[CONFCLOUD-68678] Connect macro content not viewable via Jira Service Desk customer portal knowledge-base

Type: Suggestion
Resolution: Unresolved
Component/s: Ecosystem
Labels:
- grooming-ready

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Problem Definition

Currently AP.request() calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicensed users (which JSD customers usually are) to make POST requests to Confluence APIs.

Workaround

Vendors can make the POST requests from their application server, rather than using AP.request() to make an impersonated request from the client-side.

Notes

The current solution for unlicensed users viewing Confluence content, including macros, from the Jira Service Desk customer portal strictly allows only read access to Confluence. For this reason, supporting GET requests from Confluence macros is mostly sufficient. The exception is any POST request that only requires read permission like https://developer.atlassian.com/cloud/confluence/rest/#api-api-contentbody-convert-to-post

mentioned in: Page Failed to load

Samir made changes - 11/Nov/2024 10:25 PM

Component/s

Original: User - Permissions [ 46370 ]

Alex Medved {ConfiForms} added a comment - 11/Nov/2021 10:46 AM

This affects all the 3rd part apps if they are used on a page that is shown through the JSD/JSM portal (knowledge base)

Something very similar we have been seeing on server/DC - https://jira.atlassian.com/browse/CONFSERVER-30161

Alex Medved {ConfiForms} added a comment - 11/Nov/2021 10:46 AM This affects all the 3rd part apps if they are used on a page that is shown through the JSD/JSM portal (knowledge base) Something very similar we have been seeing on server/DC - https://jira.atlassian.com/browse/CONFSERVER-30161

Runar Nilssen added a comment - 11/Nov/2021 9:28 AM

Please fix this issue. We need this for effective infromation flow to our users.

Problem showing pages utilizing the app "Table filter and Charts for Conluence" by Stiltsoft.

Runar Nilssen added a comment - 11/Nov/2021 9:28 AM Please fix this issue. We need this for effective infromation flow to our users. Problem showing pages utilizing the app "Table filter and Charts for Conluence" by Stiltsoft.

Engin Tekin made changes - 04/Feb/2021 9:16 PM

Epic Link

New: CONFDEV-72430 [ 1668520 ]

Peter Obara made changes - 07/May/2020 1:05 AM

Rank

New: Ranked lower

Peter Obara made changes - 07/May/2020 1:04 AM

Rank

New: Ranked lower

Andrey Khaneev [StiltSoft] added a comment - 22/Apr/2020 12:09 PM

Apps with scope ACT_AS_USER can't authenticate. Please, fix this issue.

Andrey Khaneev [StiltSoft] added a comment - 22/Apr/2020 12:09 PM Apps with scope ACT_AS_USER can't authenticate. Please, fix this issue.

Andrea made changes - 11/Dec/2019 5:18 AM

Remote Link

New: This issue links to "Page (Confluence)" [ 462885 ]

Andrea made changes - 11/Dec/2019 5:04 AM

Description

Original: h3. Problem Definition
Currently {{AP.request()}} calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicensed users (which JSD customer are) to view content.

h3. Suggested Solution
AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applies for GET requests.

h3. Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available

New: h3. Problem Definition
Currently {{AP.request()}} calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicensed users (which JSD customers usually are) to make POST requests to Confluence APIs.

h3. Suggested Solution
AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applied for GET requests.

h3. Workaround
Vendors can make the POST requests from their application server, rather than using {{AP.request()}} to make an impersonated request from the client-side.

h3. Notes
The current solution for unlicensed users viewing Confluence content, including macros, from the Jira Service Desk customer portal strictly allows only read access to Confluence. For this reason, supporting GET requests from Confluence macros is mostly sufficient. The exception is any POST request that only requires read permission like https://developer.atlassian.com/cloud/confluence/rest/#api-api-contentbody-convert-to-post

Andrea made changes - 11/Dec/2019 3:36 AM

Description

Original: h3. Problem Definition
Currently {{AP.request()}} calls made from Connnect macros when displayed via the Jira Service Desk customer portal do not allow for unlicesned users (which JSD customer are) to view content.

h3. Suggested Solution
AP.request() calls made from Connect macros shown in the JSD customer portal to be allowed using the same unlicensed Confluence behaviour that applies for GET requests.

h3. Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available

Assignee:: Unassigned

Reporter:: Battlebeard (Inactive)

Votes:: 14 Vote for this issue

Watchers:: 10 Start watching this issue

Created:: 02/Dec/2019 8:03 AM

Updated:: 11/Nov/2024 10:25 PM

Details

Description

Problem Definition

Suggested Solution

Workaround

Notes

Attachments

Issue Links

Forms

Activity

Collapse comment: Alex Medved {ConfiForms} added a comment - 11/Nov/2021 10:46 AM

Expand comment: Alex Medved {ConfiForms} added a comment - 11/Nov/2021 10:46 AM

Collapse comment: Runar Nilssen added a comment - 11/Nov/2021 9:28 AM

Expand comment: Runar Nilssen added a comment - 11/Nov/2021 9:28 AM

Collapse comment: Andrey Khaneev [StiltSoft] added a comment - 22/Apr/2020 12:09 PM

Expand comment: Andrey Khaneev [StiltSoft] added a comment - 22/Apr/2020 12:09 PM

People

Dates