Hey @Jason Yeung ,

Let me try and summarize the answers for you a bit :)

Using the permission schemes as you have them set up right now you can indeed give users read-only and others edit/create permissions. You'll just have to set the right users/roles/groups (we prefer to work with roles) as @raj-kumar2 mentions.

Issue level security won't really work here, that's more used for hiding the entire issue from a certain group of users (for example if you have sensitive issues (HR related/Security related) then you can have them show up only for certain users)

Field level permissions like @Mikael Sandberg touches on isn't a feature of Jira. Once you have edit permissions you can edit all and not be blocked on specific fields.

With an addon like Adaptavist Scriptrunner you could write some behaviours that set fields Read-Only based on a script, so that would then block users from editing them depending on how you write your script. A workaround there tho is to only add the fields you want to be edited on a transition screen and only allow that transition by certain users/groups. You then put those fields on the view screens so still everyone can see it but not edit. 

Hope that clears it up a bit!

Hello @Jason Yeung 

You set the permissions for users for a Project using the Permissions Scheme. Using the Permissions Scheme you can specify that users have read-only permissions by granting the users only the Browse Permission. Permissions can be granted to Project Roles and to User Groups, so you could group the users who should have Read-only permissions in either a Project Role in that project or in a User Group and then assign that Role (or Group) only to the Browse Projects permission in the Permission Scheme assigned to that project.

You can do the same with other permissions within the Permission Scheme to grant different sets of permissions to different groups.

This page provides an overview of permissions for Jira Server/Data Center v8.15

https://confluence.atlassian.com/adminjiraserver0815/configuring-permissions-1050546727.html

This page goes into details about Project Permissions managed through Permission Schemes.

https://confluence.atlassian.com/adminjiraserver0815/managing-project-permissions-1050546732.html

There is not a feature for setting permissions on fields individually. There are work arounds for limiting edit permissions on fields, such as:

1. Remove the field from the Edit screen.

2. Create a Transition screen that includes the field.

3. In the workflow add a Transition that loops back to the same status

3a. Restrict who has access to that transition to only the people you want to allow to edit the fields in the Transition screen.

3b. Attach the Transition screen to that Transition.

In that manner, the only way the fields can be edited is through that Transition and only by the people allowed to execute that transition.

You can use issue security to do this on the issue level, and you can find out more information about it here.

In out-of-the-box Jira you cannot set field permissions, you would need an app in order to do that.

There are separate permissions for Browse, Create and Edit issues. You can get modify the same under Permissions. Jira out of the box doesn't provide any option to set permissions on field level.