[JIRAALIGN-6360] Provide more granular permissions for Custom Rooms

Type: Suggestion
Resolution: Unresolved
Component/s: Strategy - Custom Hierarchy
Labels:
None

Support reference count:
2
Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Roles causes a lot of challenges in order to allow only a select set of individuals to be able to update things like Status, Health, Title, Description (and the ability to delete).

The preference would be to allow a select set of individuals the ability to make these types of updates.

Perhaps the usage of the “Owner” of the Room and designate Co-Owners who would then be able to do things like update (Status, Health, Title, Description) but restrict the Delete and ability to change the Owner to just the Owner (and obviously the SA Role).

is related to

JIRAALIGN-5918 Custom Room: Add granular membership permissions so that users can only see custom rooms they are a member of

Gathering Interest

PS-159074 You do not have permission to view this issue

resolves: PS-175604 You do not have permission to view this issue

Joseph Mao added a comment - 11/Dec/2024 11:13 PM

Giving an example:

Today the custom rooms ties both create and edit of a custom room to a single permission. this is bad since this allows any user who has ability to edit to also create and delete.

If you have a program or product or whatever you are using for custom rooms for and someone needs to be able to update the health of that program or product or ... – they have full capability to do damage by creation of duplicate custom rooms or not be able to edit the status.

In short- – you are giving users admin access when they should just have edit access to update the health field

Joseph Mao added a comment - 11/Dec/2024 11:13 PM Giving an example: Today the custom rooms ties both create and edit of a custom room to a single permission. this is bad since this allows any user who has ability to edit to also create and delete. If you have a program or product or whatever you are using for custom rooms for and someone needs to be able to update the health of that program or product or ... – they have full capability to do damage by creation of duplicate custom rooms or not be able to edit the status. In short- – you are giving users admin access when they should just have edit access to update the health field

Assignee:: Karen Bradshaw (Inactive)

Reporter:: Kirill Duplyakin

Votes:: 7 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 02/Jan/2024 12:46 AM

Updated:: 22/Apr/2025 4:18 AM

Jira Align

Details

Description

Attachments

Issue Links

Forms

Activity

Collapse comment: Joseph Mao added a comment - 11/Dec/2024 11:13 PM

Expand comment: Joseph Mao added a comment - 11/Dec/2024 11:13 PM

People

Dates

Backbone Issue Sync