A new user role has been added to all of our permissions, but we did not add it. Does anyone know what this user is and if we need it? I assume it was part of the maintenance push from last week, but am not 100% sure.
When a Cloud add-on is installed into your instance that requests permission to view project data, a new group is created "atlassian-addons-project-access". We put a user in this group which is only available to the add-on.
This allows you to finely restrict access from specific projects. By default, the add-on is given access to all projects.
The concept is nice (giving fine-grained access to project admins). BTW we have problems with JIRA Service Desk right now, the add-on can not access JIRA Service Desk projects (server to server) as it receives a 404 error (add-on user has the atlassian-addons-project-access role as you mentioned). Any ideas? (so far this problem occurs for us only for Service Desk projects)
Not a good idea to give addons all access to your data. Of course atlassian checks cloud addons, but who can be sure that the plugin does not have a time bomb or steals passwords or credit card numbers from issues?
I would prefer that an addon lists required permissions in documentation and that admin can choose which addon has access to this or that data in project. E.g. sprint addon may schedule issues and transit them, but it should not read comments nor description.
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event