Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Why isn't my issue level security stopping comments?

Nancy Bonanno
Nancy Bonanno
Contributor
April 9, 2020

The goal is to allow anyone to view a resolved ticket (issuetype SDSK) but only administrators can add a comment or change it, etc.

I have a role Administrators, who can do anything.

I have a role Read Only, who only have the Browse Project permission.

I created an issue level security with those two Roles.

On the final transition to resolved, I added a post function that applies that Issue Security (if the user is a Service Desk Collaborator, which is everyone).

I can see the ticket has the Issue Security applied, but Carol, who is not an Administrator, can still comment on the ticket.

What am I doing wrong? (Thanks in advance.)

 

Answer
Watch
Like Be the first to like this
466 views

1 answer

1 accepted

0 votes
Answer accepted
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 9, 2020

Is she adding comments by going into the GUI, and commenting on the ticket or is she commenting via an email?

Issue level security controls who is allowed to "See" a ticket. User can comment (via email usually) on tickets they can not see.

Also the "role" doesn't necessarily mix with issue level security the way you think it does.

Just cause the user is in role "read only" if she is in another role that would grant her comment access, then as long as she can pass issue level security (doesnt matter how) then she can use any rights granted to her by any role on that issue.

View More Comments
Nancy Bonanno
Nancy Bonanno
Contributor
April 9, 2020

I sent her a link to the ticket, so she is adding a comment via GUI.


I guess I totally don't understand Issue level security then. Yes, she is in other Roles that would allow her to comment normally. But I thought by adding the Issue Security I was saying, "Use only these roles with their related permissions." How do I allow admins to edit these tickets but everyone else only to view the tickets? Thanks for the help.

Like
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 9, 2020

Nope. Issue level security is simply "only let these people see this issue" Once they can see it they can do anything they normally can.

As for limiting who can comment on a ticket depending on status. Thats a whole different ball of wax. Not something that can be easily done

2 ways offhand that I can think of

1: Use something like scriptrunner behaviors or power actions live fields to prevent access to comments. (Not sure if this would work)

2: Use a custom field group picker with, and allow groups from that field to comment/edit, then empty it out when you transition to done.

Not very elegant and adds overhead in managing group and that field.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 12, 2020

I would use "workflow properties" - you can override permissions by adding a flag to a status.  One option is "comments permission = no", so when an issue is in a particular status, you can stop commenting.

Another example is to prevent issue edit - if you use the Jira default built-in workflow, you will find you can't edit closed issues because there is a permission property on the "closed" status.

Like # people like this
Nancy Bonanno
Nancy Bonanno
Contributor
April 21, 2020

I actually used "jira.issue.editable=false" or something like that.  Thanks!

Like Andrew Laden likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security