Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Duplicate
Fix Version/s: None
Component/s: None
Labels:
- affects-cloud
- affects-server

Feedback Policy:

We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Description

NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

By default users can change the status of an issue when they don't have permission to edit it. This is unexpected and generally unwanted behaviour. The recommended change is to add a condition to the transition that checks for Edit permission.

The problem is that when administrators create workflows from scratch they have to add the condition to every transition. A better choice would be to automatically add the condition, just as five post functions are automatically added.

A paragraph about this in some release notes saying that the default had changed would save many people much tedium and make the JIRA security model more robust.

Attachments

Issue Links

duplicates

JRASERVER-11564 Need a "Transition Issue" permission

Closed

is related to

JRASERVER-21857 Workflow Transition is visible/executable to user if the issue/user has met the condition for the workflow transition in a "Read Only" project

Gathering Impact

relates to

JRACLOUD-32601 Edit permission should also apply to workflow transitions

Closed

JRASERVER-11564 Need a "Transition Issue" permission

Closed

Activity

People

Assignee:: Unassigned

Reporter:: MattS

Votes:: 9 Vote for this issue

Watchers:: 11 Start watching this issue

Dates

Created:: 15/Apr/2013 5:26 PM

Updated:: 19/Sep/2019 6:04 AM

Resolved:: 03/Mar/2015 12:25 AM