Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do you prevent project administrators from assigning (specific) user groups to project roles in the project?

owahler
owahler September 23, 2012

Hi,

Unfortunately some of our project administrators occasionaly assign the "jira-users" group to a project role on their project, which results in potentially disclosing project data to undesired groups of users. The users are internal and client users in quite a large organization where the projects are highly independend.

Currently, we just try to teach our project admins in not doing so. However in some cases this doesn't help. We manually remove the group from the project again.

I am interested to hear, how you handle this in your organisation.

Additionally, maybe you know os a setting or plugin, which I am failing to find, which disables the project role assignment by user group.

Thanks,

Oliver

Answer
Watch
Like Be the first to like this
1034 views

3 answers

1 accepted

1 vote
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 23, 2012

You can't disable it (without coding in the core anyway)

I've always handled it with education myself, as you've tried. Tell administrators not to use the group in the roles if they want any form of privacy. In the rare cases where they repeatedly make the mistake, the stick comes out - remove them from the admin roles and tell their boss that they're not fit for the role.

View More Comments
owahler
owahler September 24, 2012

I like the latter :-)

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 24, 2012

Sadly, it's the only way to deal with the ones who won't listen. Fortunately, in my experience, they are very few and far-between. On the rare times I've had to go to someone's boss and say "we have a problem with this user", I've always had a reply along the lines of "you aren't the first person to tell me that".

Like
Reply
0 votes
Ankush Kumar
Ankush Kumar February 14, 2022

Hi @Nic Brough -Adaptavist- 

I am facing same issue in my instance. Is there any possibility with the scriptrunner to do that.

If yes can you please share script if you are already having.

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 14, 2022

All you could do with SR is write a script that removes the unwanted groups from roles and run it regularly.

Like
Ankush Kumar
Ankush Kumar February 15, 2022

Hi @Nic Brough -Adaptavist- 

can you please help me with the script, if you are already having any.

Like
Reply
0 votes
Jobin Kuruvilla [Adaptavist]
Jobin Kuruvilla [Adaptavist]
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 23, 2012

There isn't anything you can do via configurations to prevent this. Actually, it is a good practice to use groups in project roles.

If you want to restrict groups like jira-users used in the project roles, you are looking at some plugins and disabling of standard functionality which does that.

View More Comments
owahler
owahler September 24, 2012

When talking about looking at some plugins: Do you know of any existing plugin in particular?

Regarding the good practics of uing groups in project roles: Basically I agree with you. Unfortunately we do not have project based group management in place. Hence the JIRA admins manage the groups on request and and project admins do not have immidiate visibility in nor control of the group members. This is why we educate our users to assign project mambers individually.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.