Uploaded image for project: 'Jira Service Management Cloud'
  1. Jira Service Management Cloud
  2. JSDCLOUD-3392

Restrict internal comments to only users listed in project roles

XMLWordPrintable

    • 515
    • 9

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      NOTE: This suggestion is for JIRA Service Desk Cloud. Using JIRA Service Desk Server? See the corresponding suggestion.

      Experienced Behavior

      JIRA users are able to view Service Desk requests when granted "Browse Project" permission. These users are automatically able to view internal comments.

      Expected Behavior:

      JIRA users are able to view Service Desk request when granted "Browse Project" permission but are not able to view internal comments unless they are a part of the Service Desk Team.

      Suggested Resolution:

      Use project roles to determine if internal comments should be shown to users. A user who has "Browse Project" permission but no project roles should be able to view the request but not any internal comments. Users with "Browse Project" permission should be able to view internal comments when added to a project role such as "Service Desk Team" "Administrators" or "Developers"

      Update - 2 April 2024

      Closing as this is a duplicate ticket. Please see https://jira.atlassian.com/browse/JSDCLOUD-829

       

        1. image001 (1).png
          image001 (1).png
          120 kB

          Form Name

            [JSDCLOUD-3392] Restrict internal comments to only users listed in project roles

            Kevin Gérard added a comment -

            Hi rcrossman@atlassian.com

            This feature isn't duplicating the JSDCLOUD-829 at all. 

            There's some major differences in the 2 requests.

            JSDCLOUD-829 isn't helpfull at all to me, as i cannot realistically expect my internal service desk team to manually set a restriction level on each individual comment they're setting internally. i cannot block non-agents from setting internal comments as well, which is a vital part. 

            This specific ticket requests a PROJECT LEVEL PERMISSION that will set project role based behaviour about the visibility and permissions of internal comments. 

            in my project i need to make sure the following is set: 

            • non-agents can access their ticket (in Jira view)
            • non-agents should NOT be able to see ANY internal comment
            • non-agents should NOT be able to add internal comments

             

            While in my Customer service desk project: 

            • non-agents should be able to see all tickets in Jira view
            • non-agents should NOT be able to add PUBLIC comments 
            • non-agents should ONLY be able to add INTERNAL comments 

             

            I hope you see why these tickets you marked as duplicate are actually very different from each other. 
            you cannot possibly expect users to constantly be setting permissions on issue level for everything they're doing, that logic just can't stand! 

             

            Kevin Gérard added a comment - Hi rcrossman@atlassian.com This feature isn't duplicating the JSDCLOUD-829 at all.  There's some major differences in the 2 requests. JSDCLOUD-829 isn't helpfull at all to me, as i cannot realistically expect my internal service desk team to manually set a restriction level on each individual comment they're setting internally. i cannot block non-agents from setting internal comments as well, which is a vital part.  This specific ticket requests a PROJECT LEVEL PERMISSION that will set project role based behaviour about the visibility and permissions of internal comments.  in my project i need to make sure the following is set:  non-agents can access their ticket (in Jira view) non-agents should NOT be able to see ANY internal comment non-agents should NOT be able to add internal comments   While in my Customer service desk project:  non-agents should be able to see all tickets in Jira view non-agents should NOT be able to add PUBLIC comments  non-agents should ONLY be able to add INTERNAL comments    I hope you see why these tickets you marked as duplicate are actually very different from each other.  you cannot possibly expect users to constantly be setting permissions on issue level for everything they're doing, that logic just can't stand!   

            Rachel Crossman (Inactive) added a comment -

            This is a duplicate of https://jira.atlassian.com/browse/JSDCLOUD-829

            Rachel Crossman (Inactive) added a comment - This is a duplicate of https://jira.atlassian.com/browse/JSDCLOUD-829

            anthony.paull added a comment -

            Hey guys, this is assigned to an inactive agent, can we please have some movement on this ticket? The workarounds required due to this bug are causing significant headaches for anyone who has employees working on Jira Software projects being supported from a JSM project.

            If you aren't an agent on the project, you shouldn't be allowed to see "internal" comments. "Internal" comments should be entirely internal to the project team.

            anthony.paull added a comment - Hey guys, this is assigned to an inactive agent, can we please have some movement on this ticket? The workarounds required due to this bug are causing significant headaches for anyone who has employees working on Jira Software projects being supported from a JSM project. If you aren't an agent on the project, you shouldn't be allowed to see "internal" comments. "Internal" comments should be entirely internal to the project team.

            owen.chan added a comment -

            +1

            owen.chan added a comment - +1

            codesimon added a comment -

            We need this implementation, too. 

            codesimon added a comment - We need this implementation, too. 

            Ed Osborn added a comment -

            It's honestly bizarre that this isn't already the case. No one writes a comment, marks it as 'internal only' and expects the customer still be able to see it. 

            Ed Osborn added a comment - It's honestly bizarre that this isn't already the case. No one writes a comment, marks it as 'internal only' and expects the customer still be able to see it. 

            Paul added a comment -

            Please add this functionality.

            Paul added a comment - Please add this functionality.

            Alex John added a comment -

            Please change this

            Alex John added a comment - Please change this

            anthony.paull added a comment -

            BUMP...

            As Ashley has just expressed, this has been a request for years. 5th October 2022 (1 year ago) was when I first commented. Happy anniversary!

            anthony.paull added a comment - BUMP... As Ashley has just expressed, this has been a request for years. 5th October 2022 (1 year ago) was when I first commented. Happy anniversary!

            Ashley Hammes added a comment - - edited

            I also would like to push for there to be a solution for this in the very near future, looks like this has been a request for years. Thanks.

            Ashley Hammes added a comment - - edited I also would like to push for there to be a solution for this in the very near future, looks like this has been a request for years. Thanks.

              rcrossman@atlassian.com Rachel Crossman (Inactive)
              tevans Tim Evans (Inactive)
              Votes:
              266 Vote for this issue
              Watchers:
              155 Start watching this issue

                Created:
                Updated:
                Resolved: