Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-72676

In a script listener, the IssueService validateSubTaskCreate fails on the reporter permission check, despite the API being given a user which is authorized to do so.

XMLWordPrintable

      Issue Summary

      In a Scriptrunner Script Listener (Groovy) the IssueService validateSubTaskCreate fails on the reporter permission check, despite the API being given a user which is authorized to do so.

      In this example, the username is "userBranching".  

       

      MutableIssue issue = event.issue
UserManager userManager = ComponentAccessor.getUserManager()
// "<username>" is the user being authorized to create subtasks and modify the reporter

def userBranching = userManager.getUserByName("<username>")
def issue_type = constantManager.getAllIssueTypeObjects().find
{it.getName() == "some issue type"}
def issueSubtaskParams = issueService.newIssueInputParameters()
issueSubtaskParams.with {
setSkipScreenCheck(true)
setIssueTypeId(issue_type.id)
setProjectId(issue.getProjectId())
setPriorityId(issue.getPriority().getId())
setReporterId(issue.getReporterId())
setDescription(issue.getDescription())
setSummary("some title")
}
def validationResult = issueService.validateSubTaskCreate(userBranching,issue.getId(), issueSubtaskParams)
validationResult.isValid()

       

      This results in a validation error of:

      reporter:You do not have permission to modify the issue reporter.

      If I add in a leading JAC context user change, it passes:

      def authContext = ComponentAccessor.getJiraAuthenticationContext();
authContext.setLoggedInUser(userBranching)

      According to the API documentation this should not be necessary, validateSubTaskCreate() should validate against the user's permission given in the method call:
      https://docs.atlassian.com/software/jira/docs/api/8.13.6/com/atlassian/jira/bc/issue/IssueService.html#validateSubTaskCreate-com.atlassian.jira.user.ApplicationUser-java.lang.Long-com.atlassian.jira.issue.IssueInputParameters-

      Steps to Reproduce

      1. execute the script above

      Expected Results

      Jira respects the user permissions for the Reporter.

      Actual Results

      Jira does not respect the user permissions for the Reporter and the following error is thrown:

      reporter:You do not have permission to modify the issue reporter.

      Workaround

      add in a leading JAC context user change

      def authContext = ComponentAccessor.getJiraAuthenticationContext();
authContext.setLoggedInUser(userBranching)

            [JRASERVER-72676] In a script listener, the IssueService validateSubTaskCreate fails on the reporter permission check, despite the API being given a user which is authorized to do so.

            Georgescu, Bianca added a comment -

            We've run into the same issue on 8.22.6 Data Center with the IssueService.validateSubTaskCreate failing the validation with the error "You don't have permissions to create issues in this project" although the supplied user has permissions.

            Georgescu, Bianca added a comment - We've run into the same issue on 8.22.6 Data Center with the IssueService.validateSubTaskCreate failing the validation with the error "You don't have permissions to create issues in this project" although the supplied user has permissions.

              Unassigned Unassigned
              samann Sarah A
              Affected customers:
              2 This affects my team
              Watchers:
              6 Start watching this issue

                Created:
                Updated: