Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-11130

Feature to restrict Insight users to only be able to view certain object types (or only objects assigned to them) in an object schema

XMLWordPrintable

    • 18
    • We collect Jira Service Desk feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Problem Definition

      At the moment, it's not possible to restrict users to only being able to view certain object types (or only assigned objects) in an Insight object schema. Granting the user a 'user' role in a object-schema role will open up the entire schema, and there is no option on the object type level to restrict the visibility of the object type to just a limited number of users.

      Suggested Solution

      It would be nice to have the option to allow setting 'view' permissions on the object type level in an object schema.

      Workaround

      No workaround available.

            [JSDSERVER-11130] Feature to restrict Insight users to only be able to view certain object types (or only objects assigned to them) in an object schema

            Yinon Negev added a comment - - edited

            db0d4e30f4d6 :

            JSDSERVER-7655 - Permission at Object Level ...

            Yinon Negev added a comment - - edited db0d4e30f4d6 : JSDSERVER-7655 - Permission at Object Level ...

            Leonel Goitia added a comment -

            Any updates here?

             

            Leonel Goitia added a comment - Any updates here?  

            Don Ramsey added a comment -

            Yinon Negev... we need object instance security not just security for an object type

            Don Ramsey added a comment - Yinon Negev... we need object instance security not just security for an object type

            jfigueiredo added a comment -

            This would be a helpful feature

            jfigueiredo added a comment - This would be a helpful feature

            Liliia Bobrysheva added a comment -

            Would be glad to see this feature available in Jira

            Liliia Bobrysheva added a comment - Would be glad to see this feature available in Jira

            Mariana Baroni added a comment -

            Essential for us!

            Mariana Baroni added a comment - Essential for us!

            Yinon Negev added a comment -

            The linked suggestion is for Object Level Permission - while the current one states "restrict Object Types" (and object level permission is in parenthesis).

            Yinon Negev added a comment - The linked suggestion is for Object Level Permission - while the current one states "restrict Object Types" (and object level permission is in parenthesis).

            Dang Phu Pham added a comment -

            Hi, just showing my interest. I can't wait to see this feature available.

            Dang Phu Pham added a comment - Hi, just showing my interest. I can't wait to see this feature available.

            andydesjardins added a comment -

            I was looking for that. I'm disappointed it's not available yet.

            andydesjardins added a comment - I was looking for that. I'm disappointed it's not available yet.

            Don Ramsey added a comment - - edited

            You can already restrict particular Insight/Assets object types\classes to particular users. Great!

            But you cannot restrict particular Insight/Assets object instances to particular users. Uh oh!

            This is a blocker to get SOC2 certification since it is obviously not good to be unable to wall off different client data from different users. Walling off whole types of objects to some people is JUST.NOT.GOOD.ENOUGH. Different people with the same types of roles often cannot be allowed to see all objects of the same type under various security scenarios required by SOC2 and ISO 27001. Without this, Insight/Assets cannot be used in a serious enterprise.

            I can suggest making some objects visible to some people based on a particular IQL query, or have a security attribute in each object or whatever you can think of... but you are going to lose customers if you do not make Insight/Assets more flexibly secure to match the issue and project level security already possible in JIRA. I loooove Insight and it has become the backbone of my department, please help me to be allowed to keep using it.

            Don Ramsey added a comment - - edited You can already restrict particular Insight/Assets object types\classes to particular users. Great! But you cannot restrict particular Insight/Assets object instances to particular users. Uh oh! This is a blocker to get SOC2 certification since it is obviously not good to be unable to wall off different client data from different users. Walling off whole types of objects to some people is JUST.NOT.GOOD.ENOUGH. Different people with the same types of roles often cannot be allowed to see all objects of the same type under various security scenarios required by SOC2 and ISO 27001. Without this, Insight/Assets cannot be used in a serious enterprise. I can suggest making some objects visible to some people based on a particular IQL query, or have a security attribute in each object or whatever you can think of... but you are going to lose customers if you do not make Insight/Assets more flexibly secure to match the issue and project level security already possible in JIRA. I loooove Insight and it has become the backbone of my department, please help me to be allowed to keep using it.

              Unassigned Unassigned
              vyadavayyanamath@atlassian.com Vivek Yadavayyanamath
              Votes:
              44 Vote for this issue
              Watchers:
              30 Start watching this issue

                Created:
                Updated: