I am trying to figure out why A user is getting
"It seems that you have tried to perform an operation which you are not permitted to perform."
However to me it looks like the user should have enough permissions to do this custom transition. Does JIRA put anymore information anywhere on which permission or which action the user couldn't do?
I guess i'm looking for some kinda Audit log.
using JIRA 5.1.2
You shouldn't need an audit log.
If a user can't do something, then you should be able to work it out from their login, and what they were trying to do.
What were they were trying to do? The url they hit is almost certainly the single most useful thing you can get from them, because it's quite rare to see this on a link that is offered to them, it's usually when they've followed a link to something they don't have the rights to do.
Jira deliberately (and sensibly) won't offer links to things people can't do...
Hello, As I've said in my question, To me they should be able to do what they're trying to do. So I have checked their logins and I have checked the conditions I have placed on the transitions and the permissions schemes.
It is because I could not figure it out based on these that I asked if there is any log stored anywhere, which to me seems like a sensible question.
JIRA is offering me the button to click on, so obviously it thinks the user should have permissions to do s.
The problem with the idea of a log is that there is nothing to log - they don't have the permission to do what they clicked on, so there's no action taken, and all you'll get in any log is "they landed on the no permission scheme". If you've got Apache or something in front of Jira, then you might be able to tell what screen they were on before, but that's about it. The next level of logging would be to record every single click and potential action which is complete overkill, and you'd have millions of lines of log every day.
Could you go over the permissions in detail here maybe? Are you sure they are using the user account you think they are (get them to go to their profile and check the login, not just the display name or email address). How *exactly* are they getting to the screen? You haven't said here whether they are clicking on something in Jira (which they should NOT be able to do because it generally hides actions they don't have permissions for), or hitting a URL directly (which could be a problem as they're trying to bypass a permission, or they're not giving the information it needs from the previous screen).
Just because it offers you the button to click on, does not mean it will offer it to them. Unless your account is identical to theirs (including not having admin rights) and you don't use single users in permission schemes. There's more than one place permissions are controlled, and you may also have plugins that affect it.
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Hey Atlassian Community! Today we are launching a bunch of customer stories about the amazing work teams, like Dropbox and Twilio, are doing with Jira. You can check out the stories here. The thi...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs