Uploaded image for project: 'Jira Service Management Cloud'
  1. Jira Service Management Cloud
  2. JSDCLOUD-3421

Remove Customer Portal Access entity from all permissions currently not implemented

    XMLWordPrintable

Details

    • 3

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      NOTE: This suggestion is for JIRA Service Desk Cloud. Using JIRA Service Desk Server? See the corresponding suggestion.

      Currently, several permissions have been granted to the "Customer Portal Access" entity, despite the functionality to provide these permissions the customer user types not being in place yet.
      These permissions have been granted as placeholders for potential future feature releases.

      This means, that as soon as such a feature gets release, and the JIRA Admin of the JIRA environment upgrades Service Desk, the customers in that environment will automatically get that permission granted.
      This can pose a security issue if the JIRA Admin does not want customers to have these permissions.

      Please remove these placeholders to prevent the potential security issue from above to occur. Instead, we need to properly inform customers when new feature become available, and which steps they need to take in order to provide these features to their customer.

      Attachments

        Issue Links

          is related to

          Suggestion - JSDSERVER-3421 Remove Customer Portal Access entity from all permissions currently not implemented

          • Closed

          Activity

            People

              Unassigned Unassigned
              mnassette MJ (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: