Uploaded image for project: 'Atlassian Ecosystem'
  1. Atlassian Ecosystem
  2. ECO-571

Allow users added as Request Participants to view and interact with forge apps even when Restrictions are enabled for a specific request type.

XMLWordPrintable

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      On JSM, when a participant has access to a request (added as a Request Participant) but not to the Request Type, Jira blocks all requests to the backend causing Forge apps to not load at all and giving the following error:

      403 error The user does not have the correct application access required for this resource

      Steps to reproduce:

      1. Ensure that Restrictions are enabled for a specific Request Type.
      1. Add User X and Forge App User to the Restrictions for that Request Type.
      1. Add a user who is not included in the Restrictions (User Y) to the ticket so they have access to the request. (Request Participant)
      1. User Y can interact with the ticket, but for some reason, the Actions panel does not appear for them.

            [ECO-571] Allow users added as Request Participants to view and interact with forge apps even when Restrictions are enabled for a specific request type.

            Caelor Support added a comment -

            A few of our apps that have JSM features are affected by it; at least one customer reports that it's important to them.

            I can confirm the problem persists when the steps to reproduce are followed:

            User added as participant to a ticket - a ticket of a request type with restrictions that do not include them - can view the ticket just fine, but not have the Forge apps load for them

            There is a request in the network tab that fails that might be a limiting factor:

            Caelor Support added a comment - A few of our apps that have JSM features are affected by it; at least one customer reports that it's important to them. I can confirm the problem persists when the steps to reproduce are followed: User added as participant to a ticket - a ticket of a request type with restrictions that do not include them - can view the ticket just fine, but not have the Forge apps load for them There is a request in the network tab that fails that might be a limiting factor:

              Unassigned Unassigned
              26a024868f5f Sherica Ocbania
              Votes:
              10 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: