Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Black projects setting a security scheme

Dconte
Dconte May 16, 2013

Greetings,

Is it possible to create a security scheme for black projects that not even the Sysadmin can see?

It is critical to either mask fields, for hide the data, or simply if you are not a member of a restricted group you can't get access without a password?

Thanks,

dc

Answer
Watch
Like Be the first to like this
369 views

4 answers

1 accepted

0 votes
Answer accepted
Daniel Wester
Daniel Wester
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 20, 2013

Like Nic said - you can't. JIRA's security model is based on opt-in - not exlusionary. That said you could have your sysadmins log in as sysadmin-bob, sysadmin-harvey etc instead of using their 'normal' accts of bob and harvey. That seperation of duties might help some.

Reply
0 votes
Dconte
Dconte May 20, 2013

I am the SysAdmin, and I believe I found a way through that will satisfy my security folks, thanks for the feedback and promopt replies.

Reply
0 votes
Dconte
Dconte May 20, 2013

Perhaps I will write plugin to address this requirement

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 20, 2013

I don't think you can.

I think you can write something that will block or hide data from admins (although I suspect you might find it quite difficult). But, as an admin, I can disable or remove plugins...

I think you'll need to tweak the core code to stop admins from being able to see it and remove it, and of course, you then have the issue that your admins won't be able to support the system because you've blocked them.

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 16, 2013

No, Jira doesn't do any of these things. Specifically answering your two questions:

You CAN set a security scheme which doesn't include system administrators, that's quite simple - just leave them out. However, as system administrators, by definition, they have access to the security scheme and the rights to change it, and/or their own profiles to let them in.

Security schemes hide the entire issue based on an arbitrary "level". Permission schemes hide entire issues or projects on a more generalised basis. (The difference is a permission scheme says things like "only group X", "only assignee", or, for advanced cases, "only the person who reported the issue". Security schemes do it by "on;y group Y can see issues with security level Z"). However, there are no field-level permissions, and no password protections.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.