Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Restrict ticket access at user level

Mo Omar
Mo Omar January 9, 2023

Hi all, and Happy New Year.

Hoping someone can help with the following query. Essentially my aim is to create security-level access that only allows access to a ticket if the user is a participant in that ticket. Below I've gone into a bit more detail about the scenario types. 

 

Overall Scenario: 

 

Users can ONLY access tickets where they are a participant.

Background: The user has access to the project

  • Project > People

  • Project > Permissions

Scenario: I can access the ticket

  • Given I am the Reporter, Assignee or Watcher of a ticket

  • OR I belong to the it-dev group project role?

  • Then I am a participant in that ticket

  • And I can access that ticket
    (Project roles and permissions determine what user can do in that ticket)

Scenario: I can NOT access the ticket

  • Given I am NOT a participant in that ticket

  • Then I can NOT access that ticket

:question_mark:What if a non-participant is tagged in a comment?

Scenario: I can be tagged in comments

  • Given I am a participant in that ticket

  • Then I can be tagged in the comments

Scenario: I can NOT be tagged in comments

  • Given I am NOT a participant in that ticket

  • Then I can NOT be tagged in comments add as watcher first.

Answer
Watch
Like Be the first to like this
636 views

1 answer

1 accepted

0 votes
Answer accepted
Ste Wright
Ste Wright
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 12, 2023

Hi @Mo Omar 

The first part - restricting access based on various user components - is possible.

You can set the visibility of Issues at an Issue level using Issue Security Schemes 

Note: You can't use "Watchers" in an Issue Security Scheme - but you could use a custom User Picker (multiple users) field instead.

---

The latter part, I'm not sure if restricting mentions in this manner is possible natively.

There is a feature request related to this though, that you can vote for/watch - see: JRACLOUD-37386 

---

Note: Issue Security Schemes are only available in Company-managed Projects - if you have a Team-managed Project, these schemes are currently unavailable. There's also a feature request for this - see: JSDCLOUD-8749 

Ste

View More Comments
Mo Omar
Mo Omar January 30, 2023

Thanks for that reply @Ste Wright , So annoying that @ mentions cant be configured if multiple teams are working on a project. Many thanks for your guidance either way. 

Like Ste Wright likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
atlassian, atlassian government cloud, fedramp, webinar, register for webinar, atlassian cloud webinar, fedramp moderate offering, work faster with cloud

Unlocking the future with Atlassian Government Cloud ☁️

Atlassian Government Cloud has achieved FedRAMP Authorization at the Moderate level! Join our webinar to learn how you can accelerate mission success and move work forward faster in cloud, all while ensuring your critical data is secure.

Register Now
AUG Leaders

Upcoming Jira Events