The webdav access authorization is controlled by Apache and hardcoded to only allow members of the groups 'administrators' and 'system-administrators'. If a customer deletes the administrators group in favor of customization they lose access to webdav.
Users can access Webdav if he belongs to group with exact name administrators:
- If user belongs to a group with the name as administrators and although this group does not have JIRA Administrators global permission, he still can access Webdav.
- If the group that user belongs to has JIRA Administrators global permission but is not named as administrators, then, he can not access Webdav.
- Remove administrators group out of JIRA Administrators global permission.
- Log in with user account that belong to this group, then this user can access Webdav.
- Rename administrators group to jira-system-administrators.
- Add JIRA Administrators global permission to this group.
- Log in with user account that belong to this group, then the user is unable to access Webdav.
- Rename the group back to administrators, then user can access Webdav.
- Users belong to group that has JIRA Administrators global permission can access to Webdav regardless the group name.
- Users belong to group with the name as administrators and this group does not have JIRA Administrators global permission are not allowed to access Webdav.
In crowd/horde there is a specific table (cwd_app_dir_group_mapping) that gives a group specifically named 'administrators' access to the application 'webdav'. If you delete the administrators group this entry is removed, and there is no way for customers to access webdav, even if the group is recreated. The only way to fix it is with an insert statement into the cwd_app_dir_group_mapping table.
Log a ticket at https://support.atlassian.com to get the following workaround applied to your Cloud instance:
- Recreate the 'administrators' group in User Management.
- Run the following SQL query to grant permission once more:
- Restart Horde
- Add the user wishing to access webdav to the 'administrators' group.