Restricting Issue Types

Jira issue type schemes are not very flexible, in the sense that you cannot limit the available issue types in a project. If someone has permission to create an issue in a project, they can create every issue type in the project’s issue type scheme.

This allows you to use Behaviours to restrict which issue types are available to different categories of users.

Restricting Available Issue Types

It’s a common requirement that you would like non-core members of the project to only create certain issue types, whereas the developers should be able to create Bugs, Tasks, New Features etc.

You can use setFieldOptions on the issue type field and restrict the available issue types accordingly.

The following script demonstrates that scenario, which you should apply as an initializer:

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.security.roles.ProjectRoleManager

import static com.atlassian.jira.issue.IssueFieldConstants.ISSUE_TYPE

def projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)

def user = ComponentAccessor.jiraAuthenticationContext.loggedInUser
def issueTypeField = getFieldById(ISSUE_TYPE)

def userRoles = projectRoleManager.getProjectRoles(user, issueContext.projectObject)*.name
def availableIssueTypes = []

if ("Users" in userRoles) {
    availableIssueTypes.addAll(["Query", "General Request"])
}

if ("Developers" in userRoles) {
    availableIssueTypes.addAll(["Bug", "Task", "New Feature"])
}

issueTypeField.setFieldOptions(availableIssueTypes)

The following four outcomes are possible

Current user belongs only to Users role, therefore the only available issue types to select from are: Query and General Request

Current user doesn’t belong either to Users or Developers roles, therefore no issue types will be available and the field will be disabled

Current user belongs only to Developers role, therefore the only available issue types to select from are: Bug, Task and New Feature

Current user belongs to both Users and Developers roles, therefore both the above sets of issue types are available

Restricting to a Single Issue Type

In a slightly different scenario, where there is only one issue type allowed, we can set that issue type and lock the field.

In this example we check the roles in the current project of the remote user - if they are members only of the Users role, we set the issue type to Query and lock the field.

import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.security.roles.ProjectRoleManager

import static com.atlassian.jira.issue.IssueFieldConstants.ISSUE_TYPE

// if the current user is in the Users role only, set the issue type to "Query", and lock it
def projectRoleManager = ComponentAccessor.getComponent(ProjectRoleManager)
def user = ComponentAccessor.jiraAuthenticationContext.loggedInUser

def usersRoles = projectRoleManager.getProjectRoles(user, issueContext.projectObject)*.name
if (usersRoles == ['Users']) {
    getFieldById(ISSUE_TYPE)
        .setFormValue('Task')
        .setReadOnly(true)
}

For people only in the Users role the Create Issue dialog will look like this:

If this is critically important that people only create the allowed issue types, you should consider backing it up with a workflow validator (perhaps a simple scripted validator) on the Create transition. Remember Behaviours are only in effect when using the browser, not when using the REST API.