We are often asked the following:
How do we configure the system so that a user/user group can only register/see issues on one specific project?
In order to configure the above please follow the below instructions and tweak as necessary for your organization:
- Create a new Permission Scheme (Administration -> Schemes -> Permission Scheme) for Project External say External_Permission_Scheme
- Create a new user group say Group_External (Administration -> Users & Groups -> Group Browser)
- Add the External Users to that group
- Associate External_Permission_Scheme to Project External (Administration -> Projects -> Project -> select Project External)
When users are created they are automatically a member of the jira-user group in order to allow them to login. The thing to note here is that the Default Permission Scheme grants users within the jira-user group certain permissions so those projects using the Default Permission Scheme will essentially give those users access to it.
To get around this either:
- Remove your external users from the jira-user group and give Group_External the ability to login by granting them the global JIRA Users permission (Administration -> Global Settings -> Global Permissions)
- Edit any Permission Schemes that grant the jira-user group specific permissions
It is also important to add that with the release of 3.7 and the introduction of Roles within JIRA it will not be necessary to create Groups for the above configuration.
For a detailed example using Group Permissions please see the following documentation: Using Project Level Security with User Groups
For a detailed example using Project Role's please see the following documentation: Using Project Level Security with Project Roles