System, Application & Project Admins: Who Does What in Jira?

JiraSwamp.png

 Guest post from Rachel Wright, author of the Jira Strategy Admin Workbook.

 

Who does what?

I was recently asked, “If Jira project admins can now edit their own workflows and screens, what’s left for the application admin to do?”  Plenty!  Application admins are still very much needed, and their work extends way beyond managing a Jira project.  Furthermore, the new project admin abilities aren’t as liberating as they may sound.  Let’s examine the types of admin users.

admin_responsibilities_ProForma_ThinkTilt.jpg

Types of Jira Admin Users

There are many different types of Jira admin users and responsibilities vary depending on the type.  Admin users generally fall into one of the following categories:

  • System Level Administrators – Users with the ability to perform absolutely every Jira administration function
  • Application Level Administrators – Users with permissions to perform most Jira administration functions
  • Project Owners or Leads – A project’s single point of contact, often responsible for project strategy decisions
  • Project Level Administrators – Users with permissions to manage settings for individual Jira projects.  (Example: Components, project users, etc.)

While the admin types have distinct abilities, a user can be multiple types of administrators at the same time. For example, an application administrator may also be the owner of a specific Jira project.   An application administrator could be a system administrator as well if those roles have been combined.  For the differences between application administrator and system administrator permissions, see the “Managing Global Permissions” documentation.

Jira Admin Responsibilities and Abilities

Each admin level has a distinct set of responsibilities. Below, we’ll address the four admin types as two levels:  system/application and project.

System Level Administrators & Application Level Administrators

These administrators need to consider the health of the application, impact to the application, and maintenance implications for each decision and change they make.  These admins need to be chosen carefully, audited regularly, and approved by the application owner.

Application admins typically have the following responsibilities:

  1. Assist the Jira Advisory Board in maintaining established standards
  2. Communicate standards, procedures, changes, and maintenance outages to your Jira Ambassador team and end users
  3. Assist end users with user-specific settings
  4. Assist Project Level Administrators with managing settings and maintaining their projects
  5. Complete approved customization requests or suggest alternative solutions within established standards
  6. Manage users, groups, and access
  7. Create and configure new projects, schemes, and assets
  8. Remove projects, schemes, and assets when they are no longer needed
  9. Perform application upgrades
  10. Vet, install, and upgrade apps, plug-ins and integrations
  11. Check logs for and address errors
  12. Develop and maintain documentation and end user training materials
  13. Monitor and ensure the overall health of the application

Download this list as a worksheet at: jirastrategy.com/link/admin-responsibilities.  Tip:  Turn this worksheet into a Jira Admin job description!

Project Owners & Project Level Administrators

Each Jira project has a listed “Owner” or “Lead” who is sometimes also the default issue assignee. Additionally, individual projects can have an unlimited number of administrators. As such, there’s an opportunity to involve additional users in project-level maintenance and management.

Project admins typically have the following responsibilities:

  1. Set and maintain Components, Versions, and other project-specific settings in accordance with established standards
  2. Manage users and groups in the “Users and roles” area
  3. Routinely triage (or appoint a triage person) to assign and review issues as they are created
  4. Maintain the data and accuracy of data in the project space
  5. Report any project issues or customization needs to the Jira Support team
  6. Respond to questions or approvals requested by the Jira Support team

ADDITIONAL EDITING ABILITIES

Additionally, project admins have limited workflow editing abilities in Jira version 7.3 and limited screen editing abilities in version 7.4.  Also in 7.4 these abilities can be enabled or disabled through Permission schemes.

Project admins can only utilize assets that already exist.  For example, they can add an existing status to their workflow or an existing custom field to a screen, but they cannot remove a status, create or rename statuses, or create new custom fields. They can modify transitions, but not edit transition screens or transition behaviors (properties, conditions, validators, or post functions).  Further, these editing abilities only apply to projects where the workflow and the screens are not shared with other projects.  If you’ve been sharing project configurations, as highly recommended in the Jira Strategy Admin Workbook, it’s possible that few or none of your project admins will have these new editing abilities.  Additionally, the default workflow and default system screen still cannot be edited by anyone.  Read more about these features in the 7.3 and 7.4 release notes.

HOW TO CHECK FOR WORKFLOW EDITING ABILITIES

  1. Use the Admin UI
    If you have few workflows, you can manually look for ones that are only used by one project. In the Jira Admin UI, visit Admin > Issues > Workflows.  Click the “View” link next to each workflow.  The following page will show how many projects use the workflow.
     
  2. Use Atlassian’s Script(Jira Server Only)
    Atlassian created an admin helper script to detect workflows and administrators impacted by the 7.3 change. The script requires node.js and you must be able to execute it on your server.
     
  3. Use the Database (Jira Server Only)
    This method is not perfect but it got me to the data I needed. Work with your database team to improve the sample queries or format them for your database type.

First, I counted the number of projects used by each workflow, looking for any that are not shared (those with a project count of 1.)

Sample Query:  SELECT wse.workflow, count(p.pname) AS `Projects Using Workflow` FROM nodeassociation n INNER JOIN project p ON p.ID = n.source_node_ID INNER JOIN workflowscheme ws on ws.ID = n.SINK_NODE_ID INNER JOIN workflowschemeentity wse on wse.scheme = ws.ID WHERE n.source_node_entity = ‘Project’ and n.sink_node_entity = ‘WorkflowScheme’ GROUP BY wse.workflow ORDER BY `Projects Using Workflow`, workflow;

Next, I retrieved project details for each of the not shared workflows.  I mainly wanted to know the project id, project name, and lead.

Sample Query: SELECT p.id AS project_id, p.pname AS project_name, p.lead AS project_lead, ws.name AS project_associated_workflow_scheme, wse.workflow AS workflow_scheme_associated_workflow FROM project p LEFT OUTER JOIN nodeassociation na ON na.source_node_id = p.id AND na.sink_node_entity = ‘WorkflowScheme’ LEFT OUTER JOIN workflowscheme ws ON ws.id = na.sink_node_id LEFT OUTER JOIN workflowschemeentity wse ON wse.scheme = ws.id LEFT OUTER JOIN jiraworkflows jw ON jw.workflowname = wse.workflow WHERE  wse.workflow = ‘Workflow Name 1’ OR wse.workflow = ‘Workflow Name 2’ …

I put all the info into a spreadsheet for further analysis.  From this abbreviated workflow and project list, I was able to examine individual project settings, like screens and permission schemes, to determine who would be able to take advantage of additional project admin features.

Deciding exactly what you want project admins to do may require experimentation as you adjust to the possibilities of Jira 7.3 and 7.4. Ultimately, you’ll want to maintain a balance between providing ease and flexibility while still maintaining standards and control at the system/application level.