Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,363,057
Community Members
 
Community Events
168
Community Groups

Why are all JIRA users in the FishEye/Crucible list?

I just upgraded my (lab) FishEye/Crucible server.  Since we also use JIRA, F/C was set up to use JIRA for authentication.  We have a group in JIRA whose members can access F/E.  In version 3.10 of F/E only users who are members of that group are listed in the Admin -> User Settings -> Users list. 

However, in version 4.0, ALL JIRA users are listed.  If I want to see which members actually have access to F/E, I have to go to the Administrators screen which lists users that are/can be assigned administrators as these are the users that actually have access to F/C.

Why are all JIRA users listed?

If I delete them from F/E, does this impact them in JIRA?

If deleting in F/E in JIRA has no impact, is there a way to bulk delete the hundreds of users in the list that shouldn't be there without doing it page by page?

2 answers

1 accepted

1 vote
Answer accepted

Hi Shelli,

The behaviour you are describing is a change that has been introduced with FishEye/Crucible 4.0 and the new user management.

There is an open improvement request to change the behaviour back to the previous one:

 

Deleting a user managed by an external directory (JIRA in your case, but it could be LDAP, Crowd, etc.) is not possible as well. I believe the options to do so should be removed and I raised https://jira.atlassian.com/browse/FE-6571 to keep track of this request.

 

0 votes

In FishEye/Crucible 4.0 we have changed the way how users are managed, please have a look at this:

https://confluence.atlassian.com/display/FISHEYE/FishEye+4.0+release+notes

You can define which groups has an access to FishEye/Crucible using a new 'Global permissions' page:

https://confluence.atlassian.com/display/FISHEYE/Global+permissions

You can also delete users if you wish, there is an option for a bulk delete too. 

https://confluence.atlassian.com/display/FISHEYE/Deleting+or+deactivating+a+user

Regarding your question whether it impacts JIRA - FishEye/Crucible connects to external directories in read-only mode, so user deletion is performed on the FishEye/Crucible side (technically speaking - it modifies an entry in the cru_users db table), not in an external directory.

https://confluence.atlassian.com/display/FISHEYE/Connecting+to+JIRA+for+user+management 

I read the release notes you linked to, but nowhere does it state that all users, not just those with actual access to F/E will be copied over.

If I delete them from F/E, will they just be copied over again on the next synch?

I tried to delete some of the users, but it failed with this error in the logs:

2016-06-15 08:26:31,841 WARN  [qtp2075952726-1518 ] fisheye BulkUserEditAction-deleteUsers - Error deleting users

com.atlassian.crucible.spi.services.NotPermittedException: Error removing user from directory

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUser(DefaultUserManager.java:1263) [fisheye.jar:?]

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUserAndRemoveCommitterMappings(DefaultUserManager.java:1238) [fisheye.jar:?]

--------- snip -----------

Caused by: com.atlassian.crowd.exception.OperationNotPermittedException: com.atlassian.crowd.exception.ApplicationPermissionException: Not allowed to delete user 'auser' from directory 'JIRA Server'.

        at com.atlassian.crowd.embedded.core.CrowdServiceImpl.removeUser(CrowdServiceImpl.java:506) [embedded-crowd-core-2.8.5-m1.jar:?]

        at com.cenqua.fisheye.user.DefaultUserManager.deleteUser(DefaultUserManager.java:1261) [fisheye.jar:?]

        ... 173 more

Caused by: com.atlassian.crowd.exception.ApplicationPermissionException: Not allowed to delete user 'auser' from directory 'JIRA Server'.

        at com.atlassian.crowd.manager.application.ApplicationServiceGeneric.removeUser(ApplicationServiceGeneric.java:817) [crowd-core-2.8.5-m1.jar:?]

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [?:1.8.0_65]

 

It appears that it does indeed try to delete the user from JIRA.

I have create CRC-9973

 

What if you have similar behavior on 3.10.1?

Hi Mike,

yes, the behaviour will be the same in 3.10. Your users are managed by JIRA, so you cannot remove them from within FishEye otherwise you may remove the user for the other applications as well.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events