Turn Off Personal access token(PAT) expiry and expired emails notifications for disabled/deleted users.

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Personal Access Tokens
    • None
    • 1

      Summary

      Turn Off Personal access token(PAT) expiry and expired emails notifications for disabled/deleted users.

      This is reproducible on Data Center: yes

      Steps to Reproduce current behaviour:

      External directory:
      • Add Jira user directory to Confluence.
      • Synchronize the new Jira user directory in Confluence.
      • Using any user of the Jira user directory create a Personal Access token in Confluence. Set its expiry days to 6 as from 5 days before expiry, about to expire email is sent.
      • Delete or Disable the user in the Jira user directory.
      • Synchronize the new Jira user directory in Confluence.
      • Wait for a day or 2 to verify if an email notification is sent.
      Internal Directory:
      • Create a Personal access token with a user from Internal Directory.
      • Set its expiry days to 6 as from 5 days before expiry, about to expire email is sent.
      • Delete or Disable the user in the Internal directory.
      • Wait for a day or 2 to verify if an email notification is sent.

      Current behaviour:

      For a disabled user about to expire and expired emails are sent.

      For deleted user email is tried to be sent but fails as the email address To field is empty, which can be confusing if found in logs.
      The below exception is thrown in the atlassian-confluence.log file:

      To be expired email sending operation failed warning message:
      2023-03-06 11:59:05,030 WARN [Caesium-1-2] [pats.notifications.mail.DefaultTokenMailSenderService] sendMail Error creating/sending email for event: [TokenEvent(triggeredBy=null, tokenOwnerId=2cb2808286b6a6190186b6c4592b0001, tokenId=994534461514, tokenName=jdusertk1, expiryDays=0, triggerSource=SYSTEM)] with msg: ['To' is a required field]
      Expired email sending operation failed warning message:
      2023-03-06 12:19:05,018 WARN [Caesium-1-4] [pats.notifications.mail.DefaultTokenMailSenderService] sendMail Error creating/sending email for event: [TokenEvent(triggeredBy=null, tokenOwnerId=2cb2808286b6a6190186b6c4592b0001, tokenId=994534461514, tokenName=jdusertk1, expiryDays=0, triggerSource=SYSTEM)] with msg: ['To' is a required field]

      Proposed Feature:

      No, Personal access token(PAT) expiry and expired emails should be sent for disabled/deleted users.

      Workaround

      First, revoke the to-be-deleted/disabled user's token from Administering personal access tokens using a user part of the confluence-administrators group or having System administrator privileges in Global permission.
      Then delete/disable the user.

            Assignee:
            Unassigned
            Reporter:
            Ojas Potdar (Inactive)
            Votes:
            2 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: