Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can I give permission to a user on "Create attachements" but without "Browse project" permission?

John Diaz
John Diaz April 23, 2013

How can I give permission to a user on "Create attachements" but without "Browse project" permission?

Answer
Watch
Like Be the first to like this
1463 views

3 answers

1 vote
Ramiro Pointis
Ramiro Pointis
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2013

Hi John, you can configure this in the Permission Scheme. But I don't get this since you need the user to be able to see the issue so he can add attachments to it.

View More Comments
John Diaz
John Diaz April 23, 2013

I can give permission to create without to browse project permission and that work, but if I give "Create attachment" permission without "Browse project" permission, the first one doesnt work. I can not give "Browse project" permission to my clients, because we have a lot of internal information and We are not interesting about they can take it.

Like
Ramiro Pointis
Ramiro Pointis
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2013

Exactly, because if they have create attachments permissions won't mean anything if they can't see the issue... If you want to give them the browse project permissions but you don't want them to see the issue you could use the issue security scheme, or create a project for those users.

Like
John Diaz
John Diaz April 23, 2013

Thks Ramiro. I gonna try with the issue security scheme, because I need the client only can create Bug issues (Bug, cause is for acceptance testing, and they only create issues of type Bug) and that when he is creating he can attach files.

The client doesnt need to browse the project or view the created issues, neither anything else.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2013

You have to be able to see something before you can do anything with it. If you allow "attach" without "browse", then it's a bit like asking someone to play snooker, blindfolded (And not telling them where the table is).

You *must* grant browse to issues before the users can attach things or do anything else with it.

There is one exception - if you grant create (without browse), then a user can create an issue, and attach files, but once they've created it, they'll get a permissions error and not be able to get back to the issue ever again.

As Ramiro says, it would be well worth considering your security. One good model is what Atlassian do with their support issues - they have one big project for all the customers, but it's locked. If I raise issues there, you can't see them, and I can't see yours. Would that work for you? Customers raising issues that only that customer (and yourself) can see?

Like
Reply
0 votes
John Diaz
John Diaz May 13, 2013

Hello.

Ramiro and Nic, Thks for helping.

I applied the Issue Scheme and works perfect to me.

Bye.

Reply
0 votes
John Diaz
John Diaz April 23, 2013

My problem is that when an user who can create issues, but can not browse the project, just in the moment he is creating an issue, he can not attach any file, and the application shows this message:

"Cannot attach file xxxxx.xx: Unknown server error (404)."

I need he can attach the file when he is creating issues, just then. He doesnt browse or review any issues.

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2013

Hmm. That's odd, it's not what I got last time I looked - I had a "permission denied after create" incident before Christmas, and there were attachments there (the reason it was a problem was that the user lost the attachments and wanted a copy from Jira, where we realised his profile was wrong).

Can you read the log file? Are there errors in there at the time of the 404?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.