How to Set the Permissions for Risks
You can set up issue level security in every project. This means that you can see some issues but not all. It solves a typical “support project” problem where not everyone should see all the issues in a project. The same security level feature can also be used in the context of risks. In other words, you can easily hide specific risks from certain groups or project roles.
In order to set up the issue level security, you can read more at Configuring issue level security by Atlassian.
You can define different levels as shown below:
When the issue access level is defined, you can specify who can access an issue (see the picture below for how the defined Security Level is visible on a Jira issue view).
In order to automatically update the security level you can use the sil scripts and workflow post functions to change levels. You can use the following script in the necessary workflow transitions post function:
string PROJECT_ROLE = "Risk Managers";
if (isUserInRole(currentUser(), project, PROJECT_ROLE))
{
securityLevel = "Risk Managers level";
}
else
{
securityLevel = "Anybody";
}If the user who executed this specific transition belonged to the project role “Risk Manager” then the security level of the issue was automatically changed to “Risk Managers level”.