Invalid permission check setting assignees

Create issue
Issue #526 resolved
Former user created an issue

When creating multiple subtasks in version 4.16.0 of the add-on "Quick subtasks for Jira" with following code we have issues with setting the assignee field:

{code} - Test1 / component:"@inherit" assignee:"Max" //Administators - Test2 / component:"@inherit" assignee:"Andreas" //Contributor Ext - Test3 / component:"@inherit" assignee:"Olga" //Administrators - Test4 / component:"@inherit" assignee:"Alex" //Contributor Int - Test5 / component:"@inherit" assignee:"Robert" //Contributor Ext

the subtasks are only automatically assigned to Contributors Int: <see attachment>

The user permissions and the permission scheme were checked and match. <see attachment>

Many thanks and greetings Olga Saibel

Comments (14)

  1. Micha Kops repo owner

    The user names seem to be wrong … it should be something like

    - Subtask / assignee:”jdoe”
    

  2. Olga Saibel

    Hello,

    after a nine test we found that the multi SubTasks are assigned only to a specific role.
    We have 4 standard roles in Jira: Admins, External, Internal and Users. The multi subtask issues are only assigned to users under the role External, all others remain unassigned. What could be the cause? The project permissions are set up correctly.

    BR

    Olga

  3. Olga Saibel

    Hello Micha,

    Analysis:
    The plugin checks the project authorizations at Assignee:
    2021-03-04 13: 10: 05,998 ERROR [runner.ScriptBindingsManager]: ASSIGNABLE_USER true
    2021-03-04 13: 10: 05,998 ERROR [runner.ScriptBindingsManager]: WORK_ON_ISSUES false

    Has the time tracking permissions "WORK_ON_ISSUES" right been confused with the right "Edit Issues"? Since the time tracking is the default in Jira, only external employees should be allowed to record.

    Can that be corrected?

    BR

    Olga

  4. Micha Kops repo owner

    Hello Olga,
    thanks a lot for your in-depth analysis! You are right, ProjectPermissions.ASSIGNABLE_USER and ProjectPermissions.WORK_ON_ISSUES are used to validate permissions, the latter should be ProjectPermissions.EDIT_ISSUES.

    A bugfix release should fix this, but I hope it won’t break existing (although invalid) configurations out there.

  5. Log in to comment