Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


...

Info

JIRA allows to set permissions on a project level basis as explained in JIRA documentation.

Issue level permissions

Nevertheless it is possible to configure JIRA permissions on

...

an issue level basis

...

 so users get different permissions for different issues in the same project. 


Note

Hide Time Tracking add-on might not work correctly when issue level permissions are used.

Issue level permissions

Issue level permission can be achieved through "dynamic user" fields which values can differ on an issue basis (e.g. "Assignee" or "Group Custom Field"). That is not clearly described in JIRA documentation hence most users are not aware of this consequence of using "dynamic user" fields in permission scheme. 

Screenshot below presents WORK ON ISSUES permission configured on an issue level basis:

Image Added

Hide Time Tracking add-on 

Hide Time Tracking add-on checks project level permissions and, in most cases, is not aware of the single issue environment, i.e. permission depending on the Assignee or Group custom field.
Therefore it is not recommend to use issue level permissions because Hide Time Tracking add-on might not hide time tracking information correctly. 

Issue level permissions are correctly recognised only on the a full page single Issue View page - it (it does not include Issue Details view on  include Agile boards Issue Details view or Issue Search (Issue /Navigator).

In other places, Hide Time Tracking add-on does not have enough information so it must rely on a project level permissions.

There is an open request on our backlog to solve that problem but due to technical obstacles it is not possible to hide time tracking correctly if issue level permissions are used within project.

For more information about the problem, including examples/scenarios of the issue level permissions, please visit the mentioned aforementioned JIRA issue at https://gebsun.atlassian.net/browse/HTT-23

Checking permissions

Project and issue level permissions can be easily retrieved through JIRA REST API. 

In the below example we use curl command in terminal (command line) to send https requests to JIRA.

Sending request to JIRA

Following commands can be used to determine project and issue permissions for a user (please replace userpasswordjira-url, DEMO and DEMO-1 with your JIRA data):

Code Block
languagebash
titleFind project permissions
curl -u user:password -X GET -H "Content-Type: application/json" https://jira-url/rest/api/2/mypermissions?projectKey=DEMO


Code Block
languagebash
titleFind issue permissions
curl -u user:password -X GET -H "Content-Type: application/json" https://jira-url/rest/api/2/mypermissions?issueKey=DEMO-1

Getting the output

The output returned by the above commands is in JSON format and might contain different permissions for a project and an issue inside this project:

Code Block
languagebash
titleProject permission - "true"
"WORK_ON_ISSUES": 
{
            "description": "Ability to log work done against an issue. Only useful if Time Tracking is turned on.",
            "havePermission": true,
            "id": "20",
            "key": "WORK_ON_ISSUES",
            "name": "Work On Issues",
            "type": "PROJECT"
}


Code Block
languagebash
titleIssue permission - "false"
"WORK_ON_ISSUES": {
            "description": "Ability to log work done against an issue. Only useful if Time Tracking is turned on.",
            "havePermission": false,
            "id": "320",
            "key": "WORK_ON_ISSUES",
            "name": "Work On Issues",
            "type": "PROJECT"
}

Please notice "havePermission": true for project versus "havePermission": false for issue in the above output.