Iv had a rather strange request for one of our Queues today, and am not sure whether it is doable in JIRA
I was wondering whether a User could add a comment to an issue (via email) if they don't have the security to see the ticket? Currently when users raise a ticket via email, they often CC other users in, and these users don't get view permissions, but sometimes they respond and there response should be logged as a comment. Even if the Comment is logged under some Anonymous user account, as long as the comment is actually logged correctly
Sorry if that didnt make sense
AFAIK the security permissions are respected while comments are added via emails. So with the default mail handler this may not be possible.
But if these people in Cc are not Jira users, then if defaultReporter is specified in email configuration, Jira actually adds their comments under the name of defaultReporter. A little strange though :)
JEMH seems to have this functionality https://plugins.atlassian.com/plugins/com.javahollic.jira.jemh-ui
I leave to Andy to comment more.
May be that is what I wrote in the above comment. If defaultReporter is specified and mail comes from NON-Jira users, it gets added, while it comes from known Jira users without permissions, it is rejected.
Btw, there seems to be another parameter 'defaultReporterOverridesDerivedReporter' which you can use, but the bad part is that all comments may look like it has come from the same originator.
Yeah, its just not quite what I am after Renjith
Is it possibly something that could be solved with better security settings? Through the JIRA interface, only specified groups can access the tickets (which I currently have working), but via email, anyone can comment on a ticket (as to comment, they must know about the ticket)
JIRA has a security model that JEMH can respect fully, or bend a little if you configure it so. There is a configuration option that enforces strict JIRA security, relaxing that will mean a user, by email, may be able to do things that would not otherwise be possible (eg add a watcher). If you have users commenting on issues that they should not be able to, thats a bug or a configuration issue.
Not having a defaultReporter set will ensure issues cannot be created in projects that are not appropriate, as the 'reporter' must be derived from the incomng email address, associated with a JIRA user having the correct privileges.
If you're using JEMH 1.x I'd be more than happy to dig into cause.
In passing, when non-jira user support is needed (and is specifically enabled) in addition to the above 'correct' behaviour', it is possible that new users could email with an issue key in the subject.
Happy to dig into this in more detail in JIRA, if there is a use case not being addressed, just create an issue on the project issue tracker.
Thanks for the help guys - actually got close to what the guys wanted using JEMH's ccHandling, but I think to fully implement it would require a Custom Email Handler since it is a very specific case. I'm using JIRA 4.4.4 so not using JEMH 1.X yet Andy - thanks for the option though.
Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot