Tuesday, March 19, 2013

How to restrict a Jira issue?

Why should we restrict Jira issue?
Typically Jira instance will be opened to non-developers like Customer Support, partners, QA and in some cases to Customers also. When a critical issue like security issue on our application is reported on Jira, we don't want non developers, especially partners/customers to view it. But still we may require other non-critical issues in our Jira project to be visible to all the members.

Solution:
1) We can restrict entire Jira project by creating a issue security scheme and appling it to a project.
2) We can make selective issues to be restricted.

In this blog, I'll describe to do the option 2.


1) Create an issue security scheme
Administration -> Issues -> Issue Security Schemes -> Add Issue Security Scheme -> enter a name & description -> Add

2) Add a security level to an issue security scheme
Administration -> Issues -> Issue Security Schemes -> Select your scheme -> Security Levels -> Add Security Level -> enter name and description (Ex: Development, Only developers can see this issue)
3) Add Users/Groups/Project Roles to a Security Level
Administration -> Issues -> Issue Security Schemes -> Select your scheme -> Security Levels -> Locate your security level -> Add -> Select the appropriate user, group or project role -> Add ( I selected a group, which has 5 members)
4) Assign an issue security scheme to a project
Administration -> choose your project from Projects -> Permissions -> Issues (None/Your issue security scheme) -> Select the issue security scheme that you want to associate with this project -> Associate
5) Setting Security on an Issue
Create/edit the relevant issue -> In the 'Security Level' drop-down field, select the desired security level for the issue -> When you save the issue, the issue will then only be accessible to members of that Security Level

Don't find 'Security Level' drop-down field on your issue? Here is what you need to do.
6) Modify your project permission scheme to allow users to set security levels

Administration -> Issues -> Permission Schemes
You can copy existing permission scheme and modify it or create new one. I prefer copy/modify

Select your permission scheme of your interest -> Copy -> It will create a copy -> Edit & provide name & description

Click permission -> Locate Set Issue Security -> Add -> I added a Group and Project Lead
This will allow your group members and Project Lead to set security levels on issue

7) Associate new permission scheme to your project
Administration -> choose your project from Projects -> Permissions -> Scheme -> Actions -> Use a different scheme

8) Add Security Level field to your project screen
Administration -> choose your project from Projects -> Screens -> Click on the screen scheme (MyORG Screen scheme) -> Select Screen (Defect screen)  -> Add Field -> Select Security Level -> Add

Now you should be able to find security level field on your issue. Follow Step 5, your issue shouldn't be visible to all.

Friday, March 8, 2013

Track/update Adobe Flash Player

Adobe Flash Player is a well known tool for exploitation by hackers. It is our responsibility to keep track of latest updates released by Adobe and make sure our system hosts latest Flash Player. Otherwise our systems are prone to security attacks.

Most of the browsers send alerts to upgrade Flash player, whenever latest versions are released. We just need to make few clicks and make sure it is installed.

How to check Adobe Flash version?
1)  Windows
     On windows XP/2003: Start -> Settings -> Control Panel -> Add/Remove Programs -> Locate Flash in the list -> Click on Adobe Flash Player XX Plugin -> Click here for support information
     This will display the version
     On windows 7: Start -> Control Pannel -> Programs -> Programs and Features ->  Locate Flash in the list -> You can notice version in the last column

2) Chrome Browser
    Type chrome:plugins in the address bar to open the Plug-ins page.
    On the Plug-ins page that appears, find the "Flash" listing.
    Verify the version

3) On IE or Firefox browser
    Open Flash about page http://www.adobe.com/software/flash/about/  . It displays your current version.
    Open Flash player find version page http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html   . Notice your version in point 2


Download latest Adobe flash from : 
http://get.adobe.com/flashplayer