Low Issue Summary
In case the A4J rule contains ScriptRunner's "Execute a ScriptRunner Script" action and Actor user doesn't have sufficient permissions for executing it (require Jira administrators global permission), rule execution will fail.
However, logs will not report any meaningful message (even with tracing enabled), and the rule's Audit log will just report a FAILURE event without any additional information.
(I) Please note that prior to A4J 9.1.1 such rules were able to be executed/completed successfully even without granting Actor Jira administrators global permission. However, this 3rd-party action always required Jira administrators permission although it wasn’t properly/completely validated in previous versions.
Steps to Reproduce
- Create any A4J rule. The rule could have any trigger/action configuration and the only requirement it should include "Execute a ScriptRunner Script" action. It doesn't matter whether the action will run an external script or an inline one.
- Set as rule's Actor a user account without Jira administrators global permission.
- Execute the rule.
Expected Results
Audit log and Jira application logs should have a sufficient message that explains the reason for automation failure (lack of required permission)
Actual Results
Although the rule's execution failed, logs and audit log data did not provide detailed information helpful for troubleshooting.
Workaround
Currently, there is no known workaround for this behaviour. A workaround will be added here when available.
- is related to
-
JIRAAUTOSERVER-1104 Automation rules using 3rd party add-on components fail if the rule actor is not granted global admin permission
-
- Closed
-
- links to
- mentioned in
-
Page Failed to load