Details
-
Bug
-
Resolution: Unresolved
-
Low
-
1
-
Minor
-
0
-
Description
Issue Summary
In a team-managed project, when a user restricts access to an issue by granting access only to a specific role (e.g. administrator), Connect apps that do not have ADMIN scope lose access to the issue despite having all global and project permissions.
- The first problem is the inability to add an app to the roles (neither individually nor through a group) for existing team-managed projects in Jira via GUI
- The second problem is that assigning an app as the default member of global roles (either individually or through a group) - i.e. it can be assigned, but then when you create a new team-managed project, the app does not have any roles in this new project and no access to issue for app persists in new team-managed project
Steps to Reproduce
- Create a Team management project with some issue type (epic, task, story bug)
- Assign user to “Administrator” role in Jira
- Open the Backlog of a created project
- Open any issue
- In the top right corner click the Lock button
- Select “Administrator” and click Restrict
Expected Results
Apps will still have access to the issue
Actual Results
App has no access to restricted issue. REST calls will see
{
"errorMessages": [
"Issue does not exist or you do not have permission to see it."
],
"errors": {}
}
Workaround
Currently there is no known workaround for this behaviour. A workaround will be added here when available.
Attachments
Issue Links
- is implemented by
-
CRANE-4297 Loading...
- relates to
-