We have configured a lot of our projects to have anonymous read access to issues, but not to be able to write or change. Now, we accidentaly found out that anonymous users can actually Close issues and I verified with two issues. Now, when I use the Permission Helper, testing with the fields:
User: (none selected)
Issue: the one that I just closed as anonymous (JAVAAPI-27
Permission: Close Issues
The Permission Helper then returned:<dl><dt>Permission name:</dt><dd title="Close Issues">Close Issues</dd></dl><dl><dt>User:</dt><dd title="Anonymous">Anonymous</dd></dl><dl><dt>Project:</dt><dd title="Java API">X</dd></dl><dl><dt>Permission scheme:</dt><dd title="blah">XYZ Permission Scheme</dd></dl><dl><dt>Issue:</dt><dd title="JAVAAPI-27">X-27</dd></dl><dl><dt>Status:</dt><dd> Anonymous does not have the 'Close Issues' permission</dd></dl>
"Anonymous users cannot satisfy this condition, the only condition Anonymous users can satisfy is the 'Anyone' group.".
To me this seems like a bug, but is there something obvious missing?
This is JIRA 6.0.5.
Ah. The permission helper only tells you about permissions. Which are a set of flags to be used in other places in the system. A lot of this flag usage is hard-coded and obvious (allow worklog delete, allow issue create, etc), but some are more nebulous because the users can configure how they get used.
The most obvious cases are "issue resolved" and "issue closed". These do NOT do what you think they do automatically, their use is configured. If you look at the default workflow, you will see perfectly logical uses for them, set up as "conditions". Such as "user can only use the resolve transition if they have the resolve permission"
But Jira doesn't know that you want to do this sort of thing automatically. Imagine you set up a workflow that has a transition from "open" to "wombled" with a name of "wombling on" - Jira can't possibly know that this should only be done by people with "resolve" permission.
What I'm heading to is "you need to add conditions to your workflow in order to make these permission flags work the way you're expecting"
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
@Rachel Wright (Jira Genie), @Billy Poggi (AUG NOVA, DC), and @Dana Jansen (Confluence Queen) are just some of the folks that lead one of the world's most active Atlassian User Group (AUG)....
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs