I noticed we can edit the comments created by other team members, making it look like it was their comment in the first place. This can be very misleading, how can we prevent this?
I just did this to add a searchable hashtag to a comment and Jira is pretending the user themself did the edit.
This is a huge bug in my opinion. Basically Jira is lying about who did something and that makes me think what else is it lying about and can I trust it about anything.
Another example: Cloning a ticket will clone the reporter field, making it appear that the original creater also did the cloning of the new ticket. If the reply to this is "oF cOuRsE, It'S a ClOnE!!!", that kind of proves my point that bugs are often ignored by atlassian and they put the onus on the user for "using the software wrong".
Where in the code did things go so wrong that you can pretend to be another user just by touching their existing stuff?
There is a usefulness in editing anothers comment, but all that usefulness goes out the window if the software can't track who made the edit. This is one of those things that could result in people being fired or worse, and I could see this as a huge lawsuit if any big company did a huge layoff based on Jira comments.
Jira is issue and project tracking software, so what are we all paying for here if it can't do that correctly?
Only space administrators can edit comments, but I agree that it would be better if this could be disabled even for space admins.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
edit someone else's comment is nonsense. Please reconsider :pray:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It doesn't look like much has been done to this, but I think the "misleading" part is what's at issue, really, rather than the fact that it _is_ possible to edit a comment. I'm an admin and I've just changed a colleague's comment, making sure he was happy with it first, but the fact that, as others here have mentioned, there is no record of me, rather than him, having made that change is seriously worrying.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I really don't understand why anyone should be able to edit comments other than their own. Has no-one thought about the potential for abuse here?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I absolutely agree.
Just as concerning is the fact that it doesn't show in the story history.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I don't think the ability for some people to edit other people's comments would be a big issue if the tool was tracking, and making it obvious, that the edit had been made by someone different from the original author. It is relatively common in, for example, Stack Overflow and those sites, for admins to edit questions or answers, but it's made very clear that this has been done.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Josh is correct, only space admins can edit other people's comments: Edit Comments Permission in Confluence
Could you let me know more details of your use case so I can see if the dev team will let me open a suggestion to change the way the permissions work?
For example, if you could let me know a case where you may need to give space admin permissions (so the person could control permissions or...?) but you would not want that admin to be able to edit other people's comments.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
My ideal would be jira-style permission schemes that have pretty granular permissions. "edit own comments," "edit all comments," etc. But I know that is complicated for newer admins.
I'm just in favor of more granular permissions in general. I have people who are space admins just so that they can create/manage user templates, or to use the page reordering (drag and drop) but they ideally wouldn't have the ability to alter permissions.
Getting off topic but it would also be helpful if I could standardize default permissions across sets of related spaces. Like if a permission scheme was shared with multiple jira projects. Feel free to ask me offline Ann if you would like to discuss.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
After testing one more time, you are correct. However a user still has the "edit" option present and when they try to edit a comment the submission window simply spins. It would be a little bit more straight-forward to remove the "edit" option completely from users who are not able to edit comments posted by others.
Also, is it possible to prevent space admins from editing the comments of other space admins? Allowing a space admin "John" to edit the comment of another space admin "Joe", resulting in misleading information. Is there change history for comments, similar to pages?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.