Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-12060

Guard project role group membership edits by the global permission Browse Users

    XMLWordPrintable

Details

    Description

      The edit of a project roles group membership should be guarded by the Browse Users global permission just like the user picker is for editing user project role membership. This issue is related to JRA-11884. To have the same behavior as the user picker we will need to change the UI to be like the User picker, with a Group chooser popup and the text input field that accepts comma delimited group names. We can then make it such that the picker does not show up when the user does not have the permission.

      Attachments

        Issue Links

          is related to

          Suggestion - JRASERVER-11884 Security Violation: Manage Project Role Membership needs a Global Permission

          • Gathering Interest

          Activity

            People

              dylan@atlassian.com Dylan Etkin [Atlassian]
              dylan@atlassian.com Dylan Etkin [Atlassian]
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 8h
                  8h
                  Remaining:
                  Remaining Estimate - 8h
                  8h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified