Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
0
-
Description
Context:
Currently, Portfolio Administrators (who are not Jira administrators) have a poor experience when they try to administrate Portfolio.
There are two major problems that prevent them from accessing Portfolio's administrative functions.
1. With websudo enabled
When websudo is enabled, non Jira administrators cannot navigate to admin pages.
This is a know Jira issue, see: JPOSERVER-383 and JRASERVER-63047
2. With websudo disable
When websudo is disabled, non Jira administrators can only navigate to the Portfolio Permissions page.
This is because the menu options are rendered on Jira's `admin_plugins_menu` web-section, which has a condition to only allow Jira administrators.
Extract from Jira-core project, in `jira-components/jira-core/src/main/resources/webfragment/system-admin-sections.xml`:.
<!-- PLUGINS MENU --> <web-section key="admin_plugins_menu" name="Plugins Menu" location="system.admin.top.navigation.bar" i18n-name-key="webfragments.admin.menu.section.project.name" weight="130"> <label key="admin.menu.system.plugins"/> <condition class="com.atlassian.jira.plugin.webfragment.conditions.UserIsAdminCondition"/> </web-section>
We won't be able to change Jira's `admin_plugins_menu`, since it will introduce security vulnerabilities in Jira.
Suggestion:
Provide the means to access Portfolio's administrative functions to Portfolio Administrators (who are not Jira administrators).