Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-32695

RBAC for granular control of administration section

    XMLWordPrintable

Details

    • Suggestion
    • Status: Closed (View Workflow)
    • Resolution: Duplicate
    • None
    • None
    • None
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      As companies grow in both projects and people administration teams must grow to service business needs, however giving full administration access can lead to configuration accidents or general loss of control for they system.

      Many complex web applications have the ability of creating roles in order to assign different sets of permissions.

      For example, just because I want someone to be able to create new projects it doesn't mean I want him to be able to change the user directory configuration or be able to install plugins.

      An easy (and good enough) implementation would be to just hide administration sections per role created.

      Having the ability to define roles would allow me to say, for example:

      • System administrator: Full access
      • Administrator: Access to workflows, permisions & issue level security, custom fields, screens, projects, etc. This role wont have access to System or Plugins settings, but will have access to Projects, Users and and Issues. However, no access to User Directories
      • Project administrator: Access to Users (but not User Directories) and Projects

      Having the option to only give full access or none affects our decision as a company whether to or not to fully move to Jira: we already have it in our organization but it is only being used in some geographical locations.

      Some teams currently use Assembla or other tools just because they cannot get the access they need from the Jira administrators. Much of this has to do with the inability to create workflows and custom fields. IT doesn't want to give access to everybody for obvious security reasons and that our Jira instance is a big production system, and any disruption of service that may be cause due to a misconfiguration can lead to business disruption or even downtime.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              1ae864c8726d David Vega
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: