If the JiraAuthenticationContext is null (as it is for services) the IssueService validateUpdate fails on the assignee permission check, despite the api being given a user.
When a NULL JAC context is present, when updating an issue, with no ASSIGNEE property present, the errors variable in the above method contain:
If the 'user' above is set as the JiraAuthenticationContext user, then no such error occurs.
During validateAndUpdateIssueFromFields() >
This method doesn't get the 'user' that was supplied through the issueservice validate method, which is a bug, the validateParams() method has:
which leads to:
Therefore services need to hack the JiraAuthenticationContext user to be the same user being supplied through the issueservice API in order to stop validation errors, which should not be the case, it should use the user supplied through the issueservice validate method.