Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

restrict service desk agent access to other project issues

Carlo-Antonio M
Carlo-Antonio Marin April 7, 2015

Ok, so currently we have a general user assigned to each project's Service desk. For example "Project A" would have ServiceDeskAgentA. and "Project B" would have "ServiceDeskAgentB" both agents are a part of service-desk-agents groups as a result of being agents, which as far as I know is necessary, since literature suggests that JIRA apparently uses this group for licensing. Is there a way to restrict ServiceDeskAgentA from being able to see issues in "Project B"? 

Answer
Watch
Like Be the first to like this
2459 views

2 answers

1 accepted

1 vote
Answer accepted
RPandyaram
RPandyaram
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 7, 2015

Hi @Carlo-Antonio Marin ,

You have to setup issue security scheme with rule for each group.

This will limit the visibility of issues to the relevant groups.

View More Comments
Carlo-Antonio M
Carlo-Antonio Marin April 7, 2015

Hi @RPandyaram Thanks for your response. I think this will work. Kind Regs, CAM

Like
Reply
2 votes
Juan Peraza
Juan Peraza
Contributor
April 7, 2015

I was able to limit service-desk agents from having visibility/access across service desks w/out having to modify issue security schemes.  I simply created agent groups for each service desk, then set the members of the Service Desk Team role in each service desk to the appropriate agent group.  Using your example Carlo, I accomplished this by...

  1. Making sure each agent is a member of the service-desk-agents group (for license reasons).
  2. Creating a projectA-agents group and projectB-agents group
  3. Defining the membership of the Service Desk Team role for Project A to be the members of the group projectA-agents
  4. Defining the membership of the Service Desk Team role for Project B to be the members of the group projectB-agents

That's it.  By defining the members of the Service Desk Team role for each project using project-specific agent groups, agents who are members of projectA-agents group can't see/access Project B, and vice versa.  I did not have to mess w/ the security scheme or permissions.  The permissions out of the box work fine.

 

View More Comments
Carlo-Antonio M
Carlo-Antonio Marin April 7, 2015

Hi @Juan Peraza This is indeed how we currently have it set up, however while agents cannot see a Service Desk Portal/Board of another project, it can still see the underlying JIRA issues, eg AgentB can see Project A (PRGA-123) even though he is not part of the Service desk team on that project. Perhaps I'm missing something. Kind Regs, CAM

Like
Juan Peraza
Juan Peraza
Contributor
April 7, 2015

Hmm? I wonder if I did have to modify my permission scheme and I forgot that I did. I don't think I did. Take a look at the permission scheme for your Project A. Are the project and issue permissions defined such that only members of certain project roles have privileges? All of my project and issue permissions only allow members of certain project roles to have privileges. I don't remember setting these permissions manually. I think the permissions for Service Desk projects use an out-of-the-box permissions scheme suited for service desk projects. Almost all of my project and issue permissions only allow these project roles to have privileges - Administrators, Service Desk Team, Service Desk Customer - Portal Access. What does the permission scheme for your Project A look like?

Like
Yves Martin
Yves Martin
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 26, 2017

I guess solution would be to restrict "Browse Project" permission to "Project Role" "Service Desk Agent".

So only users registered in that role can see/browse JIRA project and their issues.

Issue Security Level (and Scheme) is intended to segregate access to issues inside a project. I would not recommend it in your context.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events