IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-32601

Edit permission should also apply to workflow transitions

    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      By default users can change the status of an issue when they don't have permission to edit it. This is unexpected and generally unwanted behaviour. The recommended change is to add a condition to the transition that checks for Edit permission.

      The problem is that when administrators create workflows from scratch they have to add the condition to every transition. A better choice would be to automatically add the condition, just as five post functions are automatically added.

      A paragraph about this in some release notes saying that the default had changed would save many people much tedium and make the JIRA security model more robust.

            Loading...
            IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
            Uploaded image for project: 'Jira Data Center'
            1. Jira Data Center
            2. JRASERVER-32601

            Edit permission should also apply to workflow transitions

              • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

                NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

                By default users can change the status of an issue when they don't have permission to edit it. This is unexpected and generally unwanted behaviour. The recommended change is to add a condition to the transition that checks for Edit permission.

                The problem is that when administrators create workflows from scratch they have to add the condition to every transition. A better choice would be to automatically add the condition, just as five post functions are automatically added.

                A paragraph about this in some release notes saying that the default had changed would save many people much tedium and make the JIRA security model more robust.

                        Unassigned Unassigned
                        73d805a2526b MattS
                        Votes:
                        9 Vote for this issue
                        Watchers:
                        11 Start watching this issue

                          Created:
                          Updated:
                          Resolved:

                            Unassigned Unassigned
                            73d805a2526b MattS
                            Votes:
                            9 Vote for this issue
                            Watchers:
                            11 Start watching this issue

                              Created:
                              Updated:
                              Resolved: