How to Restrict Access to Queues in Jira

Summary

This article presents a method for implementing access restrictions to queues by leveraging the Jira Issue Security Feature.

Cause

At present, the native application of issue security within Jira queues is not supported. Consequently, this article has been created to serve as a workaround solution in response to the below Feature Request.

• JSDCLOUD-366 - Ability to show/hide Queues with specific users/groups

Solution

When assessing the workaround for this issue, it is essential to take the following factors into consideration:

1. Establish the presence of a distinct custom field for distinguishing Jira queues (e.g., "Categories" Custom Field).

2. Utilize the Issue Security feature to assign security levels.

3. Implement Automation procedures to definitively assign security levels based on the custom field value.

Create Queue and Filter using Custom Field

For illustrative purposes, we will utilize a custom field named "Categories," which is configured as a Select List (single choice) type field containing two options: "Authorized" and "Unauthorized." Subsequently, we will proceed to establish two Jira queues, each named in accordance with these choices:

Queue 1: "Authorized" > has a JQL filter to view all the categories which are Authorized

Queue 2: "Unauthorized" > has a JQL filter to view all the categories which are Unauthorized

A sample queue filtered using a custom field value

Create Issue Security Scheme

In this context, we will establish two distinct levels of issue security: one designed for authorized users and another tailored for unauthorized users. Further information on the creation of an Issue Security Scheme can be found in the provided documentation.

For the purpose of this demonstration, we will assign the "Site Admins Group" to both the "Authorized" and "Unauthorized" security levels, while a "Sample User" will exclusively be assigned to the "Unauthorized" security level.

To add users to the respective security levels, please follow the steps outlined below:

1. Select > Issues.

2. Under ISSUE ATTRIBUTES, select Issue security schemes.

3. Click the scheme name or the Security Levels link in the Actions column.

4. Locate the appropriate security level and click Add link in the Actions column

5. Select the appropriate user, group or project role, then click the Add button.

➕ As in this solution, we are using Automation for Jira to assign Issue Security Level; we have added the Project Role : (atlassian-addons-project-access) to the Security Levels

A Sample Issue Security Scheme

Automation to Assign Issue Security Based on Custom field Value

1. Go to Project Settings > Automation > Create Rule

2. One could either configure an Automated Trigger or have a Manual Trigger to run from the Subtask Issue; as stated in Jira automation triggers, for the purpose of this example we will use Issue Created Trigger.

3. Add a Condition: If [ Categories = Unauthorized )

4. Then Edit Issue Fields: Security Level = Unauthorized

   [ You can to set up multiple if-else conditions to accommodate various categories, and then assign the appropriate security levels based on these conditions. ]

   ℹ️ Ensure : (atlassian-addons-project-access) has the Assign Issue Security Permission under Project settings

   A Sample Automation Rule

   

Sample View

• View for Site Admins Group

  

• View for Sample User