1 and open Roles:
add group "testgroup1" to the Users role.
make sure project_2 roles administration doesn't have "testgroup1" listed
try again and let me know
What do you mean by "conflicting"? And what does your "browse" permission say for the projects?
If you have set up your project so that "Browse" is
Reporter (show only projects with create permission) doesn't work with Current Assignee. The user is not related to any project role. And is not related to a group that could be referred to a project role.
He is not related to the project, but in the same time he can see it in Browse projects.
Why is it so?
The Current Assignee Rule should give a possibility to see someone's tasks in the project, if this user is added to some project role.
but in practice the user can see all the projects in Browse projects because of the Current Assignee Rule.
Is this logically right? The user hasn't any role in the project, but he can see it in Browse projects.
> Reporter (show only projects with create permission) doesn't work with Current Assignee
I'm afraid I don't understand what you mean. Those are two separate options for the rule "does this person have this permission". They don't have anything to do with each other, apart from being on the same list of options when you say "grant permission X to <option>". They don't work together, they're simply options on a list.
Skipping over that though, you then say "he is not related to the project, but can see it in browse projects"
That is absolutely correct for the "reporter" permission. The reasoning is simple - if the user can CREATE issues in the project, then they need to be able to see the project. Not all the issues in it - they won't see any other issues, only the ones they create, but they need to be able to see the project to use it.
It doesn't matter about the user's roles, groups or anything else. You're granting them the right to see issues in a project via the reporter permission, so they can see the project.
If there is only Current Assignee for Browse Projects, then why the user can see the projects which he is not related to?
Don't take in account (show only projects with create permission). I was compelled to try this rule.
I can't create a task for a non-related to the project user.
So why does the Current Assignee Rule give him a possibility to see ALL the projects?
You are missing the point.
Again. It does not matter if the user is named in the projects. The combination of rights does not matter.
You have granted them the right to create issues and/or the right to be assigned issues by one route or another. Therefore they can see the project bercause they need the access in order to use those rights.
Yes, it does.
Unless someone has made significant modifications to the core of your Jira, the combination of rights is not having any effect.
Try testing them completely separately. You'll find the behaviour is coming entirely from one of them.
Good morning Members, Not sure if you are aware. Please read the following: https://www.icloud.com/keynote/0RyJ4VEdNUpjDpGfMhfZx9fEg#Confluence_Security_Advisor More details: https://co...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs