search

pycontribs / jira

Python Jira library. Development chat available on https://matrix.to/#/#pycontribs:matrix.org
https://jira.readthedocs.io
BSD 2-Clause "Simplified" License
1.95k stars 864 forks source link

issueSecurityScheme first item retrieval can cause failure in JIRA project creation due to level mismatch #1715

Open arnoldrw opened 1 year ago

arnoldrw commented 1 year ago

Bug summary

Currently this code is present in client.py which calls this api.

The problem comes from the last two lines:

            if issueSecurityScheme is None and ps_list:
                issueSecurityScheme = ps_list[0]["id"]

The problem that can arise is as follows. If:

Then the create call will fail with the error:

jira.exceptions.JIRAError: JiraError HTTP 400 url: https://your-jira.atlassian.net/rest/api/3/project
text: Unable to validate, issue security scheme could not be retrieved.

This is due to the mismatch between the two levels.

Since issueSecurityScheme is an optional parameter in the create endpoint

Suggestion to fix would be in a case where issueSecurityScheme was not passed by the caller, then do not set one.

In addition - the setting based on detecting "default" in the name present here could cause similar unintentional harm.

Is there an existing issue for this?

Jira Instance type

Jira Cloud (Hosted by Atlassian)

Jira instance version

No response

jira-python version

3.5.2

Python Interpreter version

3.8

Which operating systems have you used?

Reproduction steps

#0 create an issue security scheme in a team managed project and ensure it is the only schema
# 1. Given a Jira client instance
jira: JIRA
# 2. When I call the function create_project without argument issueSecurityScheme on a company managed project
jira.create_project(
            key=project_key,
            name=project_name,
            assignee=user_id,
            template_name=template_name,
            permissionScheme=perm_id,
        )
# 3. failure
jira.exceptions.JIRAError: JiraError HTTP 400 url: https://your-jira.atlassian.net/rest/api/3/project
text: Unable to validate, issue security scheme could not be retrieved.

Stack trace

See summary

Expected behaviour

Project created successfully - and issue security scheme not being provided is respected by not being set.

Additional Context

No response

adehad commented 9 months ago

This is an important bug and was the reason why our Jira Cloud tests were failing.

I think the default value for the permission scheme is actually always 1000. So perhaps that is the best option? Actually as you say the best option is to leave blank.

adehad commented 9 months ago

I really dislike the current create_project() method. It may be best to re-implement now that we have a working test setup:

Currently:

  1. Not all optional fields are passed in to the API...