-
Suggestion
-
Resolution: Duplicate
-
None
NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.
By default users can change the status of an issue when they don't have permission to edit it. This is unexpected and generally unwanted behaviour. The recommended change is to add a condition to the transition that checks for Edit permission.
The problem is that when administrators create workflows from scratch they have to add the condition to every transition. A better choice would be to automatically add the condition, just as five post functions are automatically added.
A paragraph about this in some release notes saying that the default had changed would save many people much tedium and make the JIRA security model more robust.
- duplicates
-
JRACLOUD-11564 Need a "Transition Issue" permission
- Closed
- is related to
-
JRASERVER-32601 Edit permission should also apply to workflow transitions
- Closed
- relates to
-
JRACLOUD-11564 Need a "Transition Issue" permission
- Closed