When using the JQL function membersOf it's possible to return invalid results if the user is a member of the group being selected in one user directory, but not the current one. For example:
- User captain.planet in the JIRA Internal Directory (JIT) is a member of the group eco-warrior.
- That user captain.planet is not a member of that group in the Active Directory (AD).
- Active Directory is above JIRA Internal Directory, so the user is referenced from AD rather than the JIT.
- The membersOf("eco-warrior") JQL will return issues as if that user was in the group.
- Add a user to the JIT and AD (e.g.: captain-planet).
- Give them a group in the JIT and not the AD (or the other way around), for example eco-warrior.
- Move the user directory that they are not a member of the group to the top.
- Create an issue with them as the reporter.
- Run the following JQL:
The issue is not returned as they are not a member of that group.
The issue is returned, as the other User Directory has them in that group.
This can be worked around by:
- Swapping the order of the user directories.
- Removing the user from the group.
- Restoring the original order.