I'd like to question and challenge the current scriptRunner code when it comes to handling jira-administrators and jira-system-administrators separation being applied in Jira. This can be due to various reasons, for example one team responsible for platform being up and performing, and the other only responsible for doing support related tasks for users requesting configuration changes.
Effectively with script runner including script console, any user can do and execute anything as account that runs Jira, possibly even grab LDAP configuration from database, aside creating/modification/deletion of files in filesystem.
So my question is as follows: if Jira already has separation of these roles build in, why such powerful tool, ignores it?
I would ask for confluence as well, but there Atlassian is seriously behind because they offer the separation in global permissions, but in the end of the day nearly everywhere is confluence-administrators group hard-coded anyway.
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events