Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Why is a JSM Portal accessible to customers without browse permission?

Nadine Schuett
Contributor
June 3, 2024

Dear Atlassian Community

We started several JSM Projects with the customer permissions set to 

  • Customers who have an account on this Jira site.

Then our Help Center became cluttered and we decided to switch the customer permissions to 

  • Customers who are added to this service project instead and
  • added groups to the Service Desk Customers role with 
  • Browse, create, etc. permissions linked to Service project customer - portal access

The new settings work well for newly created projects so that portals are only accessible for customers in the Service Desk Customers role for specific projects. However, when I changed the settings in an existing project from Customers who have an account on this Jira site to Customers who are added to this service project, the customers list displays the limited number of customers correctly but the portal is still visible to everyone. I checked browse permissions for a user with the permissions checker and the user does not have browse permissions yet can access the portal. 

Does anyone have an idea what I might be missing? 

Cheers 

Nadine

1 answer

0 votes
Florian Bonniec
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 4, 2024

Hi @Nadine Schuett 

 

With "Customers who are added to this service project", user from any role will be able to see the portal, if portal access is set.

Could it be because they may be added as Customer in Organization feature ?

 

Nadine Schuett
Contributor
June 4, 2024

Hi @Florian Bonniec

Is portal access not a Cloud-specific setting? We use the DC version.

Good idea with the Organisations but there are none in this project. It's really weird....

Florian Bonniec
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 4, 2024

No the permission is named "Service project customer - portal access" on DC. It's an option with Role, Group etc when configuring the permission scheme.

 

If user is not listed in any role, and "Service project customer - portal access" is set the user should not have access to the portal because "Service project customer - portal access" use the customer permission you set.

The Help Center should remain accessible I guess but the project should not be listed, so user should not be able to access the portal of this specific project.

Could be cache issue maybe also.

 

Regards

Nadine Schuett
Contributor
June 4, 2024

I see. We linked the permissions to Service project customer - portal access and added customers to the Service Desk Customers project role. The user is not added to this role and not member of any other role either. Yet the portal is visible in the Help Center and the user can access it. 

I cleared the browser cache, Jira caches and tried with different browsers but the user can always access the portal. 

Could it be a problem that the customer permission setting was changed? 

Any ideas what else I can check? 

Florian Bonniec
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 5, 2024

Could you try the Permission helper on that project to make sure it do not have pther access than the Portal Access permission ?

 

Regards

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
9.4.
TAGS
AUG Leaders

Atlassian Community Events