Issue Summary

In a team-managed project, when a user restricts access to an issue by granting access only to a specific role (e.g. administrator), Connect apps that do not have ADMIN scope lose access to the issue despite having all global and project permissions.

1. The first problem is the inability to add an app to the roles (neither individually nor through a group) for existing team-managed projects in Jira via GUI
2. The second problem is that assigning an app as the default member of global roles (either individually or through a group) - i.e. it can be assigned, but then when you create a new team-managed project, the app does not have any roles in this new project and no access to issue for app persists in new team-managed project

Steps to Reproduce

1. Create a Team management project with some issue type (epic, task, story bug)
2. Assign user to “Administrator” role in Jira
3. Open the Backlog of a created project
4. Open any issue
5. In the top right corner click the Lock button
6. Select “Administrator” and click Restrict

Expected Results

Apps will still have access to the issue

Actual Results

App has no access to restricted issue. REST calls will see

{
  "errorMessages": [
    "Issue does not exist or you do not have permission to see it."
  ],
  "errors": {}
}
 

Workaround

Currently there is no known workaround for this behaviour. A workaround will be added here when available.