Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Timed out
Component/s: Site - Settings - DVCS Accounts
Labels:

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Description

Steps to replicate:

Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector.
Click on the cog to the right of your new account and view 'configure automatic access'

Result:

Automatic access will be set up and membership to the 'developers' group will be granted

Expected result:

Either no automatic access will be set up, or during the creation process you should be warned that automatic access has been granted.

This is a security concern for users that add people that should have access to the repository to their OD account, as access will be granted unknowingly.

It also becomes more of a problem now that ~~UNIFIED-79~~ has been released, as it's not at all obvious that membership is granted anymore.

Attachments

Issue Links

causes

ID-97 Create a banner to warn users about the DVCS auto-inviting function when integrated with Bitbucket

Closed

is related to

ID-25 New user management system doesn't mention that Bitbucket invites are going to be sent

Closed

relates to

JSWCLOUD-14233 New user that is added to Jira is automatically invited to 'developers' group

Closed

JSWCLOUD-14464 Disable adding users to Bitbucket teams by default.

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Matthew Hunter

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 11/Mar/2014 5:51 AM

Updated:: 05/Apr/2023 8:41 AM

Resolved:: 05/Apr/2023 8:41 AM