Issue Summary

      Users lacking the 'Edit Issues' permission are not able to link an Epic to newly created or existing issues. However, despite an error message when performing this action, a new issue is still created and the workflow is left in a broken state for that issue.

      This issue was introduced in JSW 8.11.0 and is not occurring in 8.10.1.

      Steps to Reproduce

      1. Create two Software projects.
      2. Remove 'Edit Issues' permission in the Project A permission scheme.
      3. Create an Epic in 'Project A'.
      4. Create a new issue (or edit existing issue) in 'Project B' with the Epic Link assigned to the Epic created in step 3.

      Expected Results

      The issue is not created because the user does not have the appropriate permission. See JSWSERVER-13986 for a related suggestion.

      Jira Software considers linking issues to epics as editing the scope of work of an epic, which is why it uses the "Edit issue" permission to check if a user is able to link/unlink issues to an epic.

      Actual Results

      As of 8.11, the user gets an unclear error message that is shown in the screenshot and the impression the issue isn't submitted:

      We can't create this issue for you right now, it could be due to unsupported content you've entered into one or more of the issue fields. If this situation persists, contact your administrator as they'll be able to access more specific information in the log file.
      

      However:

      1. The issue is created without the Epic Link or required fields.
      2. The os_wfentry.state for the issue is set to 0 so no workflow transition button appears on the view issue screen.
      New Issue

      /secure/QuickCreateIssue.jspa [c.a.j.bc.issue.DefaultIssueService] Error creating issue:
      com.atlassian.jira.exception.CreateException: You do not have permission to edit issue PROJECTA-1.
      

      OS_WFENTRY:

      ID NAME INITIALIZED STATE
      10601 Software Simplified Workflow for Project SCRUM NULL 0
      Existing Issue

      /secure/QuickEditIssue.jspa [c.a.j.bc.issue.DefaultIssueService] Exception occurred editing issue: java.lang.RuntimeException: You do not have permission to edit issue PROJECTA-1.
      java.lang.RuntimeException: You do not have permission to edit issue PROJECTA-1.
      

      Workaround

      The workaround is to:

      1. Search for the new issue – either by direct URL or through the database.
      2. Add the required fields and Epic Link (under a user that has permission).
      3. Fix the workflow with the KB Workflow transition button missing from the issue view page in Jira server.

      Always back up your data before performing any modifications to the database. If possible, test any alter, insert, update, or delete SQL commands on a staging server first.

        1. ExistingIssue.png
          ExistingIssue.png
          11 kB
        2. NewIssue.png
          NewIssue.png
          22 kB

            [JSWSERVER-20770] Unable to link Epic without Edit Issue permissions

            Piotr Janik added a comment - - edited

            drauf Is there a feature request ticket somewhere for what 1ccd16a1d0e5 is trying to achieve? Linking a task to an epic really doesn't feel like editing the epic, perhaps there could be a switch for this behaviour?

            Piotr Janik added a comment - - edited drauf Is there a feature request ticket somewhere for what 1ccd16a1d0e5 is trying to achieve? Linking a task to an epic really doesn't feel like editing the epic, perhaps there could be a switch for this behaviour?

            Danny, I think that's what you want to see if the user doesn't have permission to edit issues in the project wherein the target Epic resides.  The key thing with this fix is that Jira no longer creates a bogus issue behind the scenes like it used to.  We are testing 8.13.7 as well and for us the problem is resolved.

            Deleted Account (Inactive) added a comment - Danny, I think that's what you want to see if the user doesn't have permission to edit issues in the project wherein the target Epic resides.  The key thing with this fix is that Jira no longer creates a bogus issue behind the scenes like it used to.  We are testing 8.13.7 as well and for us the problem is resolved.

            Danny Prill added a comment - - edited

            We still have this problem!

            We recently updated to 8.13.7 and our users still get the following prompt below the "Epic Link"-field:

             "You don't have permission to edit this epic, so you can't assign your issue to it."

            We tested the steps to reproduce and the message appears.

            Danny Prill added a comment - - edited We still have this problem! We recently updated to 8.13.7 and our users still get the following prompt below the "Epic Link"-field:   "You don't have permission to edit this epic, so you can't assign your issue to it." We tested the steps to reproduce and the message appears.

            Eric Smith added a comment -

            +1

            Eric Smith added a comment - +1

            Hi there.  +1 on the previous comments. We recently upgraded to the latest LTS (8.13) and discovered this problem after prod release. This is impacting our organization and there isn't a feasible workaround for us except to change our process which greatly impacts how teams work. Having a bug introduced in an LTS version and not having a fix for it after six months seems to be against the promise of LTS and sadly does not instill confidence of us in trusting LTS for future enterprise upgrades. Please consider including a fix to 8.13.x ASAP.

            workdaySylvia added a comment - Hi there.  +1 on the previous comments. We recently upgraded to the latest LTS (8.13) and discovered this problem after prod release. This is impacting our organization and there isn't a feasible workaround for us except to change our process which greatly impacts how teams work. Having a bug introduced in an LTS version and not having a fix for it after six months seems to be against the promise of LTS and sadly does not instill confidence of us in trusting LTS for future enterprise upgrades. Please consider including a fix to 8.13.x ASAP.

            +1

            I hope there is another ticket somewhere documenting how they are going to handle this for the current LTS (8.13).  Otherwise closing this in this manner is tantamount to slamming the door in enterprise customers' faces.

            Deleted Account (Inactive) added a comment - I hope there is another ticket somewhere documenting how they are going to handle this for the current LTS (8.13).  Otherwise closing this in this manner is tantamount to slamming the door in enterprise customers' faces.

            Hi,

            This problem is hugely impacting our 10k users instance a lot and there is nothing realistic we can do except waiting for a fix:

            • the workaround is not one I think (usually people create 10 broken tickets because the error message says it's the content they provided that causes the problem so they slightly change the content and try again)
            • a solution would be to (temporary) give the edit permission to everyone and one all projects but in terms of permissions management it's very bad

            I don't see that the fix will also be added to a 8.13 (LTS) version, can you please confirm that it will? Thanks. 

            Vincent Pochard added a comment - Hi, This problem is hugely impacting our 10k users instance a lot and there is nothing realistic we can do except waiting for a fix: the workaround is not one I think (usually people create 10 broken tickets because the error message says it's the content they provided that causes the problem so they slightly change the content and try again) a solution would be to (temporary) give the edit permission to everyone and one all projects but in terms of permissions management it's very bad I don't see that the fix will also be added to a 8.13 (LTS) version, can you please confirm that it will? Thanks. 

            This really needs to be back-ported to 8.13.x LTS.

            Deleted Account (Inactive) added a comment - This really needs to be back-ported to 8.13.x LTS.

            Hello,

            We have same problem.
            The user fills the "Epic Link" field when creating issue. That user doesn't have the permission to edit this epic. Jira tries to link the created issue to the epic, but an error occurs on the screen.
            At the same time every time when user clicks "Create" an issue with some standard and system fields creates in the background. But there were no signs of creating a issue, they were not even displayed anywhere. Issues appears in all lists after project reindexing. And we see these issues in "Integrity checker".
            For now, as a workaround, we've just added to auto-hide the Epic Link from the create screen if the user doesn't have permission to edit all issues in the current project. Typically, in our Jira, issues are added to epics in the same project as the issue.

            Aizhan Rayeva added a comment - Hello, We have same problem. The user fills the "Epic Link" field when creating issue. That user doesn't have the permission to edit this epic. Jira tries to link the created issue to the epic, but an error occurs on the screen. At the same time every time when user clicks "Create" an issue with some standard and system fields creates in the background. But there were no signs of creating a issue, they were not even displayed anywhere. Issues appears in all lists after project reindexing. And we see these issues in "Integrity checker". For now, as a workaround, we've just added to auto-hide the Epic Link from the create screen if the user doesn't have permission to edit all issues in the current project. Typically, in our Jira, issues are added to epics in the same project as the issue.

              drauf Daniel Rauf
              43408485a508 Nathan Lopez
              Affected customers:
              11 This affects my team
              Watchers:
              28 Start watching this issue

                Created:
                Updated:
                Resolved: