Uploaded image for project: 'FishEye'
  1. FishEye
  2. FE-6522

Crowd users not allowed to authenticate are pulled in as normal users

    XMLWordPrintable

    Details

    • Occurrence Factor:
      25%

      Description

      Summary

      When synchronizing with a Crowd user directory (or a JIRA user directory), all users regardless of group affiliation are pulled into FishEye. Even users not allowed to authenticate in remote Crowd will still be migrated, FishEye/Crucible won't be able to distinguish them from "standard" users - they would still occupy licence slots, others would be able to pick them as reviewers etc.

      Steps to Reproduce

      1. In Crowd: Add an "Application" called "fisheye". (Leave "Allow all users to authenticate" unchecked)
      2. In Crowd: Add a Group called "fisheye-users".
      3. In Crowd Administration >> Applications >> FishEye >> Groups: Add the group "fisheye-users".
      4. In Crowd: Add a user called "not-fecru1" with no group affiliation.
      5. In FishEye: Synchronize user directory with Crowd.
      6. In FishEye: Go to Administration >> Users.

      Notes

      • This needs to be fixed on Crowd side – see CWD-1263
      • The users not belonging to a group who can access FishEye/Crucible will have a lozenge saying "NO ACCESS" next to their user name.
      • Both in Crowd and JIRA directory cases all users will be synchronized and they might occupy license slots if they end up with effectively granted global permission (either assigned individually or through group membership). That said, as there is no "Allow all users to authenticate" flag in JIRA, that is expected for JIRA-originating users, but might be surprising for Crowd, where one could expect only a subset of users to be synchronized
      • Due to CWD-3025 there is currently no way to assign a Crowd-originating user to local FeCru group

      Workarounds

      • Create dedicated group(s) in Crowd, add only selected users to the group(s) and grant login access only to those groups via FeCru global permissions. This requires one to have admin access to Crowd.
      • Assign users' login access rights individually via FeCru global permissions. 

        Attachments

        1. Crowd - Application - FishEye - Groups.jpg
          Crowd - Application - FishEye - Groups.jpg
          106 kB
        2. Crowd - Users - not-fecru1 - Groups.jpg
          Crowd - Users - not-fecru1 - Groups.jpg
          84 kB
        3. FishEye - Users.jpg
          FishEye - Users.jpg
          144 kB
        4. image-2016-11-14-11-40-44-233.png
          image-2016-11-14-11-40-44-233.png
          36 kB
        5. image-2016-11-14-11-42-40-508.png
          image-2016-11-14-11-42-40-508.png
          44 kB
        6. image-2016-11-14-11-47-23-005.png
          image-2016-11-14-11-47-23-005.png
          58 kB
        7. screenshot-1.png
          screenshot-1.png
          11 kB

          Issue Links

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Last commented:
                  2 years, 26 weeks, 1 day ago