Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-63994

The rest documentation around certain user resources is incorrect with respect to anonymous access and the "Browser User" permission

XMLWordPrintable

    • Severity 3 - Minor
    • Hide
      Atlassian Update – 06 September 2019

      Hi everyone,

      After reviewing the overall customer interest and impact of this bug report we have decided to close this issue down. Our analysis has shown that over time this issue hasn't collected a significant number of votes, watchers, comments, or support cases from customers and therefore has remained very low on our priority list. Given these findings we can conclude it will not be fixed in the foreseeable future and wish to be transparent about our priorities by closing it as Timed Out.

      Although we're aware this issue may be still important to those of you who were involved in the initial conversations around it, we want to be clear by managing your expectations regarding the likelihood of a fix for it. The Jira team do their best to prioritise the issues that have high and critical impact with broad pervasiveness reflected in series of different factors. You can learn more about this by reading our Bug Fixing Policy.

      To see what the Jira team is currently working on and has recently delivered see the following dashboards:

      We understand that hearing a decision like this can be disappointing, but we hope you'll appreciate our transparent approach to product priorities and communications. We will continue to watch this issue for further updates, so please feel free to share any thoughts in the comments.

      Thank you,

      Pawel Drygas,

      Jira Server Bugmaster

      Show
      Atlassian Update – 06 September 2019 Hi everyone, After reviewing the overall customer interest and impact of this bug report we have decided to close this issue down. Our analysis has shown that over time this issue hasn't collected a significant number of votes, watchers, comments, or support cases from customers and therefore has remained very low on our priority list. Given these findings we can conclude it will not be fixed in the foreseeable future and wish to be transparent about our priorities by closing it as Timed Out . Although we're aware this issue may be still important to those of you who were involved in the initial conversations around it, we want to be clear by managing your expectations regarding the likelihood of a fix for it. The Jira team do their best to prioritise the issues that have high and critical impact with broad pervasiveness reflected in series of different factors. You can learn more about this by reading our Bug Fixing Policy . To see what the Jira team is currently working on and has recently delivered see the following dashboards: Jira Server and Data Center: Recently resolved issues Jira Server and Data Center: Current work and future plans Jira Server and Data Center: Bug Fix Board We understand that hearing a decision like this can be disappointing, but we hope you'll appreciate our transparent approach to product priorities and communications. We will continue to watch this issue for further updates, so please feel free to share any thoughts in the comments. Thank you, Pawel Drygas, Jira Server Bugmaster

      NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report.

      The JIRA cloud and server rest documentation both state in certain rest resources that they cannot be accessed anonymously. However, when "Anyone" is granted the "Browser User" permission anonymous users can use some rest resources for which the documentation states that they are not permitted access.

      The following rest resources have this documentation issue:

      1. https://docs.atlassian.com/jira/REST/cloud/#api/2/groupuserpicker-findUsersAndGroups / https://docs.atlassian.com/jira/REST/server/#api/2/groupuserpicker-findUsersAndGroups 

      2. https://docs.atlassian.com/jira/REST/cloud/#api/2/user-findUsersForPicker / https://docs.atlassian.com/jira/REST/server/#api/2/user-findUsersForPicker 

      3. https://docs.atlassian.com/jira/REST/cloud/#api/2/user-findUsers /  https://docs.atlassian.com/jira/REST/server/#api/2/user-findUsers 

      4. https://docs.atlassian.com/jira/REST/cloud/#api/2/user-findUsersWithBrowsePermission / https://docs.atlassian.com/jira/REST/server/#api/2/user-findUsersWithBrowsePermission 

              mpaisley Mel Paisley
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: