Details
-
Bug
-
Resolution: Obsolete
-
Medium
-
3.8
-
3.08
-
Description
_emphasized text_Similar to JRA-12410 - deleting a custom field does not adequately clean up after itself. Specifically, affected issues are not reindexed so the updated security and permission aspects are not reflected in search results which is a security hole. Note that a naive fix may produce performance problems since there may be a large number of affected issues which must be reindexed. Consider the index lock granularity in fixing this - it may be better to reindex the issues one at a time so the fine grained lock does not cause latency problems for concurrent users.
Also - has this always been the case? Surely no! - bug fixer should investigate this - has this bug been introduced in the last, say, 12 months?
Attachments
Issue Links
- details
-
JRASERVER-12450 enable functional tests that demonstrate parent
- Closed
- is incorporated by
-
JRASERVER-13808 Issues not shown in issue navigator that a user has permission for according to the issue security level
- Closed
- relates to
-
JRASERVER-12410 Deleting a custom field which has an issue security scheme or permission scheme on it causes system error
- Closed