Jira doesn't check if the user has admin permission before sending healthcheck email notifications

XMLWordPrintable

    • 9.04
    • 2
    • Severity 3 - Minor

      Issue Summary

      If a user once subscribed to the healthcheck notifications in Jira, but later loses admin access (becomes normal user or gets deactivated), he will continue to receive those emails.

      Steps to Reproduce

      1. As a user with Jira administrator permission, navigate to Jira Administration > System > Troubleshooting and support tools > Instance health tab and check the "Notify me via email" checkbox.
      2. Remove the Jira administrator role for the user.

      Expected Results

      The user will not get the health check notifications anymore.

      Actual Results

      The user still receives the health check notifications from Jira.

      Workaround

      Use the REST API DELETE method for <base_url>/rest/troubleshooting/latest/user-setting/<username>/watch URL to remove the user from the watchers list.

      Replace <base_url> with Jira's base URL and <username> with the impacted username.

        1. Screenshot 2023-12-12 at 08.17.13.png
          Screenshot 2023-12-12 at 08.17.13.png
          264 kB

            Assignee:
            Marcin Walerianczyk
            Reporter:
            Violeta Fulger (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: