Global permission is not revoked when app is uninstalled

Jira Development Jira Cloud
#1

Hi,

I have added a custom global permission to my app which looks like this:

"jiraGlobalPermissions": [
  {
   "key": "administer",
    "name": {
      "value": "Administer Permission",
      "i18n": "administer.permission.name"
    },
    "description": {
      "value": "Custom global administration permission",
      "i18n": "administer.permission.description"
    },
    "anonymousAllowed": false,
    "defaultGrants": [
      "JIRA-ADMINISTRATORS"
    ]
  }
]

And it works whenI install the app, all Jira admins get this permission, but when I uninstall the app the permission is not revoked for all Jira admins.

How can I make sure that when the app is uninstalled or disabled, that the Jira admins will no longer have this permission?

Cheers,
Mark

1 Like
#2

Hi, @markrekveld,

If the app that added the permission is uninstalled, the permission is no longer visible or active in Jira, so it doesn’t really matter who has it. Is there any particular reason why you would like to revoke it?

1 Like
#3

Hi @kkercz,

I use the permission to hide or show web-items.
The idea is that I have two app, app 1 adds a “landing/getting started” page if app 2 is not installed but will redirect to app2 when it is installed.

This works great when app2 is not installed, app1 will show the landing page and as soon as app2 gets installed the link it is shown in place of the landing page link.
But when app2 is uninstalled app1 still sees that the users has the permission given by app2 and thus tries to redirect to app2 but this will show a 404 page since app2 is no longer installed for the Jira instance.

On a side note: the permission added by app2 is removed from the mypermissions API call. But somehow this is not reflected in the web-item conditions

#4

Huh, that is a bug. Uninstalled permissions shouldn’t be available anywhere, including the web-item condition. Could you report it in the ACJIRA project?

#5

Ok good to know its not me :slight_smile:
I have created [ACJIRA-1828] Web-item conditions use uninstalled custom global permissions

2 Likes