We provide an option to create and manage work logs, which are available only for team members who are permitted to see them. This secured work logs option can be set during the team creation process. Team creators can choose between public and secured work log visibility.
Worklog permissions work even if a user tries to access any data or get some information using REST API or standard JQL. We have our own custom JQL and REST API, that allows getting only work logs that can be seen by the user. If the user tries to get every issue, that contains data they are interested in, they will not get any search results, if permissions in a team are not provided to them. Our REST API returns the work logs according to the permissions in every team. The secured work logs data is not visible in the “All”, “History” and standard “Work logs” tab.
Team leads can manage access to their team, create new custom roles, and assign them to users, who should be able to add work logs to a team, view team results, manage other team members' work logs or manage the team as co-team lead or deputy.
With the strong permissions model and secured work logs option, we can fully resolve the case, when time visibility should be restricted. For some clients, it is important to track time this way, and it is what is currently missing in Jira out of the out-of-the-box time tracking solution.
What is the difference between a public and a secured work log?
Public work logs are visible to anyone within your team who has permission to view them. It’s also displayed in the history and activity tabs in the Issue view.
A secured work log, on the other hand, is only visible to users who belong to the team to which the work log is assigned and have permission to “view other work logs” or “manage work logs” (of other team members). The main difference is that the secured work logs are stored in your own database in a separate table, so they aren’t visible in the Issue history or the activity history of an Issue. This feature is available for the Data Center, we are working hard to bring it to the cloud version as well. To enable permission to view secured work logs for team members, please navigate to the Teams module, and choose “Roles & Permissions” in the “Edit team” menu. Here you can create custom roles with the needed permissions. Once you completed this step, navigate to “Team member” in the “Edit team” menu to assign a role to a team member.
How do I enable secured work logs?
You can enable secured work logs during team creation. Caution: Choose wisely, this setting can’t be undone and is permanent.
If you are currently using a team and want to switch to using secured work logs, please create a new team.
Why can’t I see the option to set up secured work logs during team creation?
Your admin hasn’t enabled the option on your instance. Please reach out to this person. If your admin needs more insights into how the work logs are stored, make sure to read our security guide.
What happens if I move a public work log into a team that enabled secured work logs?
Our app automatically deletes the former work log that is stored in the Jira database and creates a new secured one with the same information in our database. The same procedure applies if you move a secured work log into a team that enabled public work logs.
You don’t need to worry about it – everything happens in the background while you focus on your work.
What happens with work logs if I delete a team, which uses the secured work logs option?
You will be asked to choose one of the following options:
Convert all work logs to public work logs
Delete all work logs associated with this team
The first option can be chosen if you do not want to delete any data and keep the work logs. Please note, that if you choose this option, the work logs will use the same logic, as work logs, which are not associated with a team.
You can also delete all work logs of this team. In this case, work logs associated with the team will be deleted. No data will be available for checking, reporting, or viewing.
You should also confirm your action by marking the checkbox “Yes, I confirm that I want to delete this team irreversible.“, as this action is irreversible.
What can be done, if some secured work logs were not converted during team deletion?
You can try the following actions:
Try to delete this team again later
Contact your Jira administrator, so the responsible person can check Jira logs and check the reason for failure. Examples of possible reasons for failure: - User´s permissions were deleted - User was deleted - The server was restarted during team deletion