Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Timed out
Priority: Medium
Component/s: Jira - Site Export - To Server
Labels:
- RIBS-Long
- timeout-bulk-close202404

Support reference count:
5
Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Cloud bug fix policy

Description

Issue Summary

Jira Server/DC's Internal Directory (ID: 1) is granted all 12 embedded Crowd OperationType values by default. Specifically:

CREATE_USER
CREATE_GROUP
CREATE_ROLE
UPDATE_USER
UPDATE_GROUP
UPDATE_ROLE
UPDATE_USER_ATTRIBUTE
UPDATE_GROUP_ATTRIBUTE
UPDATE_ROLE_ATTRIBUTE
DELETE_USER
DELETE_GROUP
DELETE_ROLE

However, the entities.xml included in the back up for server export in Jira Cloud is missing these operations. The consequence is administrators can't edit users or groups after restoring from a Cloud backup.

This bug is documented on JRASERVER-72589 and ~~JSWSERVER-21471~~. However, this bug must be fixed on Jira Cloud.

Steps to Reproduce

Create an XML backup of a cloud tenant via ⚙️ (gear icon) > System > Backup manager > Back up for server.

Expected Results

The export entities.xml file contains:

<Directory id="1" directoryName="Jira Internal Directory" lowerDirectoryName="jira internal directory" createdDate="2013-02-28 11:57:51.308" updatedDate="2013-02-28 11:57:51.308" active="1" description="Jira default internal directory" implementationClass="com.atlassian.crowd.directory.InternalDirectory" lowerImplementationClass="com.atlassian.crowd.directory.internaldirectory" type="INTERNAL" position="0"/>
<DirectoryAttribute directoryId="1" name="user_encryption_method" value="plaintext"/>
<DirectoryOperation directoryId="1" operationType="CREATE_GROUP"/>
<DirectoryOperation directoryId="1" operationType="CREATE_ROLE"/>
<DirectoryOperation directoryId="1" operationType="CREATE_USER"/>
<DirectoryOperation directoryId="1" operationType="DELETE_GROUP"/>
<DirectoryOperation directoryId="1" operationType="DELETE_ROLE"/>
<DirectoryOperation directoryId="1" operationType="DELETE_USER"/>
<DirectoryOperation directoryId="1" operationType="UPDATE_GROUP"/>
<DirectoryOperation directoryId="1" operationType="UPDATE_GROUP_ATTRIBUTE"/>
<DirectoryOperation directoryId="1" operationType="UPDATE_ROLE"/>
<DirectoryOperation directoryId="1" operationType="UPDATE_ROLE_ATTRIBUTE"/>
<DirectoryOperation directoryId="1" operationType="UPDATE_USER"/>
<DirectoryOperation directoryId="1" operationType="UPDATE_USER_ATTRIBUTE"/>

Actual Results

The export entities.xml file only contains:

<Directory id="1" directoryName="JIRA Internal Directory" lowerDirectoryName="jira internal directory" createdDate="2023-04-11 22:40:42.71685" updatedDate="2023-04-11 22:40:42.71685" active="1" description="JIRA default internal directory" implementationClass="com.atlassian.crowd.directory.InternalDirectory" lowerImplementationClass="com.atlassian.crowd.directory.internaldirectory" type="INTERNAL" position="0"/>
<DirectoryAttribute directoryId="1" name="user_encryption_method" value="atlassian-security"/>

Workaround

Follow the steps on the Cannot edit group memberships, as external user management is enabled, please contact your Jira administrators knowledge base article.

Attachments

Issue Links

causes

JSWSERVER-21471 Jira Internal Directory users without permissions due to missing operations

Closed

JRASERVER-72589 Jira cloud backup when restored results in the user directory operations removed

Gathering Impact

depended on by

JRACLOUD-80985 "Back up for server" sysadmin user doesn't have application or admin access

Gathering Impact

is related to

JRACLOUD-67056 JIRA backups are missing user encryption method values

Closed

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...

(3 mentioned in)

Activity

People

Assignee:: Saurabh Shukla

Reporter:: Benjamin S

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 27/Apr/2023 9:34 PM

Updated:: 6 days ago 5:13 AM

Resolved:: 6 days ago 5:13 AM