Gantt Cloud does not have any custom access control mechanisms at the moment and it is relying on the built-in JIRA groups, roles and permissions system. However, please be aware that every request that add-on is making to the JIRA API isn't performed on behelf of the logged in user but so-called Add-on user. Administrators can permission that add-on user in very similar ways to how they permission normal users. Every incoming request from a Gantt Cloud add-on is assigned the user addon_eu.wisoft.gantt-ondemand and authorisation proceeds as normal from that point onwards, with the add-on user's permissions limiting what API features the incoming requests may target.
Dedicated add-on users are created automatically whenever you install new add-on on your JIRA instance. These users shall not be removed manually. As a system user, add-on user does not consume your JIRA licenses.
0 Comments