Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

User in us can create, see issues, user in cn can only create

Ray Kiddy
Ray Kiddy
Contributor
January 31, 2013

This seems odd. I received a report from a colleague of mine in Beijing. He can create issues in our JIRA server, which is run here in California, but he is not able to read any issues, even those he created.

I checked the Permission Schemes. We are using only one. I checked the project. I checked which groups he is in. Then I noticed another user. She is in exactly the same groups. She sits across the hall from me, here in CA. She can create issues and see them and has no problems with this.

So, what is there to look at here? Permission Schemes. Projects. Groups. What else is there that can block access?

Answer
Watch
Like Be the first to like this
754 views

6 answers

1 accepted

0 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 31, 2013

Permission scheme is the first thing to check, although there's only two important lines for this problem. (Also, just make sure the scheme you are looking at is definitely associated with the project)

Look very carefully at "browse" permission - what *exactly* have you got on that line? Does it say something like "assignee, group X, group Y and role Z". How exactly does your Beijing user match that? Are they in one or more groups? Roles in the project? Etc.

The second line in the permission scheme is "security level". This is tied to the "security scheme" on the project header. Most people don't use this much, so rather than ramble at length here, can you just look at the project settings - if the security scheme is set to "none", it's not this.

View More Comments
Udo Brand
Udo Brand
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 31, 2013

It sounds like a security level issue. Your Beijing colleague has Create Issue permission in that project. However the default security level does not contain the group/project role his is in as well as the reporter. So he can create an issue but is not allowed to see it anymore. We fumbled over a similar situation.

Like
Ray Kiddy
Ray Kiddy
Contributor
January 31, 2013


Our JIRA says:

You do not currently have any issue security schemes configured.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 31, 2013

Excellent, that completely rules out that one, so it must be the permissions.

What, exactly, do you have in the permission scheme for "browse"? (Be interesting to look at "create issue" as well...)

Like
Ray Kiddy
Ray Kiddy
Contributor
February 1, 2013

By "Browse", I take it that you mean "Browse Projects". That _is_ the only permission with the word "Browse" in it.

I did not have jira-users associated with the 'Browse Projects' permission. Now I do. And now I think that this will solve our problem. I will check when the Beijing people come on-line.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 1, 2013

Yes, sorry, I forget it's "browse projects", I don't even look at the words any more. Familiarity etc :-(

I really do think your user is failing to match something in the browse permissions. Jira-users group should fix it though - by default it is used to mean "can log in", so although it's a bit "sledgehammer to crack a nut", it is an excellent way to test it! If it works, then you know it's definitely your browse-project membership that's causing it.

Like
Reply
0 votes
Renjith Pillai
Renjith Pillai
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 1, 2013

This will help you to see differences between the users - https://marketplace.atlassian.com/plugins/com.atlassian.jira.plugins.jira-admin-helper-plugin

Reply
0 votes
Ray Kiddy
Ray Kiddy
Contributor
February 1, 2013

By "Browse", I take it that you mean "Browse Projects". That _is_ the only permission with the word "Browse" in it.

I did not have jira-users associated with the 'Browse Projects' permission. Now I do. And now I think that this will solve our problem. I will check when the Beijing people come on-line.

Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 1, 2013

"Browse" is the "read issues" permission.

Again, what, exactly, does the line for browse say? List the groups, roles, dynamic roles, and so-on.

Reply
0 votes
Ray Kiddy
Ray Kiddy
Contributor
January 31, 2013

We mostly just use the groups jira-users, jira-developers and testers. The "testers" group is the only one able to do a few things. The jira-developers group can do pretty much anything. The users here in CA and in CN are both in the jira-users group. I added this group to the 'Browse Projects' permission in the scheme. I do not think this will fix the issue.

I am noticing that there is no 'Read Issues' permission listed in the scheme. Is there something that captures the meaning of this permission, something with a different name?

Reply
0 votes
Doug Bass
Doug Bass January 31, 2013

You could check the project roles. Also verify the userid by looking at the JIRA user's and seeing id the China user may be using another userid.

View More Comments
Ray Kiddy
Ray Kiddy
Contributor
January 31, 2013

I see that the Beijing user did create an issue in the project at the time I expected. I think this verifies that he is logging in as the user I expect.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Product apps
Apps & Integrations
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.