Limit the list of projects when creating an issue

Hi @Luke Brothers Do you mean you give access to "any logged-in" user? could you please further explain on the above how you did the trick to restrict user to create issues within one project (that he /she was not given access to), so that the user would not be able to create issues in the projects that they are not granted permission to. (though they are still able to see the list of projects in the project field). Thank you so much in advance. 

Hi @Yi Voon Phan I don't believe I have users who can view other projects but only create issues in some specific projects. I needed to limit the projects users could see when creating issues. I accomplished this by opening all permission schemes and ensuring the "create issues" permission was accurate. I found that some permission schemes uses by other projects were giving all users permissions. So...even though these other permission schemes weren't used by my particular project they still allowed users access to other projects. 

I don't understand. 

All my other projects have another security sheme in which is defined that only another usergroup may browse.

For example : 

given : 

• usergroups : A and X
• projects A1, A2, B, C, D

• usergroup A may only have access to projects A1 and A2
• usergroup X can have access to all projects

I've configured :

• security schema "for usersgroup A"  with browse-permission set to "usergroup A". I've associated this schema to projects A1 and A2
• security schema "for all other users" with browse-permission set to "usergroup X". I've associated this schema to projects B, C and D.

When a user from group "usersgroup A" creates an issue, he still can see project B in the listbox of available projects.

I hope this helps to understand my problem.

Ok thank you for the details!

Issue Security applies to issues not to projects. Users can still see the projects on the list but shouldn't be able to browse issues inside the project.

So could you please provide a step by step instruction on how to accomplish my needs?

Sorry the link I provided is for JIRA server not Cloud

The Browse Permission is the only one that removes the projects from the list. Since you have Issue Security added to the project it is taking over.

let me ask other champions.

There's a quirk here that I think we're missing.

This is going to sound very odd, but it comes out of two things - the code is easier, and it gives you a flexibility that some (rare) cases need.

I think you've got the security and visibility of existing issues right, and I think you understand it in full.

The confounding problem is that "create" is not the same as "browse".  Us humans would instinctively think "if I can't see a project, then I can't do anything with it, so it should be invisible".  But, hard Vulcan logic does not do that unless you explicitly state it, and Jira does not state it.

So, if you grant someone the right to, let's say, edit issues in a project, then they can technically edit the issues, even though they can't see them.  Jira blocks that accidentally though, because in order to ask you what you want to change, it needs to tell you what is there, so as you can't see it, you can't do it.  Most actions on issues fall into this category.  Even though you might have permission to edit/delete/log-work/schedule issues, it gets blocked because you can't see it.

But, with "create issue", that does not happen.  There's nothing to see, so Jira does not accidentally block it.  It goes "yep, you can create this".  And then tells you that you can't see what you just created.  And, if you can create an issue in a project, then that project is offered to you on the project selection on the create menu and screens, because you can create!

So, what you want to do is modify the project permissions so the users without "Browse" don't have "Create" either.

(Before you ask for an example of where it useful - HR complaints against other individuals, compliance reporting and whistleblowing - you sometimes want to report something once and hide it from everyone, including the creator)

Hi Nic

Thanks for the feedback. So do I understand correctly that this is expected bevhaviour, and no solution/workaround is available ?

Please keep in mind that we are using Jira Cloud. 

It is expected behaviour, there is no "work around" because there is nothing wrong.

You just need to alter the permission schemes to limit the projects in which your users have "create", similar to what you did for their browse permissions.

That's just the problem ... In my permission-scheme I already configured that the "create issues" permission is limited to the specific user-group. I also tried to configure with a specific project-role. But nothing seems to limit the available projects in the listbox when creating a new issue.