Uploaded image for project: 'Atlassian Cloud'
  1. Atlassian Cloud
  2. CLOUD-6873

Administration users are unable to access Webdav if they do not belong to administrators group

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • High
    • Resolution: Duplicate
    • None
    • None

    Description

      Description
      Users can access Webdav if he belongs to group with exact name administrators:

      1. If user belongs to a group with the name as administrators and although this group does not have JIRA Administrators global permission, he still can access Webdav.
      2. If the group that user belongs to has JIRA Administrators global permission but is not named as administrators, then, he can not access Webdav.

      Reproduce steps

      1. Remove administrators group out of JIRA Administrators global permission.
      2. Log in with user account that belong to this group, then this user can access Webdav.
      3. Rename administrators group to jira-system-administrators.
      4. Add JIRA Administrators global permission to this group.
      5. Log in with user account that belong to this group, then the user is unable to access Webdav.
      6. Rename the group back to administrators, then user can access Webdav.

      Expected result

      1. Users belong to group that has JIRA Administrators global permission can access to Webdav regardless the group name.
      2. Users belong to group with the name as administrators and this group does not have JIRA Administrators global permission are not allowed to access Webdav.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              ttran@atlassian.com StevenA (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: