Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Why this this constant permission error warning?

Deleted user October 23, 2018

I get this:

Some problems need your attention

Permission errors

 

This service desk project has permission errors that can impact functionality. You can correct the errors manually, or click Fix permissions and we'll fix them for you.

 

Hide errors

  • The Service Desk Customer - Portal Access security type must be assigned to:
    • Edit Issues
    • Schedule Issues
    • Move Issues
    • Assign Issues
    • Resolve Issues
    • Close Issues
    • Modify Reporter
    • Delete Issues
    • Link Issues
    • Transition Issues
    • Set Issue Security
    • Edit Own Comments
    • Delete Own Comments
    • Delete Own Attachments

I do not want the customers to have these permissions, why does Jira keep nagging me about that "there is a permission errors"?

The only way it seems to get rid of this annoying warning message is to grant the users all above permission, though that is pretty bad solution...

How to make sens of the permission warning and is there really an issue? Shouldn't I be able to restrict the user from certain actions without Jira going nuts with warnings?

 

Answer
Watch
Like Natalya Ozhigova likes this
1984 views

2 answers

3 votes
Deleted user October 23, 2018

And gotta love the "Fix problem button"... Let's just give everyone permission to everything

Reply
1 vote
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 23, 2018

That "Service Desk Customer - Portal Access" is a special group that is needed in order for Service Desk to function as expected.  Enough Jira administrators have gone into the permissions schemes to customize them as they willed.  As a result it is possible for admins to change the permissions schemes on the service desk project to the point that users in that customer role can not login to the customer portal and actually use service desk as it was designed to be used.  That is essentially why you see this kind of warning anytime you modify the permissions in these kinds of projects.  It helps provide a quick way to revert an overzealous admin's changes to make sure that Service Desk is working by design.

Yes you can still customize these permissions.   However I'm confident that your service desk users in the customer role are going to need to have at least the

  • Edit Issues
  • Assign Issues
  • Resolve Issues
  • Close Issues
  • Transition Issues
  • Set Issue Security

 

Also, in regards to service desk, just because a customer has all the permissions you listed above, it doesn't mean they can actually perform those actions for ALL the issues in that project.  Service Desk has its own special issue security by default.  This makes sure that when you create an issues in a service desk project who can access that issue is actually limited to:

  • The reporter
  • all the licensed users in the Service Desk Agent role,
  • anyone added to the requested participants role,
  • and (if the issue has been shared to an organization) the members of that organization

In turn customers are limited to being able to perform those actions only on requests they created themselves and only when the customer portal actual permits that action.

Hence just because this special access role has those permissions, doesn't mean these users can login to the main Jira portal and perform all those actions to all the issues in that project.  In fact these users are limited to only being able to login to the Customer Portal, and follow the request types prompts in order to create new issues/comment/etc.  You will find that the customer portal is severely restricted in regards to what end users can see.

View More Comments
Deleted user October 26, 2018

Hi Andrew,

Thanks for the reply.

I do not understand why the service desk user should have these permissions:

  • Edit Issues
  • Assign Issues
  • Resolve Issues
  • Close Issues
  • Transition Issues
  • Set Issue Security

These are actions that I do not want the service desk user to be able to do. I did a test last year while setting up a support channel. Using a test user, I was able to escalate, transition and close issues.

Regarding this:

"
Hence just because this special access role has those permissions, doesn't mean these users can login to the main Jira portal and perform all those actions to all the issues in that project.
"

If not in the permission settings, where do I control this?

From your input, it seems that the service desk basically is a mismatch vs. the available permission setting. I.e. the permission setting shouldn't be touched for service desk projects, otherwise it'll break.

If this is the case; why is the option to set permission for this type of projects there at all - instead of a big disclaimer that this shouldn't be touched / or which settings can be modified without breaking the system / or guidance to the location where applicable settings are?

The information in the "Warning" notice is pretty much useless; undo all permission changes that was done without any explanation other than "otherwise it might not work as expected".  The same with the "Fix problem" button; one click and it's back to the default settings without any explanation why.

Like Pit Fischer likes this
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 26, 2018

Service Desk customers are expected to be able to transition issues in Jira.  It's what allows them (the customer) to comment back on and issue and change the status to a state that informs the Agents that the issue is waiting on them.  (ie  From waiting on customer to waiting on support for example).   

There are also inter-dependencies of some permissions.  This is mentioned in the Jira Core documentation:  Managing project permissions

Note that some permissions are dependent upon others to ensure that users can perform the actions needed. For example, in order for a user to be able to resolve an issue, that user must be granted both the Transition Issue permission and the Resolve Issue permission. 

So if you want your customers to be able to resolve their own cases, they need to have both the resolve and transition permission in that project.  If you don't want them to have that permission, you can still remove it from them.  But I think you will find this will be more work for your Agents to manage.

However Jira Service Desk projects are still Jira projects.  As such they do have permissions schemes with can be customized.   Yes you can limit the abilities of users in this special 'customer portal access only' role to limit what they can do in the project.   I understand if you would like this to be more informative as to what will be different from expected, but right now this functionality does not yet exist in Service Desk.

Like # people like this
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security