-
Bug
-
Resolution: Not a bug
-
Low
NOTE: This bug report is for JIRA Service Desk Cloud. Using JIRA Service Desk Server? See the corresponding bug report.
Summary
When using a Collaborator account to modify issues in a Service Desk project via API, users won't see a permissions error response - the operation will fail silently.
Steps to Reproduce
- Set up a Service Desk project.
- Set up a user account with full access to the Service Desk project, but without the Service Desk Agent permissions.
- Use API authenticating with the account from point 2 to attempt to modify an issue in the Service Desk project.
Expected Results
API call returns an error about the missing agent permission.
Actual Results
The API response (201) indicates that the call is successful - it's only based on JIRA permissions and doesn't account for the Service Desk permissions override.
Notes
Checking the Permission Helper indicates that the Collaborator account won't be able to edit the issue:
You are trying to perform an agent action on a service desk project. To perform this action, you must have a Service Desk agent license and both Browse and Edit Issue permissions on this project.
This information should be included in the API response.
Workaround
Grant the API user Service Desk agent permissions.
- is related to
-
-
- Closed
-
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
[JSDCLOUD-2117] API Responses Don't Account for Service Desk Permission Override
- SD API didn't exist at that time
- JIRA API worked as expected with SD Projects - Collaborator cannot assign issues
- Issue was fixed (original from customer) by grant extra permission to the user
Hi,
I read through the description, but it is a bit of unclear.
Could anyone help to clarify these info:
- What are the permissions that API user have?
- Which groups this user belongs to?
- Which API from service desk it calls to?
FYI: Service Desk does not officially provide any public API yet.
Thanks