Details
-
Suggestion
-
Resolution: Duplicate
-
None
-
None
Description
NOTE: This suggestion is for JIRA Service Desk Server. Using JIRA Service Desk Cloud? See the corresponding suggestion.
Problem Definition
Users that do not have the JIRA Administrator Global Permission are able to make Permission Scheme changes.
- Login as a user with the JIRA Global Permission of at least JIRA Administrator or more.
- Modify the Service Desk Project Permission Scheme. In this case, we removed all users from having the Permission to Delete Issues. Some organizations have the requirement to NOT Delete any Issues in their Service Desk Project.
- Login as a User that DOES NOT have the JIRA Administrators Global Permission, but is a Service Desk Project Admin.
- This User will receive a Yellow and White Pop-up box that says: "This service desk project may not work as expected. View details and repair the problem"
- This User receives the "Permission scheme error" with the button "Upgrade Permission Scheme". The User that DOES NOT have the JIRA Administrator Global Permission clicks this button.
- The ability to Delete Issues has been added back to the Permission Scheme.
Suggested Solution
Only allow users that have been granted the JIRA Administrator Global Permission - just as it is in JIRA Core Projects - be able to modify Permission Schemes. No other users with lesser JIRA Global Permissions should have the ability to see the "Upgrade Permission Scheme" button, and be able to make changes to a Permission Scheme.
Workaround
Only have Project Admins that you want to be able to modify Permission Schemes be able to be Service Desk Project Admins. This is not the case with JIRA Core Projects. In JIRA Core Projects, you can have a Project Administrator NOT have to have the JIRA Administrator Global Permission. Those Project Admins do not have the ability to make changes to Permission Schemes. This should be the case with Service Desk as well.
Attachments
Issue Links
- duplicates
-
JSDSERVER-905 Project administrator is able to migrate Permission Scheme
- Closed
- is related to
-
JSDSERVER-905 Project administrator is able to migrate Permission Scheme
- Closed
- relates to
-
JSDCLOUD-3267 Users without the proper Global Permissions should not be able to Upgrade the Permission Scheme
- Closed