Uploaded image for project: 'Atlassian Ecosystem'
  1. Atlassian Ecosystem
  2. ECO-571

Allow users added as Request Participants to view and interact with forge apps even when Restrictions are enabled for a specific request type.

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      On JSM, when a participant has access to a request (added as a Request Participant) but not to the Request Type, Jira blocks all requests to the backend causing Forge apps to not load at all and giving the following error:

      403 error The user does not have the correct application access required for this resource

      Steps to reproduce:

      1. Ensure that Restrictions are enabled for a specific Request Type.
      1. Add User X and Forge App User to the Restrictions for that Request Type.
      1. Add a user who is not included in the Restrictions (User Y) to the ticket so they have access to the request. (Request Participant)
      1. User Y can interact with the ticket, but for some reason, the Actions panel does not appear for them.

            [ECO-571] Allow users added as Request Participants to view and interact with forge apps even when Restrictions are enabled for a specific request type.

            Sherica Ocbania made changes -
            Component/s Original: [DO NOT USE] Forge - JSM Modules [ 77694 ]
            Component/s New: Forge - Jira page modules [ 73726 ]
            Tasha made changes -
            Remote Link New: This issue links to "DD-21191 (Jira)" [ 997145 ]
            Joe Clark made changes -
            Component/s Original: Forge - Jira permission extensions [ 73730 ]
            Component/s Original: Forge - Function invocation [ 72111 ]
            Component/s New: Forge - JSM Modules [ 77694 ]
            Sherica Ocbania made changes -
            Description Original: On JSM, when a participant has access to a request (added as a Request Participant) but not to the Request Type, Jira blocks all requests to the backend causing Forge apps to not load at all and giving the following error:

            {{403 error The user does not have the correct application access required for this resource}}
            New: On JSM, when a participant has access to a request (added as a Request Participant) but not to the Request Type, Jira blocks all requests to the backend causing Forge apps to not load at all and giving the following error:

            {{403 error The user does not have the correct application access required for this resource}}
            h3. Steps to reproduce:
             # Ensure that *Restrictions* are enabled for a specific {*}Request Type{*}.

             # Add *User X* and *Forge App User* to the *Restrictions* for that {*}Request Type{*}.

             # Add a user who is not included in the *Restrictions* (User Y) to the ticket so they have access to the request. (Request Participant)

             # *User Y* can interact with the ticket, but for some reason, the *Actions* panel does not appear for them.
            Sherica Ocbania made changes -
            Summary Original: Allow users added as Request Participants to view and interact with the forge apps even when Restrictions are enabled for a specific request type. New: Allow users added as Request Participants to view and interact with forge apps even when Restrictions are enabled for a specific request type.
            Sherica Ocbania made changes -
            Labels New: ecohelp
            Sherica Ocbania created issue -

              Unassigned Unassigned
              26a024868f5f Sherica Ocbania
              Votes:
              14 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: