I have a user who does not have the Close Issues permission in the permission scheme. She's using a workflow that has no conditions on the Close Issue transition (i.e. no checking for the Close Issues permission). As expected, she can see the transition button to close an issue. And she can close the issue. But I would have expected her not to be able to close the issue since she doesn't have the Close Issues permission from the permission scheme. Even though the workflow gives her the ability to execute the transition I thought JIRA permissions from the permission scheme would stop her. Do you have to have both set? How do permissions and workflow conditions interact?I'm using JIRA Software v7.4 server.

Community
Q&A
Jira
Questions
How do permissions and workflow conditions interact?

Using email/API key, but still receiving "Basic authentication with passwords is deprecated" error

Hi Team,

I am in the process of updating our company's basic authentication with user/password to email/API key.

According to this (https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account), I should be able to update the username with an email and the password with an API key and make this request successfully:

curl -v https://<company>.atlassian.net --user <user>@<company>.com:<b64key>

This request fails with this error:

* Server auth using Basic with user '<user>@<company>.com'
> GET / HTTP/1.1
> Host: <company>.atlassian.net
> Authorization: Basic <removed>
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Date: Wed, 22 Jun 2022 23:10:14 GMT
< Content-Type: text/plain
< Server: globaledge-envoy
< X-Envoy-Upstream-Service-Time: 1
< Expect-Ct: report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/atlassian-proxy", max-age=86400
< Strict-Transport-Security: max-age=63072000; preload
< X-Content-Type-Options: nosniff
< X-Xss-Protection: 1; mode=block
< Atl-Traceid: 29224f439162d46d
< Report-To: {"group": "endpoint-1", "max_age": 600, "endpoints": [{"url": "https://dj9s4kmieytgz.cloudfront.net"}], "include_subdomains": true}
< Nel: {"report_to": "endpoint-1", "max_age": 600, "include_subdomains": true, "failure_fraction": 0.001}
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
<
Basic authentication with passwords is deprecated. For more information, see: https://developer.atlassian.com/cloud/confluence/deprecation-notice-basic-auth/
* Connection #0 to host <company>.atlassian.net left intact
* Closing connection 0

What do I need to do to make the example request work?

Thank you!

1 answer

1 accepted

0 votes

Answer accepted

Things have changed over time.

In JIRA 6.3 or6.2, Atlassian added a new permission called 'Transition Issues' permission. This is what is being checked now.

You can use the Close permission just like you could in Classic Jira. Add a condition to the Close transition, choose Permission Condition, then select Close Issues permission.

This will get you the desired output in older and newer versions of JIRA. Effectively you need to apply the conditions to the workflow yourself, JIRA has no concept of a 'close' transition.