I'm assuming I am not the first to see this, but I couldn't find anything by searching on this specific issue. I have several workflows that require approvals and have conditions set up to only allow users in a role to make the transition happen. I recently saw someone create an issue in the project with a different issue type (Task) and then they moved the issue to being the issue type that requires an approval (Access Request). They were able to specify that they wanted the issue to be in "Approved" status on the move instead of "New", even though if they had created the issue correctly in the right issue type to begin with, they would not have been able to execute that transition. Has anyone seen this and if so are there any answers to lock this down?
They never changed the initial status - when they were able to change the status was during the move - on the move screen it gives the option to change issue type and then asks which status in the new issue that this ticket should be in and provides a drop down list of all statuses in the workflow that they are entering.
Yes, JIRA allowed them to put it into "Approved" status instead of the initial status for the flow, "New" - there is a condition on the workflow to go from New to Approved that they must be in a certain role - this works as expected when going through the workflow. It's just the loophole with Moving an issue from one type to another
Yes, the Move function enables the user to move between status without any of the triggers and validatrors configured in the workflows. This is a serious concern when relying on JIRA for controlled workflows.
I have tried to find ways to circumvent this as I like users to be able to move issues to other project if they have created them in the wrong project (happens quite often i my organisation).
I have found no solution and have disabled move for anybody but the project manager.
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Every time you release software, there's a bit of risk – that there's a bug, that something breaks, or that the feature doesn't resonate with customers. Feature flagging helps make high stakes s...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG