we just start to delegate to user administration to project leaders: so far we used groups for the user management so only jira-admins could grant access rights in our Jira.
The problem is that the project leads can cause security risks: they are able to access rights even to the 'jira-users' group.
Is there any feature (plugin, script, etc.) we can restrict the users/groups for the project leads with? So they could browse role permission only for a particular users or groups. Or the same would be if it could be banned to grant groups to roles only users.
You know: if they grant role permission to a failed user it's not a big problem like granting access to all the users ('Jira-users').
If I understand your problem correctly...
...then I think you experiencing something that I have previously come across. A design oversight that I would call a bug. I do not think that there is currently a way around this - but would love to be proved wrong.
The reason why I am submitting this as an Answer rather than as a Comment is that there is an open issue that should be relevant:
Atlassian are not planning to address the issue in the next 12 months but they are inviting feedback.
So this is your chance to have your say...
Atlassian Summit is an excellent opportunity for in-person support, training, and networking.Learn more
Hey everyone! My name is Natalie and I'm an editor of the Atlassian Blog and I've got a question for you: What's your favorite quote about teamwork? We've compiled a list here, along with...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs