The first thing I suggest you do is fix the default permission scheme.
JIRA works by GRANTING access. You can't restrict access. By default, it grants access to the group used to logon (used to be JIRA-users but may be different on your version).
1. The FIRST thing you need to do to get control is to remove any groups with logon privileges from the permission scheme unless you absolutely want everyone to have that permission.
2. Then I suggest you setup Project Roles for the various functions like, tester, QA, Browse Only, etc.
3. One permission scheme will cover almost all projects. The project admin controls project role membership
1. For voting users will need an account. The only way to control issue access is by applying an Issue Security Scheme. Depending on how many variations you need it may be unmanageable. I haven't used service desk so I can't speak to that.
2. Components are in the project so if they can create an issue they can select any component. Again, look to issue security schemes to restrict issue access. Creating dashboards would be a work around, however they can still directly see the project.
3. Controlling access to projects is covered in my suggestion to fix the default permission scheme.
4. I haven't been at a site that used the work log. In my experience the hours aren't reliably entered or consistent.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.