top of page
Buy Now

Comment Security Default
for Jira Data Center / Server

This plugin allows you to:

  • Specify your own defaults for comments when adding a comment, a new attachment, logging work, linking work or editing an issue or transitioning an issue.  

  • Set defaults as either project roles or user groups

  • Define default settings at the global and/or at the project level.  

  • Specify the color of a comment field when restricted to either "Viewable to all users" or to all other restriction levels

  • FULL support for Service Desk and Jira Agile

An instance of a new comment with a different default is shown below.

The Comment Security Default plugin does not work on JIRA mobile.

New Features:

  1. As of version 3.0.0, the plugin now supports using groups as defaults, previously it was only for project roles.

  2. Service Desk users can specify to always show the customer tab.  Any defaults are still automatically selected if they change to the internal tab.



Global Settings

CSD Global Settings

The defaults for comment security can be set globally in one location for all projects in JIRA.  Setting the defaults globally is optional.  The defaults can also be set on a per-project basis (see Project Settings below) 


Important: If you are wanting to use groups in comment security then this needs to be enabled within Jira.  To enable it you need to go to System -> General Configuration, click edit settings, go to "Comment Visibility" and select "Groups & Projects" 

CSD Global - Defaults


Once enabled your first option is to specify what to do if a default is missing.  The defaulting of security roles is dependant on the role being available to the project and/or user. If the role isn't present then the plugin will follow the rule defined in the "When Role is Missing" field.  Your options are:

  • Ignore - The role is left to what it is normally set to

  • Force Selection - The user is forced to enter a role (only if there is a comment) before they can the comment is added. An example of a screen with a forced selection is shown below.


Next, the user gets the option to specify defaults for the comment field for assigning a user, attachments, edit issue, linking issues, new comments and transitions (transitions can be broken down to a finer per-transition default).  The default can either be a project role or a user group.


For transitions, there is a default security level and the option to additionally add per-transition default by clicking on the Add button.  This will open the dialog shown below.  Once a per-transition default has been added it can be removed with the delete button.


NOTE: To user coloring for a project you must have either the global level "Define Global Comment Service Defaults" or the projects "Define Comment Security Defaults for Project" checkbox checked (You do not need to have any defaults set).

Comment coloring can be used to highlight if a comment is "Viewable to all users" or if restrictions have been put on the comment.  Colors can be specified for background and/or border colors.  An example of two different colored comment boxes is shown below.

CSD Global - Coloring

Service Desk Comment Security

To use defaults and colorization within Comment Security Default you need to specifically enable it by checking the "Enable Security Defaults for Service Desk".  Service Desk projects will then use the defaults and coloring specified.  

For Service Desk projects you can also elect to use non-Service Desk comments (comments without the customer/internal tabs) or have defaults but still display the customer tab (the default is automatically selected when you change to the internal tab).

Access Control

Access Control allows you to limit the number of users that the plugin applies to and say who is allowed to change the security level.  


If for "Only Apply To" you specify one or more user groups then the functionality of the plugin will only be available to users that belong to one of the groups.  If a user isn't in any of the groups then they will get normal JIRA functionality, as though the plugin isn't even installed.  If no user groups are specified then all users will get the specified Comment Security Default functionality.

For Change Security you can specify user groups that restrict who can change the security level.  If a user is in the group then they will be able to change the security and if they are not in the group they won't be able to.  If no user groups are specified then everyone can change the security level.  Defaults must be enabled (even if not defaults are set) for this to work.

Project Config allows you to specify which users have access to the project level configuration pages that are in each project.  If this is blank then anyone with project admin access can view the configuration page.  If there are one or more groups then only users in one of those groups will be able to view the page.

CSD Global - Service Desk
CSD Global - Access Control
configuration page
CSD Project Settings

Project Settings

The default security level can also be specified for each project.  This allows for variations of defaults depending on the requirements of each project.  


If defaults are defined for a Project then the global settings are ignored.  For example, if the global settings define a default for adding a new comment, the Project has its own defaults and the project defaults specify no default for a new comment (like below) then adding a new comment will have the original default (as specified by Jira).


Once enabled you can optionally specify defaults for the comment field for new comments, new attachments, logging work, linking issues, editing issues, assign this issue, transition and per-transition.


As for the global setting, the defaulting of security roles is dependant on the role being available to the project and/or user. If the role isn't present then the plugin will follow the rule defined in the "When Role is Missing" field.  Your options are:

  • Ignore - The role is left to what it is normally set to

  • Force Selection - The user is forced to enter a role (only if there is a comment) before they can the comment is added.  See the Admin section for an example of a dialog with a forced selection looks like

The coloring behaves the same as for global settings.  If defaulting is set for a project then the coloring for that project is used, not the global coloring.

Jira Agile

CSD Jira Agile

Comment Security Default supports defaulting values for Jira Agile (Greenhopper).  The same comments are defaulted using the same settings as for an Issue.

Bulk Editing and Transitions

The only difference is when it comes to a bulk edit issue or bulk transition update.  For this functionality, we are unable to determine which issues are involved in the bulk update.  All comments in bulk changes are shown as ???.  This will force the user to set the security level if they enter a comment.  If the global defaults for the transition and/or edit issue checkboxes are NOT ticked then the security is all users.  

For coloring of the comment field, the global settings will be used.  If there are no global settings then the coloring will not be set.

CSD Service Desk

Service Desk

The plugin has defaults for Service Desk projects for JIRA 7.4+.  Normally Service Desk 3+ does not allow you to enter or set a security level for a comment but the plugin allows security levels for any internal comments.

For Service Desk the coloring only applies to internal comments.  External/Customer comments are not colored.

To Activate Comment Security Default for Service Desk

To be able to use Comment Security Default on Service Desk you need to go to the Admin configuration page for the plugin (Admin -> System -> Comment Security Default).  In the "Service Desk Comment Security" section is a checkbox labeled "Enable Security Defaults for Service Desk".  If this is checked then you can use the defaults in Service Desk projects.

Example of defaults for adding comments

The following are examples of Service Desk comment fields.

CSD Service Desk - Activate
CSD Service Desk - Examples
Using normal Jira comments instead of Service Desk comment

In the admin screen for Comment Security Default you can set an option "Use non-service desk comments".  This will mean that all Service Desk projects have the same type of comments as non-Service Desk projects (i.e. no Customer/Internal tabs).

Always showing the Customer tab

The Comment Security Default admin screen also allows you to specify that all comments will start on the Customer tab, regardless of whether they have a default or not.  If specified, the default is still set and if the user changes to the Internal comment tab then they will see the default.

CSD Service Desk - Normal Commens
CSD Service Desk - Cust Tab
bottom of page