...
Info |
---|
JIRA allows to set permissions on a project level basis as explained in JIRA documentation. |
Issue level permissions
Nevertheless it is possible to configure JIRA permissions on |
...
an issue level basis |
...
so users get different permissions for different issues in the same project. |
Note |
---|
Hide Time Tracking add-on might not work correctly when issue level permissions are used. |
Issue level permissions
Issue level permission can be achieved through "dynamic user" fields which values can differ on an issue basis (e.g. "Assignee" or "Group Custom Field"). That is not clearly described in JIRA documentation hence most users are not aware of this consequence of using "dynamic user" fields in permission scheme.
Screenshot below presents WORK ON ISSUES permission configured on an issue level basis:
Hide Time Tracking add-on
Hide Time Tracking add-on checks project level permissions and, in most cases, is not aware of the single issue environment, i.e. permission depending on the Assignee or Group custom field.
Therefore it is not recommend to use issue level permissions because Hide Time Tracking add-on might not hide time tracking information correctly.
Issue level permissions are correctly recognised only on the a full page single Issue View page - it (it does not include Issue Details view on include Agile boards Issue Details view or Issue Search (Issue /Navigator).
In other places, Hide Time Tracking add-on does not have enough information so it must rely on a project level permissions.
There is an open request on our backlog to solve that problem but due to technical obstacles it is not possible to hide time tracking correctly if issue level permissions are used within project.
For more information about the problem, including examples/scenarios of the issue level permissions, please visit the mentioned aforementioned JIRA issue at https://gebsun.atlassian.net/browse/HTT-23
Checking permissions
Project and issue level permissions can be easily retrieved through JIRA REST API.
In the below example we use curl
command in terminal (command line) to send https requests to JIRA.
Sending request to JIRA
Following commands can be used to determine project and issue permissions for a user (please replace user, password, jira-url, DEMO and DEMO-1 with your JIRA data):
Code Block | ||||
---|---|---|---|---|
| ||||
curl -u user:password -X GET -H "Content-Type: application/json" https://jira-url/rest/api/2/mypermissions?projectKey=DEMO |
Code Block | ||||
---|---|---|---|---|
| ||||
curl -u user:password -X GET -H "Content-Type: application/json" https://jira-url/rest/api/2/mypermissions?issueKey=DEMO-1 |
Getting the output
The output returned by the above commands is in JSON format and might contain different permissions for a project and an issue inside this project:
Code Block | ||||
---|---|---|---|---|
| ||||
"WORK_ON_ISSUES":
{
"description": "Ability to log work done against an issue. Only useful if Time Tracking is turned on.",
"havePermission": true,
"id": "20",
"key": "WORK_ON_ISSUES",
"name": "Work On Issues",
"type": "PROJECT"
} |
Code Block | ||||
---|---|---|---|---|
| ||||
"WORK_ON_ISSUES": {
"description": "Ability to log work done against an issue. Only useful if Time Tracking is turned on.",
"havePermission": false,
"id": "320",
"key": "WORK_ON_ISSUES",
"name": "Work On Issues",
"type": "PROJECT"
} |
Please notice "havePermission": true
for project versus "havePermission": false
for issue in the above output.