We use the jira-developers group in order to make internal comments. These comments contain sensitive information that should under no circumstances be viewable to the clients who use the jira-users group.

When you delete a comment that is visible to jira-developers, it becomes visible to the customer! They need to click on "Change History" or "All" to view the deleted comment.

Unfortunately, we had a situation the other day because a client saw a comment that was not meant for the client to see which has left us in a sticky situation.

As far as we are concerned, the "All" and "Change History" buttons should only show events that were carried out by users in your group. That is, jira-developers should see all the changes in the change history and jira-users should only see events caused by other jira-users. jira-users should also be able to see when a jira-developer has assigned an issue to a jira-user as that involves the jira-user group.

Please let us know when this will be resolved as we cannot have this situation continue as it is.

Thanks!