Ok, I think you're looking in the right places, but the permissions are always complex to explain (there's a lot of flexibility in them, but that makes them not-obvious to administrate)

I find it helps to think of them in two layers.

First, you have "application access".  This says "people can log in and use the functions of this application".  So, you seem to have the default jira-software-users group, which is usually used to say "these people can log in and use JIRA Software functions". 

This group is often added to roles in new projects which then does unhelpful things because of the next layer.  This is almost certainly why "Use QA-user1 logs on and has access to all projects"

Second layer is the permission schemes, which I think you've actually understood fine.

So, what you probably need to do is go over the existing projects and remove the access for "jira software users" by removing the group from roles.  You will want to replace it with other groups or users to allow in the people who should still have access.

So far, your answer and video are not helpful.  I need an instruction based on the online version of Jira with no customizations and setps to add a new group with access to select projects.  

So I am missing this in the video.  I cannot use the video because it has a step remove jira-users and this does not exist. 

Note, I did not edit the default permission schemes in case I did it wrong.  I made a copy of the permission scheme, edited it and then applied to each project.  this makes backing out easier.  

I watched the video and I did not do all those steps.  This is the same issue I have. I have an online out of the box Jira system and there is no user jira-users.  This video (point 1:08) creates the same issue as the online docs.  When I go to users, I have jira-software-users, I have jira-administrators, but nothing that is the same as your list. so at this point what is it I am doing.  No one has customized this system. 

So, out of the box, what roles are being assigned and for what purpose and this step needs to remove a role, but which one.   What is jira-users in the online system?

I will have to go back to what I did, but I created a group called QA-software-group and I did not allow login, but they can login but I don't know why.

This morning I found out that in the project with the permissions I defined issues can only be transferred to people in the QA-software-group and not any other users in the system, again I am not sure why. 

I can certainly go through 50+ permissions and try to figure out how to do this, but I can't do that because there is not enough information for me to do this properly.  

Hi Janet

If you have created QA group and added users to it thats is great.

I guess now as Project Admin you can go to the respective project's Project settings and under Actions-> Edit Permission. 

Under the Project permissions section, you can click Edit/Remove permissions to r and the QA groups to the type of permission you wish to provide or use Remove link to remove the respective role/group or user.

Also you may Grant more Permissions using the Grant Permission button

Thanks

If my answer works please accept the answer.

Hello Janet, 

This video can be help?  

1. https://www.youtube.com/watch?v=wvdVNpgG34M&list=PLUmRtEALhUxr6VQdBLzGWjcr1s52_1joZ

2. Or This scheme https://confluence.atlassian.com/adminjiraserver073/configuring-permissions-861253288.html

3. Some time please, check by Permission helper on the issue panel.

Thank you

Best regards,

Gonchik Tsymzhitov