It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Why are all JIRA users in the FishEye/Crucible list?

Shelli Jun 14, 2016

I just upgraded my (lab) FishEye/Crucible server.  Since we also use JIRA, F/C was set up to use JIRA for authentication.  We have a group in JIRA whose members can access F/E.  In version 3.10 of F/E only users who are members of that group are listed in the Admin -> User Settings -> Users list. 

However, in version 4.0, ALL JIRA users are listed.  If I want to see which members actually have access to F/E, I have to go to the Administrators screen which lists users that are/can be assigned administrators as these are the users that actually have access to F/C.

Why are all JIRA users listed?

If I delete them from F/E, does this impact them in JIRA?

If deleting in F/E in JIRA has no impact, is there a way to bulk delete the hundreds of users in the list that shouldn't be there without doing it page by page?

2 answers

1 accepted

1 vote
Answer accepted
Caterina Curti Atlassian Team Jun 15, 2016

Hi Shelli,

The behaviour you are describing is a change that has been introduced with FishEye/Crucible 4.0 and the new user management.

There is an open improvement request to change the behaviour back to the previous one:

 

Deleting a user managed by an external directory (JIRA in your case, but it could be LDAP, Crowd, etc.) is not possible as well. I believe the options to do so should be removed and I raised https://jira.atlassian.com/browse/FE-6571 to keep track of this request.

 

0 votes
Marek Parfianowicz Atlassian Team Jun 14, 2016

In FishEye/Crucible 4.0 we have changed the way how users are managed, please have a look at this:

https://confluence.atlassian.com/display/FISHEYE/FishEye+4.0+release+notes

You can define which groups has an access to FishEye/Crucible using a new 'Global permissions' page:

https://confluence.atlassian.com/display/FISHEYE/Global+permissions

You can also delete users if you wish, there is an option for a bulk delete too. 

https://confluence.atlassian.com/display/FISHEYE/Deleting+or+deactivating+a+user

Regarding your question whether it impacts JIRA - FishEye/Crucible connects to external directories in read-only mode, so user deletion is performed on the FishEye/Crucible side (technically speaking - it modifies an entry in the cru_users db table), not in an external directory.

https://confluence.atlassian.com/display/FISHEYE/Connecting+to+JIRA+for+user+management 

Shelli Jun 15, 2016

I read the release notes you linked to, but nowhere does it state that all users, not just those with actual access to F/E will be copied over.

If I delete them from F/E, will they just be copied over again on the next synch?

Shelli Jun 15, 2016

I tried to delete some of the users, but it failed with this error in the logs:

2016-06-15 08:26:31,841 WARN  [qtp2075952726-1518 ] fisheye BulkUserEditAction-deleteUsers - Error deleting users

com.atlassian.crucible.spi.services.NotPermittedException: Error removing user from directory

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUser(DefaultUserManager.java:1263) [fisheye.jar:?]

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUserAndRemoveCommitterMappings(DefaultUserManager.java:1238) [fisheye.jar:?]

--------- snip -----------

Caused by: com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Not allowed to delete user 'auser' from directory 'JIRA Server'.

        at com.atlassian.crowd.embedded.core.CrowdServiceImpl.removeUser(CrowdServiceImpl.java:506) [embedded-crowd-core-2.8.5-m1.jar:?]

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUser(DefaultUserManager.java:1261) [fisheye.jar:?]

        ... 173 more

Caused by: com.atlassian.crowd.exception.ApplicationPermissionException: Not allowed to delete user 'auser' from directory 'JIRA Server'.

        at com.atlassian.crowd.manager.application.ApplicationServiceGeneric.removeUser(ApplicationServiceGeneric.java:817) [crowd-core-2.8.5-m1.jar:?]

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [?:1.8.0_65]

 

It appears that it does indeed try to delete the user from JIRA.

I have create CRC-9973

 

Mike Smith Community Leader Jul 28, 2016

What if you have similar behavior on 3.10.1?

Caterina Curti Atlassian Team Jul 31, 2016

Hi Mike,

yes, the behaviour will be the same in 3.10. Your users are managed by JIRA, so you cannot remove them from within FishEye otherwise you may remove the user for the other applications as well.

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Marketplace Apps & Integrations

Webinar alert! An IT Admin's Guide to Securing Collaboration at Scale

Hello, Atlassian Community! My name is Dave Meyer and I'm a Principal Product Manager at Atlassian. I wanted to give this community a heads up about an upcoming Webinar that might be of interest...

167 views 2 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you