| Info |
|---|
Version 2.2 |
If time tracking is activated in JIRA and a user has the rights to browse a certain project, there is no way in JIRA to restrict access to time tracking information, i.e. time logged with all description details as well as work estimates and remaining estimates will be visible to a user who has access to issues. Even though you can restrict the right to log timework in JIRA, you can't prevent users from seeing time tracking information, and you can't restrict access to the fields "Original estimate" and "Remaining estimate" (these fields appear even of you do not grant the "work on issues" permission). This might be perfectly okay within a developper team, but probably is generating huge problems if you grant your customers access to a project. There is no proper solution for this as JIRA does not offer this level of permissions.
...
| Tip |
|---|
If you want to dive deeper into the question of restricting access to time tracking on "field level", you might want to have a look at the following topics: http://jira.atlassian.com/browse/JRA-2364 and http://jira.atlassian.com/browse/JRA-27613. There is also a plugin that partly solves the issue (https://plugins.atlassian.com/23216), but this requires a JIRA core patch and still there is a way to get time tracking information if you know how. |
As we think that it is essential that you have at least some control on who can see time tracking information in JIRA, we have added a small workaround to ictime that helps you to at least superficially hide this information from your customers in some places. This is work in progress, as we did not yet find identify all places where time tracking solution appears.
| Table of Contents |
|---|
...
Restrictions
...
| Warning |
|---|
This solution is JavaScript-based and only manipulates display of some data on the frontend. Any user with very basic programming knowledge will easily be able to get access to the information. In addition, there are places where time tracking information appear that we still did not find and could not hide (feedback is welcome). However, as JIRA does not offer a proper solution, As mentioned above, JIRA does not have a "field-level-security" concept, so that it is impossible to configure JIRA to hide certain fields - like time tracking data - in case a user has the permission to access an issue. This means that all approaches to solve this can only be very limited workarounds, as they can't solve the problem that JIRA will deliver time tracking data from the backend. Our workaround only removes data on the frontend. It is not difficult to get the data with respective tools or by deactivating JavaScript. |
However, we consider this solution still much better than simply displaying all data everywhere to everyone. Most customers have neither knowledge nor time or motivation to
...
play around with JIRA to get access to time tracking information (they might not even know that you track time via JIRA).
Configuration
Go to
ictime -> Configuration -> Permissions -> JIRA
Permissions are set on group level. You can select as many existing groups as you need. Either click on the group icon and choose the groups
or fill in the group name/s manually:
Once chosen the group/s, please click an the "Add" button to save your selection. The groups will be listed in the "Assigned" column of the interface.
If you have the following configuration options:
typed the group name manually and this group does not exist, it won't be saved.
To delete groups, use the respective link:
Permissions
| Note |
|---|
By adding groups to thes epermissions, you are denying (and not granting) access to time tracking information! By default, according to the non-existing JIRA permissions, all users with browse project permissions can see all information specified below; so there is no deafult JIRA group defined. |
| Permission | Description | Remarks | ||
|---|---|---|---|---|
| Tab Permissions (View Issue Screen) | Deny access to the tabs "All", "Work Log" , and "ActivityHistory" , and hide the "HistoryViews" , "Activity Stream" button (print view, XML view etc.) on the view issue screen. All these tabs/views contain time tracking information. Deny access to the Activity Stream on the project summary screen. | The activity stream can also be available as gadget on dashboards; see note below. | Webpanel Permissions | |
| Time Tracking Webpanel Permissions (View Issue Screen) | Deny access to Webpanels; this is the "Time Tracking" panel in the right column of the view issue screen. |
| Note |
|---|
You are denying access in this interface! By default, according to the non-existing JIRA permissions, all users with browse project permissions can see all information specified below. |
| Note |
|---|
The Activity Stream gadget for dashboards will also display time tracking information. As there is no way from preventing users with browse project rights to create own dashboards and to add any gadget they want, you can only take away this gadget from the system dashboard and hope that your clients have better things to do than adding new dashboards with the Activity Stream Gadget. We are looking for a solution for this, too. |
Permissions are set on group level. You can select as many existing groups as you need. Just click on the group icon and choose the groups:
Once chosen the groups, please click an the "Add" button to save your selection. The groups will be listed in the "Assigned" column of the interface.
To delete groups, use the respective link:
...
Create, Edit & Transition Issue Permissions | Deny access to original and remaining estimate data as well as the "Configure fields" option on create/edit issue. | |
General Time Tracking Permissions (all over JIRA)
| Deny access to time tracking related columns on issue navigator screens (also for gadgets that display issue lists), eliminate time tracking related data from activity streams (and RRS Feed option) on issue, project and dashboard level (all descriptions and times), deny access to time tracking related reports on project level. |
| Tip |
|---|
In order to deny access to time tracking data, some data and configuration options have to be eliminated completly, as it is not possible to filter the time tracking data itself; like e.g. in the case of "Views" on the issue screen. |