To all JIRA users who have been watching this issue:
We have looked at this issue from every possible angle, banging our heads together, internally feuding and exploring various resourcing options.
We have discussed it with customers at user conferences, in email, and during meetings at their offices.
Ultimately, however, we have decided that we will not be implementing Field Level Security in JIRA.
We have not made this call lightly, in fact, far from it. We have always maintained an earnest desire to deliver the goods and fix the problem properly. At the same time, if we had completed the request, we saw inherent issues would arise that would burden our developers, our customers, and the product.
The main reasons are as follows:
requires a significant rewrite of most major components and is akin to rebuilding JIRA from scratch. JRA-1330
- The development time and effort required to achieve it would be massive (12/18 months +)
- It would totally monopolise the engineering team and NO other features or reworks would be delivered during that period
- The implementation would add considerable "bloat" to JIRA
- JIRA admin would become far more complex
- It may well add major performance overhead to the product
We've also made a number of attempts to break the feature into smaller useful chunks but these always seem extremely complex for little or no real value delivered. Whichever way we look at it we can't justify bringing all other development on JIRA to a halt for so long to provide this one feature.
In retrospect, we missed the opportunity to address this request and your comments properly earlier, and this response comes later than it should. For that, we sincerely apologise. We remain committed to being an open company, whether it's with regards to feature requests, pricing, or bugs in our software. We will strive to answer product management questions and feature requests sooner, frequently, publicly, and more decisively.
Higher in the thread Erik S makes a comment about a workaround that may be useful for some users:
it is documented further here:
Third party commercial plugin:
We are going to close this issue, mark it as "Won't Fix". Any further options that we uncover will be noted on this issue.
Atlassian Product Management
UPDATE: We have reviewed this request again within the team and have had long conversations with our JIRA architect. This has lead to the conclusion that the original reasons for not implementing this feature still apply. We understand that this will disappoint a lot of users watching this JIRA issue, but as we are an open company we would rather be honest with you guys and let you all know now that we will not be implementing field level security. I understand many customers will want to discuss this further and they can do so by emailing me directly.
JIRA Product Management
roy at atlassian dot com