Details
-
Suggestion
-
Resolution: Answered
-
None
Description
NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.
Let's say you have some security levels set for a particular project, and in some levels there is a Current Assignee permission.
If a user has the permission to create issues in a project, that user is able to select any issue security level which has the Current Assignee permission, even if the user can't be assigned due to other permissions.
This holds in the following scenarios:
- The user is NOT an Assignable User.
- The user is NOT the default assignee as per the project config.
The user then ends up creating an issue which he/she cannot see due to the other permissions as per above.
There should be a check for Assignable User before allowing the user to see and select those security levels.
Attachments
Issue Links
- relates to
-
JRACLOUD-37023 Current Assignee on a security level allows a user creating issues to select these security levels even if that user cannot be assigned
- Closed