Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-14424

Separate permissions for issue filtering and project display

XMLWordPrintable

    • 0
    • 7
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      The "Browse projects" permission mixes up two different things: (1) permission to see a project at all, (2) permission to see project issues. These two capabilities should have distinct permissions. The current mixup drastically reduces the usefulness of granting permissions to "Reporter" and "Current assignee". A distinct "View project" permission should be required before any other permission is considered. The current "Browse projects" permission could be renamed to "Browse issues".

      Currently if you grant "Browse project" to "Reporter", ALL users can see ALL projects, even those where they have no role. Of course you can create a permission scheme per project, but that nullifies the whole point of having permission schemes.

      This subject has been extensively discussed previously (JRA-4093, JRA-4935, JRA-8950, JRA-11881, JRA-14307). A fix is identified in JRA-14307. It's great to have a patch, but much better to solve the underlying problem.

      Workaround
      This might help in some cases : https://confluence.atlassian.com/display/JIRA/Current+Reporter+Browse+Project+Permission.

              Unassigned Unassigned
              e38f85614ab3 Hakan Soderstrom
              Votes:
              21 Vote for this issue
              Watchers:
              22 Start watching this issue

                Created:
                Updated: