You won't want every user in your team to have the same level of access to JIRA Core. For example, you may want to restrict who can administer JIRA Core, or prevent users from viewing a project. In this step, you will learn about the different permissions in JIRA Core and set permissions for a new project.
Overview of roles, groups, and users
A role is a project-specific set of groups and/or individual users. In our example of the design project in the t-shirt business, all product managers need to be able to assign work (issues) across all projects, while senior designers need to be able to assign work on specific design projects. In JIRA Core, you can define a product manager role that includes all product managers. You can then define a set of permissions with the 'Assign issue' permission for this role, and apply this set of permissions to all projects. Individual senior designers can be added to the product manager role on each project, as needed.
Overview of global and project permissions
Global permissions cover a small set of functions that affect all projects in JIRA Core (for example, permission to administer JIRA Core). They can only be assigned to groups:
Project permissions cover a set of more granular functions that affect a single project in JIRA Core. For example, permission to create issues in a project. They can be assigned to groups, users and project-specific roles:
Now let's put this into practice! You're going to go through the tasks involved to use project permissions to hide a new, secret t-shirt design project from some of your users.
Create a new project role
This project role will only contain users that you want to view a particular project. We will assign permissions to this role in the next step.
- Select > JIRA administration > System.
- In the security section, select Project roles.
- Below the existing project roles, add another project role named "Review". Leave the Description field blank for now and select Add project role.
- Select Manage Default Members and then, under Default Users, select Edit to add yourself and Jason to the Review project role. Do not add Kate or Emma.
Configure a new permission scheme
The 'Browse Projects' permission controls whether a user can browse a project, i.e. whether they can view the project. Let's assign this permission to your new project role.
- Select > Issues > Permission Schemes.
- Copy the Default Permission Scheme.
- Edit the copied permission scheme and change the name to Confidential Permission Scheme. Select Update.
- Select Permissions for the Confidential Permission Scheme. For the Browse Projects permission:
- Choose Remove for 'Application Role (Any logged in user)'.
- Choose Edit, select Project Role, then select Review in the drop-down, and select Grant.
Associate the scheme with a new project
For the last step, let's associate the permission scheme with your new project.
- Select Project > Create Project and choose Task Management.
- Name the project Top Secret Tee and Submit.
- Navigate to Project administration by selecting > Permissions from the menu on the left.
- On the Project permissions screen, select Actions > Use a different scheme.
- Set the Scheme to Confidential Permission Scheme and select Associate.
The only users that will be able to browse your new project are Jason and yourself. Note that default members are only added to a role for new projects. You can also use this approach to restrict users from creating issues, adding comments, closing issues, etc, in a project.
Well done! You created a project permissions scheme and applied it to a project.
You've now completed the Administrator Getting started tutorial. We suggest you complete the Project Administrator tutorial as well, so you have a better understanding of how your team will be using JIRA Core. So put on your project administrator hat and let's get started!