Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

User without View Development Tools permission is able to browse indexed Git repos

Dominik Pyrka
Dominik Pyrka May 17, 2018

We have a service account in JIRA which doesn't belong to any group tied to any permission schemes where 'View Development Tools' is allowed. However, after logging to JIRA using such account, we can still click Git > View all repositories and browse everything. The tooltip next to 'Repository Browser' option clearly states that user has to have View Development Tools permission to be able to browse the repos. Is this a bug? Is there any other way to prevent this service account from accessing indexed content?

This is an LDAP account which has been blocked on our Gitlab server. Git integration for Jira is the only way of accessing repos for this account and we would like to revoke such access.

Answer
Watch
Like Be the first to like this
894 views

2 answers

0 votes
Mark L. Smith
Mark L. Smith
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 17, 2018

And one more thing... is the service account an administrator?

View More Comments
Dominik Pyrka
Dominik Pyrka May 18, 2018

No, the service account is not an administrator.

Like
Reply
0 votes
Mark L. Smith
Mark L. Smith
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 17, 2018

Hi Dominik,

Typically what we find when this happens is that the user has some random projects where it has View Development Tools permission (possibly through a group) AND all/some of the Git repos are associated with all projects.

What you should see happen is if a user really has no access to any project View Development Tools then the Git menu itself won't show up for that user at all.

Do you currently have all the Git repos associated with all projects?

View More Comments
Dominik Pyrka
Dominik Pyrka May 18, 2018

Yes, the 'associate with all projects' option is checked. We could manually select projects we wish the plugin to be associated with, but it's a large number and in the past we've been experiencing issues. With every update of the Git integration add-on, we needed to remove and readd the integration or else it wouldn't index. Manually marking these projects after every update sounds like a lot of pain.

Like
Mark L. Smith
Mark L. Smith
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 18, 2018

I think solving the index failure after upgrade might help.

What version are you on now?

Like
Dominik Pyrka
Dominik Pyrka May 18, 2018

We're on JIRA 7.9.0 and Git addon 2.13.4.

Let me manually associate repos to projects and get back to you.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Product apps
Apps & Integrations
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.