Manage permissions in your first space

You won't want every user in your team to have the same level of access to Jira. For example, you may want to restrict who can administer Jira, or prevent users from viewing a space. In this step, you will learn about the different permissions in Jira and set permissions for a new space.

ロール、グループ、ユーザーの概要

A role is a space-specific set of groups and/or individual users. In our example of the design project in the t-shirt business, all product managers need to be able to assign work items across all spaces, while senior designers need to be able to assign work on specific design spaces. In Jira, you can define a product manager role that includes all product managers. You can then define a set of permissions with the "Assign work item" permission for this role, and apply this set of permissions to all spaces. Individual senior designers can be added to the product manager role on each space, as needed.

Overview of global and space permissions

Global permissions cover a small set of functions that affect all spaces in Jira (for example, permission to administer Jira). They can only be assigned to groups: 

Space permissions cover a set of more granular functions that affect a single space. For example, permission to create work items in a space can be assigned to groups, users, and space-specific roles.

Now let's put this into practice! You're going to go through the tasks involved to use space permissions to hide a new, secret t-shirt design project from some of your users.

新しいロールの作成

This role will only contain users that you want to view a particular space. We will assign permissions to this role in the next step.

1. Select Settings ().

2. Select System, then Space roles in the security section.

3. Add another role named "Review".

4. Leave the Description field blank for now and select Add space role.

5. [既定のメンバーを管理] を選択します。

6. Select Edit under Default Users and add yourself and Jason to the Review space role (don't add Kate or Emma).

新しい権限スキームの構成

The Browse Spaces permission controls whether a user can browse a space, i.e. whether they can view the space. Let's assign this permission to your new role.

1. Select Settings ().

2. Choose Work items, then Permission schemes.

3. 既定の権限スキームをコピーします。

4. コピーした権限スキームを編集し、名前を "機密権限スキーム" に変更します。

5. 更新を選択します。

6. 機密権限スキームに対して [権限] を選択します。

7. ログインできるすべてのユーザーの参照権限を削除します。
   
   

   1. Select Remove to the right of "Browse Spaces".

   2. Select "App access - Any logged in user".

   3. Select Remove.

8. Grant browse permission to our "Review" space role:
   
   

   1. Select Edit  to the right of "Browse Spaces".

   2. Select Space Role and Choose "Review" from the menu.

   3. Select Grant.

Associate the scheme with a new space

For the last step, let's associate the permission scheme with a new space.

1. Next to Spaces in the sidebar, select Create space ().

2. Choose the space type "Task tracking".

3. Name the space Top Secret Tee and Create.

4. Select Permissions, then Actions, then select Use a different scheme.

5. スキームで Confidential Permission Scheme を選択し、関連付け をクリックします。

The only users that will be able to browse your new space are Jason and yourself. Note that default members are only added to a role for new spaces. You can also use this approach to restrict users from creating work items, adding comments, closing work items, and more.