-
Suggestion
-
Resolution: Unresolved
-
0
-
10
-
NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.
The "Browse projects" permission mixes up two different things: (1) permission to see a project at all, (2) permission to see project issues. These two capabilities should have distinct permissions. The current mixup drastically reduces the usefulness of granting permissions to "Reporter" and "Current assignee". A distinct "View project" permission should be required before any other permission is considered. The current "Browse projects" permission could be renamed to "Browse issues".
Currently if you grant "Browse project" to "Reporter", ALL users can see ALL projects, even those where they have no role. Of course you can create a permission scheme per project, but that nullifies the whole point of having permission schemes.
This subject has been extensively discussed previously (JRA-4093, JRA-4935, JRA-8950, JRA-11881, JRA-14307). A fix is identified in JRA-14307. It's great to have a patch, but much better to solve the underlying problem.
Workaround
This might help in some cases : https://confluence.atlassian.com/display/JIRA/Current+Reporter+Browse+Project+Permission.
- is related to
-
JRASERVER-14424 Separate permissions for issue filtering and project display
- Gathering Interest