Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
7.3.0, 7.2.4, 9.4.3
-
7.02
-
3
-
Severity 3 - Minor
-
0
-
Description
Summary
Groups synced from a user directory setup as LDAP read-only, with local groups, should be read-only, but JIRA allows you to add and remove users from other user directories. These changes are not synced to the LDAP server.
Environment
- LDAP user directory configured "LDAP read-only, with local groups"
Steps to Reproduce
- Setup a LDAP user directory as "LDAP read-only, with local groups" (LDAP-1)
- Setup a second LDAP user directory as "LDAP read-only, with local groups" (LDAP-2)
- Try to add a user from LDAP-2 to a group from LDAP-1 (works even though LDAP-1 is read-only)
- Try to add a user from LDAP-1 to a group from LDAP-1 (fails as it should)
Expected Results
Both group edits should fail because their user directories are configured as read-only.
Actual Results
The addition of a user from LDAP-2 to a group from LDAP-1 is allowed.