-
Type:
Suggestion
-
Resolution: Unresolved
-
None
-
Component/s: User - Management
-
None
-
0
-
31
Current behavior
The behavior below is true as per version 6.7.1
Confluence administrator will add/delete groups from time to time in Confluence. Should for some reason that:
- The user directory where the user belongs to does not have the correct permission for Confluence Administrator to alter user memberships
- The user directory has "Read Only" permission
- The user directory is on "Read Only with Local Groups" and the group that was assigned to is not a local group
Admin will receive the following error on UI: "Could not add user 'xxxx' as a member of group 'confluence-administrators'. Check your server logs for more information"
Upon checking atlassian-confluence.log, the following error message is observed:
2017-11-01 21:25:30,783 ERROR [http-nio-8632-exec-2] [bucket.user.DefaultUserAccessor] addMembership Failed to add 'xxxxxx' as a member of 'group/1' -- referer: http://localhost:8632/confluence/admin/users/editusergroups-start.action?username=xxxx | url: /confluence/admin/users/editusergroups.action | traceId: 6cfe1311615c6e95 | userName: admin | action: editusergroups com.atlassian.user.EntityException: com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Did not have update groups permission in any of the directories []
Resolution is to change the permission of the user directory accordingly.
Desired behavior / Suggestions
- Have a better error message displayed so that Confluence Adminstrator does not need to go to the logs to find out the issue. Example error message that would be better:
Unable to update user into group: The directory: XXX does not have "Write" Permission.
- Hide the "Edit Groups" option when the User Directory is on "Read Only" permission
- Provide warning in the UI, similar to the behavior seen in Crowd 3.1.1:
