Forum Discussion

Sandy1's avatar
Sandy1
New Contributor
12 months ago

Permissions for viewing test executions

Hi, I have a question about limiting access to test execution information.

 

Background:

We are running a Jira cloud instance that supports our work with multiple (20+) externals organisations. For data security reasons each organisation has their own Jira project so that they cannot access the issues and data of the other organisations (issue level security was not a feasible solution to manage this, with so many different groups of users).

All organisations must execute the same tests, so we have set up a 'central' Jira project purely for hosting all our test cases in Zephyr. So whenever a new product release is made we make sure our tests are up to date and then in each organisation project we create a new test cycle and then add the tests from the central project. This reduces effort because if we ever change a test case in the central project, this change can be propagated easily to all the organisation projects that are pointing to that test case (as opposed to importing/exporting, or manually changing, the test cases in each project!).

 

Observations:

  • We need to enable the 'browse project' Jira permission on the central project to allow the organisation-level users to be able to actually see the tests when they come to execute a test cycle. But that's ok as we have made sure the zephyr permissions in the central project mean that those test cases can't be altered by them.
  • However, acting as an organisation user I have noticed that if I click to view the test case, I can then go to the 'executions' tab and see the entire execution history for ALL projects that use that test case, even if I'm not a member of those other projects.
  • Now granted I cannot actually click on the execution key and view all of the sordid details in it, but even on the execution tab for a test it shows usernames, issue counts, status etc. which is all information that we'd like to prevent user of other organisations seeing.

 

Question:

So is there a way to prevent users seeing the execution history of a shared test based on the project they belong to?

 

 

 

 

Zephyr Scale Cloud
No RepliesBe the first to reply