Uploaded image for project: 'Jira Platform Cloud'
  1. Jira Platform Cloud
  2. JRACLOUD-82374

Inconsistent Results When Querying Users by Email in User Search REST API

XMLWordPrintable

      Issue Summary

      When performing a request to the Find users REST API endpoint User search Jira API by inserting the email address on the query parameter erroneously, the response of the endpoint still returns the result.

      This is because of the following logic: when an email address is recognized as invalid a possible user error/mistake is taken into account and therefore the email address is tokenized and the different tokens are used to try to match full name or display name fields. So, the result is returned in case one of the name fields matches one of the tokens, but this is not clearly documented.

      Steps to Reproduce

      Test 1

      1. Perform a request to the endpoint using an email with '123' at the end: 
        /rest/api/3/user/search?startAt=0&maxResults=50&query=something@email.com123 

      Test 2

      1. Add user with invalid sub-domain
        1. add test user - atlassiantestemailwithinvaliddo@gmail.com.del to your site
        2. Search this user using API, user won't be returned: 
           /rest/api/3/user/search?query=atlassiantestemailwithinvaliddo@gmail.com.del

      Test 3

      1. Add test user - atlassiantestemailwithinvaliddo@gmail.com.xyz to your site
      2. API search will work fine

      Test 4

      1. Add test user with more than 31 character email address and invalid domain
      2. API won't return this user. If user base is huge, API will return a larger list of users

      Test 5

      1. Add a test user with special character in email address "-" and lengthy text
      2. e.g atlassian_20221207_test_alpha.beta@test-domain.com.del
      3. User search won't work

      Expected Results

      1. API should return empty result if there is no matching email
      2. API should avoid tokenising the search string if the search pattern in having email syntax

      Actual Results

      If one of the name fields matches or include 'something' the search will still return the information.
      Also, inconsistent results are received if input has invalid email address (sub-domain), even though email is added to the site.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

              5498c853a488 Brenden Brown
              d6427b6fb657 Guilherme Bueno (Inactive)
              Votes:
              3 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: