Uploaded image for project: 'Jira Service Management Data Center'
  1. Jira Service Management Data Center
  2. JSDSERVER-15024

Creating tickets in the customer portal not allowing the "Security level" field to be blank though the field is set optional

XMLWordPrintable

      Issue Summary

      Creating tickets in the customer portal does not allow the "Security level" field to be blank though the field is set as optional

      This is reproducible on Data Center: (yes) / (no)

      This is working in the 9.6/5.6 versions but not in 9.12

      and it was observed that the default value "None" is not being displayed in the drop-down

      Steps to Reproduce

      1. Create an issue security level and associate it with an ITSM project.
      2. Add the "Security level" field to the JSM project screens.
      3. Add the "Security level" field to request types under the project settings and keep it optional
      4. try creating issues from the customer portal and it doesn't work until we set the "Security Level" with some value

      Expected Results

      The ticket should be created with the "Security level" field to be blank or without any value in the field

      Actual Results

      Ticket creation failing with errors and logs will show:

      2024-03-21 13:04:54,388-0700 http-nio-8082-exec-6 ERROR adminname 784x321x1 1iu68vs xxx.xxx.xxx.xxx,127.0.0.1 /servicedesk/customer/portal/1/create/1234 [c.a.p.i.util.runner.AuthenticationContextUtilImpl] Unexpected error while running action as user 'adminname'
java.lang.NumberFormatException: For input string: ""
at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.base/java.lang.Long.parseLong(Long.java:702)
at java.base/java.lang.Long.valueOf(Long.java:1144)
at com.atlassian.jira.issue.fields.SecurityLevelSystemField.getValueFromParams(SecurityLevelSystemField.java:320)
at com.atlassian.jira.issue.fields.SecurityLevelSystemField.updateIssue(SecurityLevelSystemField.java:430)
at com.atlassian.jira.web.action.issue.IssueCreationHelperBeanImpl.updateIssueFromFieldValuesHolder(IssueCreationHelperBeanImpl.java:145)
at com.atlassian.jira.bc.issue.DefaultIssueService.validateAndCreateIssueFromFields(DefaultIssueService.java:813)
at com.atlassian.jira.bc.issue.DefaultIssueService.validateCreate(DefaultIssueService.java:768)
at com.atlassian.jira.bc.issue.DefaultIssueService.validateCreate(DefaultIssueService.java:225)
at jdk.internal.reflect.GeneratedMethodAccessor2003.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at com.atlassian.plugin.util.ContextClassLoaderSettingInvocationHandler.invoke(ContextClassLoaderSettingInvocationHandler.java:26)
at com.sun.proxy.$Proxy227.validateCreate(Unknown Source)
at jdk.internal.reflect.GeneratedMethodAccessor2003.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)
at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:137)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70)
at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:137)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:241)
at com.sun.proxy.$Proxy4569.validateCreate(Unknown Source)
at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.validateCreateIssueInputParameters(CustomerRequestManagerImpl.java:249)
at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.createValidationResult(CustomerRequestManagerImpl.java:179)
at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.lambda$validateCreateRequest$3(CustomerRequestManagerImpl.java:119)
at com.atlassian.pocketknife.step.EitherStep4.lambda$null$0(EitherStep4.java:29)

      Workaround

      Setting the default security level for an issue security scheme

      You now have the power to select the default security level that will be applied to issues assigned to each security scheme.

      Some things to keep in mind when setting a default security level: 

      • If the reporter of an issue does not have the 'Set Issue Security' permission, the issue will be set to the default security level. 
      • If an issue security scheme doesn't have a default security level, issue security levels will be set to 'None' (anyone can see the issues).
      • If the user has the Set Issue Security' permission but they aren't assigned to the default issue security level and don't update the security level when opening a ticket, the issue won't be set to the default security level. Instead, it'll be set to the security level that this user is assigned to.

      To setup the default security level:

      1. In the upper-right corner of the screen, select Administration  > Issues.
      2. In the sidebar, select ** Issue security schemes to open the Issue security schemes page, which lists all the issue security schemes currently available in your Jira installation.
      3. Select the scheme name, or the Security levels link in the Actions column, to open the Edit issue security levels page.
        1. To set the default security level, locate the appropriate Security level and click Default in the Actions column.
        2. To remove the default security level, click Change default security level to "None" link (near the top of the page

        1. Screenshot 2024-01-04 at 8.50.45 PM.png
          Screenshot 2024-01-04 at 8.50.45 PM.png
          449 kB
        2. Screenshot 2024-01-04 at 8.51.08 PM.png
          Screenshot 2024-01-04 at 8.51.08 PM.png
          227 kB
        3. Screenshot 2024-01-04 at 8.53.14 PM.png
          Screenshot 2024-01-04 at 8.53.14 PM.png
          178 kB
        4. Screenshot 2024-01-04 at 8.53.59 PM.png
          Screenshot 2024-01-04 at 8.53.59 PM.png
          390 kB
        5. Screenshot 2024-01-04 at 8.54.18 PM.png
          Screenshot 2024-01-04 at 8.54.18 PM.png
          185 kB

            [JSDSERVER-15024] Creating tickets in the customer portal not allowing the "Security level" field to be blank though the field is set optional

            Stefano Coletta added a comment -

            I've upgraded to Jira 10.3.1 and JSM 10.3.1.

            The problem still exists.

             

            Stefano Coletta added a comment - I've upgraded to Jira 10.3.1 and JSM 10.3.1. The problem still exists.  

            Stefano Coletta added a comment -

            I'm experiencing the same problem with v5.17.0 so it seems is not completely fixed.

            I've applied a workaround: created a "Public" security level and set this as the default. To hide None from the list of options, I've set the field on the Request type as required.

            It is sub-optimal but at least now it works.

            Stefano Coletta added a comment - I'm experiencing the same problem with v5.17.0 so it seems is not completely fixed. I've applied a workaround: created a "Public" security level and set this as the default. To hide None from the list of options, I've set the field on the Request type as required . It is sub-optimal but at least now it works.
            Marc Dacanay made changes -
            Labels Original: frontend ltsr New: frontend
            Marc Dacanay made changes -
            Labels Original: frontend New: frontend ltsr
            Marc Dacanay made changes -
            Labels New: frontend
            Timur Omelchenko made changes -
            Fix Version/s Original: 5.12.7 [ 107622 ]
            Fix Version/s New: 5.12.8 [ 108111 ]
            Filipi Lima made changes -
            Description Original: h3. Issue Summary

            Creating tickets in the customer portal does not allow the "Security level" field to be blank though the field is set as optional

            This is reproducible on Data Center: (yes) / (no)

            (!) This is working in the 9.6/5.6 versions but not in 9.12

            and it was observed that the default value "None" is not being displayed in the drop-down

            h3. Steps to Reproduce
             # Create an issue security level and associate it with an ITSM project.
             # Add the "Security level" field to the JSM project screens.
             # Add the "Security level" field to request types under the project settings and keep it optional
             # try creating issues from the customer portal and it doesn't work until we set the "Security Level" with some value

            h3. Expected Results

            The ticket should be created with the "Security level" field to be blank or without any value in the field
            h3. Actual Results

            Ticket creation failing with errors.
            h3. Workaround
            h5. Setting the default security level for an issue security scheme

            You now have the power to select the default security level that will be applied to issues assigned to each security scheme.

            Some things to keep in mind when setting a default security level: 
             * If the reporter of an issue does not have the ['Set Issue Security' permission|https://confluence.atlassian.com/adminjiraserver/managing-project-permissions-938847145.html], the issue will be set to the default security level. 
             * If an issue security scheme doesn't have a default security level, issue security levels will be set to 'None' (anyone can see the issues).
             * If the user has the [Set Issue Security' permission|https://confluence.atlassian.com/adminjiraserver/managing-project-permissions-938847145.html] but they aren't assigned to the default issue security level and don't update the security level when opening a ticket, the issue won't be set to the default security level. Instead, it'll be set to the security level that this user is assigned to.

            To setup the default security level:
             # In the upper-right corner of the screen, select *Administration !https://confluence.atlassian.com/adminjiraserver/files/951394526/951394527/1/1527598493234/cog_icon.png|width=18!* > {*}Issues{*}.
             # In the sidebar, select ** *Issue security schemes* to open the Issue security schemes page, which lists all the issue security schemes currently available in your Jira installation.
             # Select the scheme name, or the *Security levels* link in the Actions column, to open the Edit issue security levels page.
             ## To set the default security level, locate the appropriate *Security level* and click *Default* in the Actions column.
             ## To remove the default security level, click *Change default security level to "None"* link (near the top of the page             		New: h3. Issue Summary

            Creating tickets in the customer portal does not allow the "Security level" field to be blank though the field is set as optional

            This is reproducible on Data Center: (yes) / (no)

            (!) This is working in the 9.6/5.6 versions but not in 9.12

            and it was observed that the default value "None" is not being displayed in the drop-down

            h3. Steps to Reproduce
             # Create an issue security level and associate it with an ITSM project.
             # Add the "Security level" field to the JSM project screens.
             # Add the "Security level" field to request types under the project settings and keep it optional
             # try creating issues from the customer portal and it doesn't work until we set the "Security Level" with some value

            h3. Expected Results

            The ticket should be created with the "Security level" field to be blank or without any value in the field
            h3. Actual Results

            Ticket creation failing with errors and logs will show:

            {noformat}
            2024-03-21 13:04:54,388-0700 http-nio-8082-exec-6 ERROR adminname 784x321x1 1iu68vs xxx.xxx.xxx.xxx,127.0.0.1 /servicedesk/customer/portal/1/create/1234 [c.a.p.i.util.runner.AuthenticationContextUtilImpl] Unexpected error while running action as user 'adminname'
            java.lang.NumberFormatException: For input string: ""
            at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
            at java.base/java.lang.Long.parseLong(Long.java:702)
            at java.base/java.lang.Long.valueOf(Long.java:1144)
            at com.atlassian.jira.issue.fields.SecurityLevelSystemField.getValueFromParams(SecurityLevelSystemField.java:320)
            at com.atlassian.jira.issue.fields.SecurityLevelSystemField.updateIssue(SecurityLevelSystemField.java:430)
            at com.atlassian.jira.web.action.issue.IssueCreationHelperBeanImpl.updateIssueFromFieldValuesHolder(IssueCreationHelperBeanImpl.java:145)
            at com.atlassian.jira.bc.issue.DefaultIssueService.validateAndCreateIssueFromFields(DefaultIssueService.java:813)
            at com.atlassian.jira.bc.issue.DefaultIssueService.validateCreate(DefaultIssueService.java:768)
            at com.atlassian.jira.bc.issue.DefaultIssueService.validateCreate(DefaultIssueService.java:225)
            at jdk.internal.reflect.GeneratedMethodAccessor2003.invoke(Unknown Source)
            at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
            at java.base/java.lang.reflect.Method.invoke(Method.java:566)
            at com.atlassian.plugin.util.ContextClassLoaderSettingInvocationHandler.invoke(ContextClassLoaderSettingInvocationHandler.java:26)
            at com.sun.proxy.$Proxy227.validateCreate(Unknown Source)
            at jdk.internal.reflect.GeneratedMethodAccessor2003.invoke(Unknown Source)
            at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
            at java.base/java.lang.reflect.Method.invoke(Method.java:566)
            at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
            at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)
            at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)
            at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
            at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:137)
            at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124)
            at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
            at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70)
            at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53)
            at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
            at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)
            at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
            at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:137)
            at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124)
            at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
            at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:241)
            at com.sun.proxy.$Proxy4569.validateCreate(Unknown Source)
            at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.validateCreateIssueInputParameters(CustomerRequestManagerImpl.java:249)
            at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.createValidationResult(CustomerRequestManagerImpl.java:179)
            at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.lambda$validateCreateRequest$3(CustomerRequestManagerImpl.java:119)
            at com.atlassian.pocketknife.step.EitherStep4.lambda$null$0(EitherStep4.java:29)
            {noformat}

            h3. Workaround
            h5. Setting the default security level for an issue security scheme

            You now have the power to select the default security level that will be applied to issues assigned to each security scheme.

            Some things to keep in mind when setting a default security level: 
             * If the reporter of an issue does not have the ['Set Issue Security' permission|https://confluence.atlassian.com/adminjiraserver/managing-project-permissions-938847145.html], the issue will be set to the default security level. 
             * If an issue security scheme doesn't have a default security level, issue security levels will be set to 'None' (anyone can see the issues).
             * If the user has the [Set Issue Security' permission|https://confluence.atlassian.com/adminjiraserver/managing-project-permissions-938847145.html] but they aren't assigned to the default issue security level and don't update the security level when opening a ticket, the issue won't be set to the default security level. Instead, it'll be set to the security level that this user is assigned to.

            To setup the default security level:
             # In the upper-right corner of the screen, select *Administration !https://confluence.atlassian.com/adminjiraserver/files/951394526/951394527/1/1527598493234/cog_icon.png|width=18!* > {*}Issues{*}.
             # In the sidebar, select ** *Issue security schemes* to open the Issue security schemes page, which lists all the issue security schemes currently available in your Jira installation.
             # Select the scheme name, or the *Security levels* link in the Actions column, to open the Edit issue security levels page.
             ## To set the default security level, locate the appropriate *Security level* and click *Default* in the Actions column.
             ## To remove the default security level, click *Change default security level to "None"* link (near the top of the page
            Benjamin Suess made changes -
            Fix Version/s New: 5.12.7 [ 107622 ]

            David Yu added a comment -

            This bug is such a pain I decided to see if I could hack some javascript with ScriptRunner Behaviours to alleviate the issue (using context customerportal):

            Basically if the value is blank for security level, set it to -1 which is what the regular Create form does when you leave it unset.

            document.addEventListener('DOMNodeInserted', function() {
    var securityInput = document.querySelector('input[name="security"]');
    if (securityInput != null && securityInput.value === "") {
            securityInput.value = "-1";
    }
});

            David Yu added a comment - This bug is such a pain I decided to see if I could hack some javascript with ScriptRunner Behaviours to alleviate the issue (using context customerportal): Basically if the value is blank for security level, set it to -1 which is what the regular Create form does when you leave it unset. document.addEventListener( 'DOMNodeInserted' , function() { var securityInput = document.querySelector( 'input[name= "security" ]' ); if (securityInput != null && securityInput.value === "") { securityInput.value = "-1" ; } });

            anja.sandadi added a comment -

            Hi Atlassian, Any update on my previous comment? I don't think fixed version 5.14.0 is LTS version and Any idea when we can expect a fix for LTS ?

            anja.sandadi added a comment - Hi Atlassian, Any update on my previous comment? I don't think fixed version 5.14.0 is LTS version and Any idea when we can expect a fix for LTS ?

              c8bcca445054 Benjamin Suess
              dgedda@atlassian.com Devisree Gedda
              Affected customers:
              1 This affects my team
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: