Open
Description
Bug summary
Currently this code is present in client.py which calls this api.
The problem comes from the last two lines:
if issueSecurityScheme is None and ps_list:
issueSecurityScheme = ps_list[0]["id"]
The problem that can arise is as follows. If:
- The issue security scheme at index 0 is related to a team-managed project
- The project create call is done at a company managed project
Then the create call will fail with the error:
jira.exceptions.JIRAError: JiraError HTTP 400 url: https://your-jira.atlassian.net/rest/api/3/project
text: Unable to validate, issue security scheme could not be retrieved.
This is due to the mismatch between the two levels.
Since issueSecurityScheme is an optional parameter in the create endpoint
Suggestion to fix would be in a case where issueSecurityScheme was not passed by the caller, then do not set one.
In addition - the setting based on detecting "default" in the name present here could cause similar unintentional harm.
Is there an existing issue for this?
- I have searched the existing issues
Jira Instance type
Jira Cloud (Hosted by Atlassian)
Jira instance version
No response
jira-python version
3.5.2
Python Interpreter version
3.8
Which operating systems have you used?
- Linux
- macOS
- Windows
Reproduction steps
#0 create an issue security scheme in a team managed project and ensure it is the only schema
# 1. Given a Jira client instance
jira: JIRA
# 2. When I call the function create_project without argument issueSecurityScheme on a company managed project
jira.create_project(
key=project_key,
name=project_name,
assignee=user_id,
template_name=template_name,
permissionScheme=perm_id,
)
# 3. failure
jira.exceptions.JIRAError: JiraError HTTP 400 url: https://your-jira.atlassian.net/rest/api/3/project
text: Unable to validate, issue security scheme could not be retrieved.Stack trace
See summaryExpected behaviour
Project created successfully - and issue security scheme not being provided is respected by not being set.
Additional Context
No response