History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES       PLANNING BOARD       TASK BOARD   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: JRA-14857
Type: Improvement Improvement
Status: Open Open
Priority: Major Major
Assignee: Unassigned
Reporter: Dan Kennedy
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
JIRA

Allow multiple Issue Security levels to be selected

Created: 22/Apr/08 01:15 PM   Updated: 28/Apr/08 02:14 AM
Component/s: Permissions Security
Affects Version/s: None
Fix Version/s: None

Time Tracking:
Not Specified

Participants: Anton Mazkovoi [Atlassian] and Dan Kennedy
Since last comment: 11 weeks, 6 days ago
Labels:


 Description  « Hide
It would be valuable to allow more than one Issue Security Level. This would reduce the need for multiple levels to match the different combinations of Roles.

For example, my company would like to create a Infrastructure Upgrades project. This project will involve many outside consultants and internal staff. I can use roles for permissions, and I can create the following issue security levels based on the roles we have - a sampling could be
Omniware Internal
Sales
Network Admin
External Gui
External Web Services
External Developers

This allows me to create issues for Sales people only that NetworkAdmins can not view.

If I want to assign an issue that both the Sales and Network Admin roles can see (e.g. a task relating to a product install at a client site), I would then need to create another security level for Sales_and_Network.

So, if I have 5 levels representing 5 types of 'employees/security levels', I need to create 5 factorial (120!) levels to allow for all the different combinations.

Instead, I would prefer to simply select multiple security levels for an issue, i.e. "Allow the Sales and Network Admin levels to view this issue"

 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Anton Mazkovoi [Atlassian] - 22/Apr/08 10:15 PM
Hi Dan,

So, if I have 5 levels representing 5 types of 'employees/security levels', I need to create 5 factorial (120!) levels to allow for all the different combinations.

I see what you mean. May I ask how often you need an issue to be protected by a security level and needs to be shared between all these groups? Do you need to cover all 120 combinations, or is it possible to work out a subset that you need most often and create the appropriate security levels for this subset?

Another way to approach this would be to create a Multi-Group custom field and then change the Permission Scheme to be based on the custom field. This way issues can start off as being protected, but you can then add extra groups to the custom field, and allow the members of these groups to see the issues.

The reason I ask, is that we find that in most situations a single value security level covers most of our customers' needs. Allowing to select multiple values also makes JIRA slightly more complicated. JIRA is quite flexible already, and we need to be carefully watch out for anything that makes JIRA more difficult to learn.

Would the above suggestions help?

Cheers,
Anton


[ Permlink | « Hide ]
Dan Kennedy - 24/Apr/08 03:52 PM
If I created a small subset of people that might be looking at issues together, it might satisfy the short term, but it complicates the process going forward (try to create a ticket, then realize that you can not select all the people you need, contact admin, get them to create a group, then create the issue - not a model of efficiency.

The custom field idea is worth looking into.

The fact that there is only one security level allow makes me think that I am not using the security level in a way that JIRA designed it to be used, but it does seem natural to allow selecting more than one level.


[ Permlink | « Hide ]
Anton Mazkovoi [Atlassian] - 27/Apr/08 09:10 PM
Hi Dan,

I will leave this issue open to track interest.

The fact that there is only one security level allow makes me think that I am not using the security level in a way that JIRA designed it to be used, but it does seem natural to allow selecting more than one level.

I think the major difference is the requirements. In a lot of cases we find that the current, more simple solution, seems to meet the needs.

For more information on the way new feature and improvement requests are scheduled, please see:
http://confluence.atlassian.com/display/DEV/Implementation+of+New+Features+and+Improvements

Cheers,
Anton
Powered by Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.12.3-#302) - Bug/feature request - Atlassian news - Contact Administrators