[JSDSERVER-6429] When the 'Any logged in user' permission is added to 'Browse Project' permission in a Service Desk project, customer will automatically receive notifications when mentioned in an internal comment.

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 5.11.0, 5.4.10, 5.10.2, 5.12.0
Affects Version/s: 3.15.3, 4.4.1, 4.20.13
Component/s: Customer Notification
Labels:

Support reference count:
7
Symptom Severity:
Severity 3 - Minor
UIS:
0
Bug Fix Policy:
View Atlassian Server bug fix policy

Issue Summary

When the 'Any logged in user' permission is added to 'Browse Project' permission in a Service Desk project, customer will automatically receive notifications when mentioned in an internal comment.

Steps to Reproduce

Test Case1:

Create a Service Desk project.
Head to project settings > Permission Scheme.
Add the 'Application Access' > 'Any logged in user' permission in the 'Browse Project' permission
Head to an issue, then, mention a customer in the ticket.

Test Case 2:

The customer creates the following ticket “SD Test 1”
Head to project settings > Permission Scheme.
Add "Reporter" to the 'Browse Project' permission
The Agent add an Internal Comment and mentioned The customer in the internal comment

Expected Results

Customer will not be receiving any notifications when an internal comment is added.

Actual Results

Customer receives notification when an internal comment is added.

Workaround

For Test Case1:

Remove the 'Any logged in user' permission in the 'Browse Project' permission of project,

For Test Case2:

As a workaround for this, you can use "Service project customer - portal access" and remove the Reporter from Browse permission, then the notification won't be sent when the reporter is mentioned in the internal comment.

is duplicated by

JRASERVER-75543 View all Project: Incorrect reading order

Closed

is related to

JRASERVER-76986 Jira does not publish Issue ID with Mention Event, which downstream affects JSM filtering

Closed

mentioned in: Page Failed to load

Form Name

Patrick Turbett made changes - 26/Jan/2024 4:27 PM

Link

New: This issue is related to ~~JSDSERVER-14864~~ [ ~~JSDSERVER-14864~~ ]

Karol Skwierawski made changes - 05/Oct/2023 3:11 PM

Link

New: This issue is duplicated by ~~JRASERVER-75543~~ [ ~~JRASERVER-75543~~ ]

Security Metrics Bot made changes - 01/Sep/2023 12:26 PM

Labels

Original: non-warranty security security-imported

New: non-warranty resolved-in-vf security security-imported

Satej Mirpagar made changes - 30/Aug/2023 2:41 PM

Resolution		New: Fixed [ 1 ]
Status	Original: Waiting for Release [ 12075 ]	New: Closed [ 6 ]

SET Analytics Bot made changes - 29/Aug/2023 4:02 AM

Support reference count

Original: 6

New: 7

Mingyi Yang made changes - 09/Aug/2023 11:01 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 797982 ]

Sam Xu made changes - 09/Aug/2023 4:34 AM

Fix Version/s		New: 5.12.0 [ 105722 ]
Fix Version/s		New: 5.10.2 [ 105914 ]
Fix Version/s		New: 5.4.10 [ 105719 ]
Fix Version/s		New: 5.11.0 [ 105890 ]

Sam Xu made changes - 09/Aug/2023 4:33 AM

Status

Original: In Progress [ 3 ]

New: Waiting for Release [ 12075 ]

Sam Xu made changes - 09/Aug/2023 4:33 AM

Status

Original: Short Term Backlog [ 12074 ]

New: In Progress [ 3 ]

Sam Xu made changes - 09/Aug/2023 4:33 AM

Assignee

New: Sam Xu [ jxu2@atlassian.com ]

Assignee:: Sam Xu

Reporter:: Putri Nur Dayana Kamarudin (Inactive)

Affected customers:: 4 This affects my team

Watchers:: 9 Start watching this issue

Created:: 20/Jun/2019 8:27 AM

Updated:: 26/Jan/2024 4:27 PM

Resolved:: 30/Aug/2023 2:41 PM

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Issue Links

Forms

Activity

People

Dates

Backbone Issue Sync