We use Service Desk for internal helpdesk, and we also don't hide issues from users (Browse is available). This basically defeats the ability for any kind of Internal Comments. I'm sure Atlassian's projects are probably configured in a similar fashion so I'm wondering how you do this internally?

Why wasn't project roles considered here which would have made this easier: JSDSERVER-3392. Could have simply tied "Internal Comments" to each project's "Service Desk Team" role.

Hello Atlassian,

still no response on this and JSD-829 - this is really a SHOWSTOPPER ISSUE. We have customers still on Service Desk 1.2 who cannot update due to your inaction an this issue. I talked to ccapel with this on AtlasCamp, and he promised to look into this.

Please Atlassian: find back to "legendary support"

+1 for Thomas summary. I was really astonished to learn, that I cannot control INSIDE JIRA who views internal comments. We have partner companies / organizations with lots of users. For each of these organizations I set up dedicated service desks.

Most users from the organizations submit tickets via the Service Desk portal. However, there are some specific people who help us prioritize issues on the side of the organization. These are setup as normal JIRA users in a dedicated group per company, controlled via LDAP.

By design Service Desk 2.x treats any one who has permission to use JIRA from the "inside" as a collaborator. This equates to those people who have global USE permission. Any one how does NOT have USE permission is considered a free customer and can interact only in he at project via the customer portal.

I am guessing the reasoning behind this setup is that it is hard to apply the normal JIRA permissions without giving the collaborators sufficient access to substitute agents and I can sympathize with your problem. However, we have to be able to restrict permissions for specific users or groups, not extend them. The prospect of applying the outlined scenario was actually one of the two capital reasons to switch to service desk for our support team.

I must also criticize that the handling of this inside JIRA is really not transparent. For our normal projects we have this setup implemented and, to me, there was no reason to suspect that internal comments in Service Desk projects are treated differently then in other projects. I stumbled across this today by accident and it would have been highly embarrassing if internal comments had found their way to a customer in this manner. Luckily I just caught it.

However, you may understand why I think this is not a minor issue. I hope you will consider our feedback an significantly raise the priority on this.

Thanks for your consideration

Jens

Hello @bbaker,

(one of) the setup(s) is as follows:

• There are several customers within departments of clients
  • Example: client A has departments A1, A2 A3 - each of them have users (customers) A1.john, A2.bill, A2.jane, A2.alice, A3.bob, A3.carol, ...
• The department lead (A2.bill) wants to see all issues of his employees, i.e A2.bill needs to see issues of A2.jane and A2.alice, but not of A1.john, A3.bob and A3.carol. Therefore we give A2.bill access to JIRA for monitoring and use the Service Desk for issue creation.
• But A2.bill must not see internal comments, which is impossible at the moment as he automatically becomes collaborator

Even resolving JSD-270 would not give A2.bill all he needs, as he also wants to have dashboards and (his departments) issues charts embedded on confluence pages - he definetly needs the browse project permission.

It is absolutely no problem, that A2.bill would use up a JIRA license as he can use it, but we need the ability to control who is collaborator and who isn´t regardless of JIRA access.

To sum it up: the main problem is that anyone with JIRA access to a Service Desk project can view internal comments - this happens because he automatically becomes collaborator and there is no way to hide comments from collaborators (see JSD-1020, JSD-829)

I am not 100% sure of your desired setup here so I cant give you a specific answer. If you could outline what you are trying to achieve in more detail that will help.

but i can give you some back ground on our design intentions.

By design Service Desk 2.x treats any one who has permission to use JIRA from the "inside" as a collaborator. This equates to those people who have global USE permission. Any one how does NOT have USE permission is considered a free customer and can interact only in he at project via the customer portal.

So if you want your JIRA USE permission people (aka people who can see parts of JIRA from the inside) to only interact via the customer portal on a particular project then you need to do the following.

• remove them from getting BROWSE permission via standard JIRA groups / roles directly
  • This will remove them from being collaborators on this project

• add them to the "Service Desk Customers" role either via the Service Desk peoples page or the JIRA admin project roles page.
  • This will allow them customer portal access to this project