Summary

This documentation offers guidance on how to restrict access to dashboards and filters on the Jira server, effectively preventing Jira pre-flight check warnings.

Overview

Jira pre-flight checks issue warnings if dashboards and filters are shared with the public. After migration to the cloud, this allows anyone with the URL to see the names of dashboards, dashboard gadgets, and filters and potentially access openly-shared issues within them.

Although it is not a blocking pre-flight check, it's strongly recommended to restrict dashboards and filters to "Logged in only users".

This recommendation is also included as a step on the Jira pre-migration checklist.

A singnificant effort is needed for manual review and permission updates. This document outlines steps for updating permissions by modifying relevant records in the Jira database.

Also, this article is a workaround for JRASERVER-65027 - Getting issue details... STATUS

Update permissions for dashboards and filters

1. To modify the share permissions for dashboards, dashboard gadgets, and filters, run: 

   UPDATE sharepermissions 
   SET sharetype = 'loggedin' 
   WHERE sharetype = 'global' 
   AND NOT (entityid = 10000 and entitytype = 'PortalPage');

   In the previous query, the exclusion of the System Dashboard was due to incomplete testing of its public visibility. As a result, we included entityid = 10000 and entitytype = 'PortalPage' . Furthermore, there is an existing feature request addressing this limitation which is JRASERVER-64165 - Getting issue details... STATUS
   
   

2. To verify that the above query is executed successfully, run the following query:

   SELECT * 
   FROM sharepermissions 
   WHERE sharetype = 'global' 
   AND NOT (entityid = 10000 and entitytype = 'PortalPage');

3. Once the update query has been executed, reindex Jira to ensure that the values are correctly updated when later viewing and checking permissions in a browser.