I'm trying to group my customers by projects.
If they have premium support they can log tickets in the premium project.
If they have standard support they can log tickets in the standard project.
If they have basic support they can log tickets in the basic project.
I found that I can do this through permissions schemes. I create a new permission scheme for each project.
I then revoke the Browse permission for my project for 'Service Desk Customer - Portal Access'.
After this, I can get JIRA to stop complaining:
Permission scheme error - The Service Desk Customer - Portal Access security type must be assigned to:
How can I make JIRA okay with me setting these permissions?
Or is there another way to control access of users to projects?
As it is, this is still a major hack, because I have to add back permissions on an individual basis. Since I can't group 'portal access' customers. But at least it has the desired effect of hiding projects from customers that don't have rights to submit tickets in them.
Any guidance appreciated.
You should not modify the permission scheme to control access to your Service Desk project. The Portal Access is what makes your customer have access to the specific Service Desk portal rather than the internal JIRA project behind the scenes.
Make sure that your customers are assigned to the Service Desk Customers role of your project and open Project Settings / Request Security in your Service Desk project:
Screen Shot 2016-09-27 at 23.11.59.png
Then, under "Manage who can raise requests ..." select the last option (Only people on my customers list).
If you take it one step further, create user groups for your premium / basic / standard support users and assign these users to the Service Desk Customers roles on the dedicated projects. From then on, all you need to do is add users to the correct groups and you should be good to go.
Thank you. I've been banging my head against a wall for a while to try to figure this out.
Can you expand on the statement that I can group Customers? I've been trying to figure out how to group my customers and it seems that any User Groups I create can only be assigned to licensed users. Portal Only users don't appear to be 'group'-able. Is there another kind of group? Or am I missing something?
That sounds a bit strange to me. Your setup might be influenced by whether you are on Cloud or Server and integrate with an external user directory (such as AD) or not.
Steps you can take are:
(*) Whether your users consume a license seed for JIRA Software, Core or Service Desk is determined by the Application Access. This is something you could check in the Admin section of JIRA as well.
Again, thank you. I was under the impression I had to have customers as "Restricted Portal access" box checked, to avoid paying for another license for them, in addition to keeping security locked down. It does say explicitly under the checkbox "Users with restricted portal access cannot be added to groups or given a license"
Based on what you've said, and a little more research I see the checkbox "Restricted Portal Access", is more or less a device to prevent on boarded customers from accidentally getting the wrong permissions, but it's not needed to actually lock users into the portal. So I'll need to give better instructions to the admins to make sure new customers aren't given admin rights or something else damaging.
Thanks for all your help.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot