Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Implementing Issue Security without bulk updating

Alexander Allen
Alexander Allen October 30, 2018

I would like to implement Issue Security across a number of projects to allow an external partner to view issues that are relevant to them. Since the vast majority of tickets in each project do not apply to them and I would like to keep them private, I want to update only the few tickets that I intend to expose.

But from what I can tell, it is not possible to set a default value for the Security Level field that will apply to historical issues (Although, any newly created issue can be configured to have a default value for that field). When I apply an Issue Security scheme all historical issues in the project simply have the value for Security Level left blank and is therefore viewable by anyone with Browse Project permissions (which is required to view anything in a project at all).

This creates a problem because implementing Issue Security would then require me to bulk update the Security Level field in thousands of old issues and across a number of projects to keep those historical issuse concealed. Doing so would damage any reporting or dashboards that pull based on the "last updated" value of a ticket.

Is there anyway to apply Issue Level Security that silently updates issues in a project with a default Security Level value without recording an issue update?

Answer
Watch
Like Jordyn K_ Lee likes this
1153 views

3 answers

1 accepted

3 votes
Answer accepted
Ignacio Pulgar
Ignacio Pulgar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 30, 2018

There's an easy way to get exactly what you need:

  1. Add all External Partner users to a group, ie named: external.
  2. Ensure External Partners do not belong to any other groups or project roles that might grant them with any permissions in tge project.
  3. Create a group picker custom field, ie named: Invited Group(s).
  4. Add Invited Groups field to the screens where you would like it to be available.
  5. Add Invited Group(s) field to the Browse Projects permission in the permission scheme. (Group custom field value)
  6. [Bulk] edit the issues you would like to share with your External Partners by setting the 'external' group as the value of Invited Groups field.

After completing those steps, you'll be able to grant access to the issues you want without having to update the old ones.

Please, note that, on granting Browse Projects permission to the group value of a custom field, the *project name* of a so configured project would be listed to all users in your Jira instance. This does *not* grant access to any issues in the project, so it's completely safe to set the project that way.

View More Comments
Matthias Gaiser _K15t_
Matthias Gaiser _K15t_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 31, 2018

Nice way, @Ignacio Pulgar!

Like
Ignacio Pulgar
Ignacio Pulgar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 31, 2018

Thanks, Matt!

Like
Ignacio Pulgar
Ignacio Pulgar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 31, 2018

Oh, and of course you may add the Invited Group(s) field to any other desired permissions in a similar way.

Like
Reply
0 votes
Andrei Bacanu
Andrei Bacanu
Contributor
September 22, 2021

This is gold, to be honest :)

Thanks Ignacio!

View More Comments
Ignacio Pulgar
Ignacio Pulgar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 30, 2021

You are welcome! 😃

Like
Reply
0 votes
Matthias Gaiser _K15t_
Matthias Gaiser _K15t_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 30, 2018

Hi @Alexander Allen,

I agree that updating issues via the UI would result in also updating the "last updated" field and would therefore break your reporting based on that field.

The one solution I could think of is modifying the data directly in the database, but if I look at the tags you provided, you're on Jira Cloud, correct?

An alternative approach to this problem would be synchronizing the issues you like to share to one (or multiple) separate project(s). You could then simply grant your external partner access to that project and don't worry about setting the issue security levels. If you're interested in that path, check out the issue sync solutions in the marketplace.

I'm part of the team behind Backbone Issue Sync. If you have any questions, please ask them either here or via support@k15t.com.

Cheers,
Matthias.

View More Comments
Andrei Bacanu
Andrei Bacanu
Contributor
September 22, 2021

-

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events