Why are all JIRA users in the FishEye/Crucible list?

I just upgraded my (lab) FishEye/Crucible server.  Since we also use JIRA, F/C was set up to use JIRA for authentication.  We have a group in JIRA whose members can access F/E.  In version 3.10 of F/E only users who are members of that group are listed in the Admin -> User Settings -> Users list. 

However, in version 4.0, ALL JIRA users are listed.  If I want to see which members actually have access to F/E, I have to go to the Administrators screen which lists users that are/can be assigned administrators as these are the users that actually have access to F/C.

Why are all JIRA users listed?

If I delete them from F/E, does this impact them in JIRA?

If deleting in F/E in JIRA has no impact, is there a way to bulk delete the hundreds of users in the list that shouldn't be there without doing it page by page?

2 answers

1 accepted

Accepted Answer
1 vote

Hi Shelli,

The behaviour you are describing is a change that has been introduced with FishEye/Crucible 4.0 and the new user management.

There is an open improvement request to change the behaviour back to the previous one:

 

Deleting a user managed by an external directory (JIRA in your case, but it could be LDAP, Crowd, etc.) is not possible as well. I believe the options to do so should be removed and I raised https://jira.atlassian.com/browse/FE-6571 to keep track of this request.

 

0 votes

In FishEye/Crucible 4.0 we have changed the way how users are managed, please have a look at this:

https://confluence.atlassian.com/display/FISHEYE/FishEye+4.0+release+notes

You can define which groups has an access to FishEye/Crucible using a new 'Global permissions' page:

https://confluence.atlassian.com/display/FISHEYE/Global+permissions

You can also delete users if you wish, there is an option for a bulk delete too. 

https://confluence.atlassian.com/display/FISHEYE/Deleting+or+deactivating+a+user

Regarding your question whether it impacts JIRA - FishEye/Crucible connects to external directories in read-only mode, so user deletion is performed on the FishEye/Crucible side (technically speaking - it modifies an entry in the cru_users db table), not in an external directory.

https://confluence.atlassian.com/display/FISHEYE/Connecting+to+JIRA+for+user+management 

I read the release notes you linked to, but nowhere does it state that all users, not just those with actual access to F/E will be copied over.

If I delete them from F/E, will they just be copied over again on the next synch?

I tried to delete some of the users, but it failed with this error in the logs:

2016-06-15 08:26:31,841 WARN  [qtp2075952726-1518 ] fisheye BulkUserEditAction-deleteUsers - Error deleting users

com.atlassian.crucible.spi.services.NotPermittedException: Error removing user from directory

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUser(DefaultUserManager.java:1263) [fisheye.jar:?]

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUserAndRemoveCommitterMappings(DefaultUserManager.java:1238) [fisheye.jar:?]

--------- snip -----------

Caused by: com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Not allowed to delete user 'auser' from directory 'JIRA Server'.

        at com.atlassian.crowd.embedded.core.CrowdServiceImpl.removeUser(CrowdServiceImpl.java:506) [embedded-crowd-core-2.8.5-m1.jar:?]

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUser(DefaultUserManager.java:1261) [fisheye.jar:?]

        ... 173 more

Caused by: com.atlassian.crowd.exception.ApplicationPermissionException: Not allowed to delete user 'auser' from directory 'JIRA Server'.

        at com.atlassian.crowd.manager.application.ApplicationServiceGeneric.removeUser(ApplicationServiceGeneric.java:817) [crowd-core-2.8.5-m1.jar:?]

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [?:1.8.0_65]

 

It appears that it does indeed try to delete the user from JIRA.

I have create CRC-9973

 

What if you have similar behavior on 3.10.1?

Hi Mike,

yes, the behaviour will be the same in 3.10. Your users are managed by JIRA, so you cannot remove them from within FishEye otherwise you may remove the user for the other applications as well.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published 7 hours ago in Sourcetree

Tip from the team: configure your repos for hosting goodness!

Supported Platforms macOS Windows We recently introduced support for additional hosting services such as GitHub Enterprise, GitLab (Cloud, Community Edition, Enterprise Edition), and...

50 views 0 1
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you