Restricting BulkClone by group doesn't work because all groups are lowercase

Jason Smith February 12, 2015

The documentation states that the group name is case sensitive, but JIRA converts all groups to lower case. Thus, we discovered that all project admins (not just leads as documented) are seemingly able to bulk clone in their project.

Is there a workaround or a way of fixing this? We don't want to use roles as project admins could privilege escalate average users without system admin approval. Ideally we would restrict it to a very small number of users via a BulkClone group that was read correctly.

3 answers

1 accepted

1 vote
Answer accepted
Lars Broden February 13, 2015

Hi again Jason

A fix has now been provided on the Atlassian Marketplace that address lower case JIRA groups managed from Crowd. download the BulkClone Basic version 1.0.16.1 to resolve this

Best

Lars

Jason Smith February 13, 2015

Impressive support, thanks!

Jason Smith February 13, 2015

A piece of feedback to consider for the future is that I as an admin would like to configure whether or not admins and project leads could do bulk clone. My ideal setting would be having it be strictly a whitelist of users and/or groups, but even just the bulkclone group would be adequate. I don't necessarily trust all project admins with this power, even if it is just their own project.

Jason Smith February 13, 2015

In the first sentence, I mean project admins, not JIRA or system admins.

Lars Broden February 15, 2015

Jason, Based on your input we have come to the conclusion that this could be beneficial for most users of BulkClone. We have therefore re-designed the User Management in the latest version 1.0.17 now to be found at: https://marketplace.atlassian.com/plugins/com.lbcg.jira.plugins.bulkclone.BulkClone The Project Lead and Project Administrators are no longer allowed to BulkClone by default, it needs to be an active choice mapping to a specific project role or group, see more details in the release notes. Best Lars

1 vote
Lars Broden February 13, 2015

Hi Jason,

Not all installed JIRA instances converts the groups to lower case, it depends on the JIRA configuration.

Regarding the Project Administrator having the right to BulkClone, yes this is by design, alternatively you could grant them "Developers" rights to restrict this.

 

For the lowercase issue on JIRA Groups, we will provide a fix to cater for this shortly, stay tuned..

Best

Lars

0 votes
Lars Broden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 13, 2015

Thanks, To fuel our Kaizen of relentless improvements, we would appreciate a good word in the review section on the Atlassian Marketplace.

There is a BulkClone Professional version launched next week that is more versatile in this aspect

Best

Lars

Suggest an answer

Log in or Sign up to answer