Hey everyone, I’m scratching my head over a Jira 4.0 issue. We’ve got this setup where I want our suppliers to only see certain projects, but they’re seeing more than they should. Here’s the deal:
We have two main groups: jira-users and jira-login
Suppliers are only in jira-login and a special Suppliers group
Regular users are in both jira-users and jira-login
I gave the Suppliers group access to specific projects by adding them to the Users project role. But they can still see some projects I didn’t give them permission for. What’s weird is that these extra visible projects only have jira-users in their project roles.
I’ve checked everything I can think of, but I can’t figure out why these suppliers can see these extra projects. It’s driving me nuts! Does anyone have any ideas what might be causing this? Maybe there’s some setting I’m overlooking?
I’ve dealt with similar visibility issues in Jira before, and it can be incredibly frustrating. One thing to check is the ‘Browse Projects’ global permission. Even if users aren’t assigned to specific project roles, this permission can sometimes grant unexpected visibility.
Another possibility is that there might be a plugin or add-on affecting project visibility. We once had a third-party app that was overriding our carefully set permissions.
If those don’t pan out, I’d suggest temporarily removing all permissions from a test supplier account, then gradually adding them back to pinpoint where the extra access is coming from. It’s time-consuming, but it helped us track down a sneaky permission issue last year.
Lastly, double-check that there aren’t any group hierarchies or nested groups that might be granting additional access. Sometimes these can be easy to overlook in complex setups.
Have you considered checking the project categories? In my experience, sometimes project visibility can be affected by category-level permissions. If the projects that suppliers can unexpectedly see are all in the same category, that might be the culprit.
Another thing to look at is the ‘Anyone’ group in project permissions. It’s easy to overlook, but if certain view permissions are granted to ‘Anyone’, it could explain why suppliers are seeing more than intended.
Also, don’t forget to verify the ‘Project Viewing’ scheme if you’re using one. We once had a similar issue where a misconfigured scheme was granting broader access than we realized.
If all else fails, I’d recommend reaching out to Atlassian support. They can often spot configuration issues that aren’t immediately apparent to us admins.
hey, have u checked the global permissions? sometimes theres sneaky settings there that let ppl see more than they should. also, maybe look at the ‘browse users and groups’ permission. if suppliers have that, they might be able to see projects through user profiles. just a thought!