Details

    • Feedback Policy:
      We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see An updated workflow for server feature suggestions.

      Description

      Status

      To all JIRA users who have been watching this issue:
      We have looked at this issue from every possible angle, banging our heads together, internally feuding and exploring various resourcing options.
      We have discussed it with customers at user conferences, in email, and during meetings at their offices.

      Ultimately, however, we have decided that we will not be implementing Field Level Security in JIRA.

      We have not made this call lightly, in fact, far from it. We have always maintained an earnest desire to deliver the goods and fix the problem properly. At the same time, if we had completed the request, we saw inherent issues would arise that would burden our developers, our customers, and the product.

      The main reasons are as follows:

      • JRA-1330 requires a significant rewrite of most major components and is akin to rebuilding JIRA from scratch.
      • The development time and effort required to achieve it would be massive (12/18 months +)
      • It would totally monopolise the engineering team and NO other features or reworks would be delivered during that period
      • The implementation would add considerable "bloat" to JIRA
      • JIRA admin would become far more complex
      • It may well add major performance overhead to the product

      We've also made a number of attempts to break the feature into smaller useful chunks but these always seem extremely complex for little or no real value delivered. Whichever way we look at it we can't justify bringing all other development on JIRA to a halt for so long to provide this one feature.

      In retrospect, we missed the opportunity to address this request and your comments properly earlier, and this response comes later than it should. For that, we sincerely apologise. We remain committed to being an open company, whether it's with regards to feature requests, pricing, or bugs in our software. We will strive to answer product management questions and feature requests sooner, frequently, publicly, and more decisively.

      Workarounds
      Higher in the thread Erik S makes a comment about a workaround that may be useful for some users:
      http://jira.atlassian.com/browse/JRA-1330?focusedCommentId=55032#action_55032
      it is documented further here:
      http://confluence.atlassian.com/pages/viewpage.action?pageId=149834
      Third party commercial plugin:
      https://plugins.atlassian.com/plugin/details/23216

      We are going to close this issue, mark it as "Won't Fix". Any further options that we uncover will be noted on this issue.

      Regards
      Brett Jackson
      Atlassian Product Management

       

      UPDATE: We have reviewed this request again within the team and have had long conversations with our JIRA architect. This has lead to the conclusion that the original reasons for not implementing this feature still apply. We understand that this will disappoint a lot of users watching this JIRA issue, but as we are an open company we would rather be honest with you guys and let you all know now that we will not be implementing field level security. I understand many customers will want to discuss this further and they can do so by emailing me directly.

      Cheers,
      Roy Krishna
      JIRA Product Management
      roy at atlassian dot com

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                mm_aa Mike Aizatsky
              • Votes:
                440 Vote for this issue
                Watchers:
                553 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: