restrict service desk agent access to other project issues

Ok, so currently we have a general user assigned to each project's Service desk. For example "Project A" would have ServiceDeskAgentA. and "Project B" would have "ServiceDeskAgentB" both agents are a part of service-desk-agents groups as a result of being agents, which as far as I know is necessary, since literature suggests that JIRA apparently uses this group for licensing. Is there a way to restrict ServiceDeskAgentA from being able to see issues in "Project B"? 

2 answers

1 accepted

Hi @Carlo-Antonio Marin ,

You have to setup issue security scheme with rule for each group.

This will limit the visibility of issues to the relevant groups.

Hi @RPandyaram Thanks for your response. I think this will work. Kind Regs, CAM

I was able to limit service-desk agents from having visibility/access across service desks w/out having to modify issue security schemes.  I simply created agent groups for each service desk, then set the members of the Service Desk Team role in each service desk to the appropriate agent group.  Using your example Carlo, I accomplished this by...

  1. Making sure each agent is a member of the service-desk-agents group (for license reasons).
  2. Creating a projectA-agents group and projectB-agents group
  3. Defining the membership of the Service Desk Team role for Project A to be the members of the group projectA-agents
  4. Defining the membership of the Service Desk Team role for Project B to be the members of the group projectB-agents

That's it.  By defining the members of the Service Desk Team role for each project using project-specific agent groups, agents who are members of projectA-agents group can't see/access Project B, and vice versa.  I did not have to mess w/ the security scheme or permissions.  The permissions out of the box work fine.

 

Hi @Juan Peraza This is indeed how we currently have it set up, however while agents cannot see a Service Desk Portal/Board of another project, it can still see the underlying JIRA issues, eg AgentB can see Project A (PRGA-123) even though he is not part of the Service desk team on that project. Perhaps I'm missing something. Kind Regs, CAM

Hmm? I wonder if I did have to modify my permission scheme and I forgot that I did. I don't think I did. Take a look at the permission scheme for your Project A. Are the project and issue permissions defined such that only members of certain project roles have privileges? All of my project and issue permissions only allow members of certain project roles to have privileges. I don't remember setting these permissions manually. I think the permissions for Service Desk projects use an out-of-the-box permissions scheme suited for service desk projects. Almost all of my project and issue permissions only allow these project roles to have privileges - Administrators, Service Desk Team, Service Desk Customer - Portal Access. What does the permission scheme for your Project A look like?

I guess solution would be to restrict "Browse Project" permission to "Project Role" "Service Desk Agent".

So only users registered in that role can see/browse JIRA project and their issues.

Issue Security Level (and Scheme) is intended to segregate access to issues inside a project. I would not recommend it in your context.

Suggest an answer

Log in or Join to answer
Community showcase
Teodora [Botron]
Published Thursday in Marketplace Apps

Jira Inferno: The Nine Circles of Jira Administration Hell

If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...

933 views 5 18
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot