Uploaded image for project: 'Jira Cloud'
  1. Jira Cloud
  2. JRACLOUD-32601

Edit permission should also apply to workflow transitions

XMLWordPrintable

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

      By default users can change the status of an issue when they don't have permission to edit it. This is unexpected and generally unwanted behaviour. The recommended change is to add a condition to the transition that checks for Edit permission.

      The problem is that when administrators create workflows from scratch they have to add the condition to every transition. A better choice would be to automatically add the condition, just as five post functions are automatically added.

      A paragraph about this in some release notes saying that the default had changed would save many people much tedium and make the JIRA security model more robust.

            Unassigned Unassigned
            73d805a2526b MattS
            Votes:
            9 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated:
              Resolved: