jira.permission.assignable.projectrole property set on a workflow step can cause legitimate assignable users to be hidden in Assignee dropdown

XMLWordPrintable

    • 5
    • Severity 3 - Minor

      Steps to Reproduce

      1. Start up a fresh JIRA 7.0.0-OD-1 or -2 instance.
      2. Create a test user and add it to the "jira-users" and "jira-developers" groups.
      3. Create a project using the default "JIRA Classic" shared workflow/schemes.
      4. Edit the Open step in the workflow and add the property jira.permission.assignable.projectrole with a value of 10002 (this corresponds to the default "Administrators" role).
      5. Create a new issue.
      6. Click Resolve, and in the Resolve Issue screen start typing the username of the test user.

      Expected Results

      The test user should show up as a valid user to be assigned to in the Assignee dropdown.

      Actual Results

      The test user doesn't show up at all in the Assignee dropdown.

      Notes

      This used to work under JIRA 6.5-OD-8 and earlier, it appears to be a regression in 7.0.0-OD-1+. These messages show in the JIRA logs when the test user's name is typed in the Assignee field:

      /rest/api/latest/user/assignable/search [c.a.jira.security.WorkflowBasedPermissionManager] 	ASSIGNABLE_USER not granted by workflow perm granting ASSIGNABLE_USER to Project Role '10002'
/rest/api/latest/user/assignable/search [c.a.jira.security.WorkflowBasedPermissionManager] ASSIGNABLE_USER granted by permission scheme but DENIED by workflow
/rest/api/latest/user/assignable/search [c.a.jira.security.WorkflowBasedPermissionManager] 	ASSIGNABLE_USER not granted by workflow perm granting ASSIGNABLE_USER to Project Role '10002'
/rest/api/latest/user/assignable/search [c.a.jira.security.WorkflowBasedPermissionManager] ASSIGNABLE_USER granted by permission scheme but DENIED by workflow
/rest/api/latest/user/assignable/search [c.a.jira.security.WorkflowBasedPermissionManager] 	ASSIGNABLE_USER not granted by workflow perm granting ASSIGNABLE_USER to Project Role '10002'
/rest/api/latest/user/assignable/search [c.a.jira.security.WorkflowBasedPermissionManager] ASSIGNABLE_USER granted by permission scheme but DENIED by workflow

      The Permission Helper doesn't report any problems and says that the test user should be able to be assigned issues.

      Workaround

      Manually type the user's username and click "Resolve". Even though it doesn't show up in the Assignee field, the user can still be assigned to the issue.

            Assignee:
            Unassigned
            Reporter:
            Nick Mason
            Votes:
            5 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved: