Documentation for ictime version 2.x. This documentation relates to an old, non-supported version of ictime. The documentation of the current version can be found here.
JIRA View Time Tracking Permissions (Workaround)
- Former user (Deleted)
- Smadoa GmbH
Version 2.2
Added a couple of places where time tracking information is filtered. Added two new permissions.
If time tracking is activated in JIRA and a user has the rights to browse a certain project, there is no way in JIRA to restrict access to time tracking information, i.e. time logged with all description details as well as work estimates and remaining estimates will be visible to a user who has access to issues. Even though you can restrict the right to log work in JIRA, you can't prevent users from seeing time tracking information, and you can't restrict access to the fields "Original estimate" and "Remaining estimate" (these fields appear even of you do not grant the "work on issues" permission).
If you want to dive deeper into the question of restricting access to time tracking on "field level", you might want to have a look at the following topics: http://jira.atlassian.com/browse/JRA-2364 and http://jira.atlassian.com/browse/JRA-27613. There is also a plugin that partly solves the issue (https://plugins.atlassian.com/23216), but this requires a JIRA core patch and still there is a way to get time tracking information if you know how.
As we think that it is essential that you have at least some control on who can see time tracking information in JIRA, we have added a small workaround to ictime that helps you to at least superficially hide this information from your customers in some places. This is work in progress, as we did not yet find identify all places where time tracking solution appears.
Restrictions
As mentioned above, JIRA does not have a "field-level-security" concept, so that it is impossible to configure JIRA to hide certain fields - like time tracking data - in case a user has the permission to access an issue. This means that all approaches to solve this can only be very limited workarounds, as they can't solve the problem that JIRA will deliver time tracking data from the backend. Our workaround only removes data on the frontend. It is not difficult to get the data with respective tools or by deactivating JavaScript.
However, we consider this solution still much better than simply displaying all data everywhere to everyone. Most customers have neither knowledge nor time or motivation to play around with JIRA to get access to time tracking information (they might not even know that you track time via JIRA).
Configuration
Go to
ictime -> Configuration -> Permissions -> JIRA
Permissions are set on group level. You can select as many existing groups as you need. Either click on the group icon and choose the groups
or fill in the group name/s manually:
Once chosen the group/s, please click an the "Add" button to save your selection. The groups will be listed in the "Assigned" column of the interface.
If you have typed the group name manually and this group does not exist, it won't be saved.
To delete groups, use the respective link:
Permissions
By adding groups to thes epermissions, you are denying (and not granting) access to time tracking information! By default, according to the non-existing JIRA permissions, all users with browse project permissions can see all information specified below; so there is no deafult JIRA group defined.
| Permission | Description | Remarks |
|---|---|---|
| Tab Permissions (View Issue Screen) | Deny access to the tabs "All", "Work Log" and "History" and hide the "Views" button (print view, XML view etc.) on the view issue screen. All these tabs/views contain time tracking information. | |
| Time Tracking Webpanel Permissions (View Issue Screen) | Deny access to Webpanels; this is the "Time Tracking" panel in the right column of the view issue screen. | |
Create, Edit & Transition Issue Permissions | Deny access to original and remaining estimate data as well as the "Configure fields" option on create/edit issue. | |
General Time Tracking Permissions (all over JIRA)
| Deny access to time tracking related columns on issue navigator screens (also for gadgets that display issue lists), eliminate time tracking related data from activity streams (and RRS Feed option) on issue, project and dashboard level (all descriptions and times), deny access to time tracking related reports on project level. |
In order to deny access to time tracking data, some data and configuration options have to be eliminated completly, as it is not possible to filter the time tracking data itself; like e.g. in the case of "Views" on the issue screen.