Apps on the cloud version of Jira are a bit different from server/DC variants. Cloud apps have a peculiar user App user on the instances where they are installed. This app user has access to all Jira projects & thus potentially this can be exploited (within the context of ARNR) to bypass project restrictions and fetch issues from Jira that otherwise one would not have access to.

To prevent such a possibility, we are introducing a new parameter for rules called Run rule as.

Open

As Jira admin, navigate to Jira Apps menu from Jira settings >> Configurations for Automated Release Notes & Reports >> Rules tab. This is where an option to turn on Allow rules to be run by App user option is available.

If it is turned on, then ARNR end users can potentially create templates to fetch information that is not visible to them via Jira due to their Jira permissions. If at all, this feature is required, turn it on temporarily until the relevant rule is created & then turn it off.

When turned on, the Jira admin can also configure the default value to be either Creator of rule or App user.

Imagine, if Alex created a rule in ARNR some time ago & then after a while left the organization, thus his Jira account was deactivated/deleted. Now if the rule was configured to be run by Creator of rule then it will fail to fetch Jira issues because Alex doesn’t have access to Jira anymore.