Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can I restrict the Activity Stream on the System Dashboard?

Ken Hymes
Ken Hymes
Contributor
June 23, 2013

We're trying to configure customer access to JIRA, and don't want to display any internal project data. We've got all internal projects secured with a specific internal Permissions Scheme. After setting up the customer accounts, I logged in with one to see what they see. All projects are secured properly; however, I can search for and display the System Dashboard. That wouldn't be so bad, but on the system dashboard is the Activity Stream, showing issues from all projects. Is there a way to restrict the view of the Activity Stream, say, by jira group? Or is there another slick way that I can restict the view our external customers have of the activity stream?

Answer
Watch
Like Ben Taber likes this
7695 views

6 answers

1 vote
David at David Simpson Apps
David at David Simpson Apps
Atlassian Partner
June 29, 2013

Perhaps you could restrict the Activity Stream gadget to just logged in users. Adding the paratmeter roles-required=use to the end of the activity streams gadget URL should prevent usrs who are not logged in from seeing the gadget.

For other configurations, check out this JIRA: https://jira.atlassian.com/browse/JRA-21505

Reply
1 vote
Patrick Li
Patrick Li
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 23, 2013

Activity stream should only display issues updates for the issues the logged in user can see. What happens if you click on any of the issues in the activity stream? Do you get a permission error?

View More Comments
Ken Hymes
Ken Hymes
Contributor
June 23, 2013

Yes, I do see items (not issues) from 'secured' projects in the Stream and when I click on them I don't get any type of permission error -- for example, a code snippet that was submitted. Yes, I thought I had closed that loop with my Issue Security Scheme, but it doesn't appear to be working. :-(

Like
Patrick Li
Patrick Li
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 24, 2013

So it looks like a mis-configuration with your permission scheme and/or issue security scheme (maybe your issues do not have a security level selected).

Like
Ken Hymes
Ken Hymes
Contributor
June 25, 2013

I don't think so, Patrick, The Permissions and Issue Security seem to only apply to ISSUES, yes? Doesn't seem to account for items related to Bamboo, Crucible, FishEye, Subversion, and Confluence. These are the items I ended up turning 'off' on the Activity Stream so they now don't show up. Do you have a better way to filter those items by a security group?


Like
Reply
0 votes
Diego Salas
Diego Salas
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 13, 2017

What worked for me is restricting the permission for Developer Tools in the Permission Scheme assigned to the project. By default is assigned to all JIRA users. Changed to Project roles.

 

View More Comments
Szczepan Wilkiewicz
Szczepan Wilkiewicz
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 10, 2017

Thank you very much. That's what i was looking for. Hide all activity not related to user project.

Like
Diego Salas
Diego Salas
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 10, 2017

You are welcome. Glad to help

Like
O M
O M
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 23, 2017

Did not work for me. Removed all permissions from View Development Tools, but any logged user still can see any activity for all projects in Activity Stream.

Like Tomaž Tinta likes this
Tomaž Tinta
Tomaž Tinta February 20, 2020

is the same for me...not working...how can I resolve this issue?

Like Claire Richardson likes this
Claire Richardson
Claire Richardson
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 2, 2020

im having the same issue

Like
M Vijay Kumar
M Vijay Kumar
Contributor
December 15, 2020

Any update on the above ? I am still facing the same issue.

Like
Reply
0 votes
Ashfaque Siddiq
Ashfaque Siddiqui
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 1, 2016

Is there any update to this? How do you actually apply roles-required=use to a gadget? @David Simpson I know this is a really old issue, but having the exact same problem.

Essentially, our internet hosted JIRA application shows the Activity Stream as it is part of the System Dashboard when a user is logging in. So the before username / password has been entered the Activity Stream shows users updates on Issues and the regular activities as expected. This is fine to show after the user logs in but not before any login info is provided. How do I restrict / stop this?

Reply
0 votes
Ken Hymes
Ken Hymes
Contributor
June 23, 2013

Here's an example of what I can see as an external customer in the Activity Stream:

"Ken Hymes committed changeset 3982 to the DELIRIOUS project"

There are active links to the "3892" code snippet and to the project DELIRIOUS that I can access and view.

These are links/references to our Subversion code repository, which is also linked to issues in JIRA...

View More Comments
M Vijay Kumar
M Vijay Kumar
Contributor
December 15, 2020

Hi Hymes,

Did you fix this issue. I am still facing the issue. Users who don't have access to other projects still see the issues commented etc.,

 

thanks,

vijay

Like
Reply
0 votes
Timothy
Timothy
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 23, 2013

Well, I believe that the Activity Stream gadget complies to the JIRA permissions so you should be fine. Do they see issues that they are not supposed to see on the gadget?

View More Comments
Ken Hymes
Ken Hymes
Contributor
June 23, 2013

Yes, Tim, they do see items from projects they shouldn't see...not issues, but code changes, comments, etc. Any way to use Security to rope these off as well?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.