-
Bug
-
Resolution: Fixed
-
Low
-
None
-
None
This is reproducible in JIRA and Confluence.
In Crowd: Add an LDAP server to Crowd
In Crowd: Allow access to JIRA application exposing the LDAP directory
In Crowd: In the Permissions tab, uncheck the "Add Groups" permission.
In Jira: Add Crowd Server as a user directory (put it at the top and synchronize)
In Jira: Go to the Group Browser and try to add a group
Expected: Either the "Add Group" to be disabled, or an error message saying that it could not add group due to lack of permissions. Depending on the design, it is also possible for the group creation to fall back to the internal directory.
Actual: com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: Application "<b>jira</b>" does not allow adding of groups.
Note 1: Similar errors occur in Jira and Confluence for the following actions (if they are disabled in Crowd): "Add Users", "Add Groups", "Modify Users", "Modify Groups".
Note 2: Notice that for Jira "Remove User" and "Remove Group" display error messages as expected, while Confluence these actions also throw similar errors as above.
