Issue Summary

      Jira service management provides CustomerContextService to run a request as a customer. Insight java API's dont respect customer permission settings when invoked in customer context.

      Steps to Reproduce

      1. Create a new object schema and enable it for customer access.
      2. Invoke Insight API to get object bean in a customer context `objectFacade.getObjectBeanByObjectId(id)` .

      Expected Results

      Correct object is returned

      Actual Results

      PermissionInsightException is thrown instead. Sample log - 

      2020-12-08 16:30:30,825+0100 http-nio-8812-exec-11 ERROR abbey 990x754x1 bgx4ld 0:0:0:0:0:0:0:1 /rest/jsdaction/1.0/jsdaction/validtransition [c.i.j.p.actions.rest.InsightFieldsUtils] Could not load Insight object com.riadalabs.jira.plugins.insight.common.exception.PermissionInsightException: PermissionInsightException: User JIRAUSER10800 didn't have correct permission (view) for object: 24 at com.riadalabs.jira.plugins.insight.services.permission.DefaultInsightPermissionsChecker.checkPermission(DefaultInsightPermissionsChecker.java:79) at com.riadalabs.jira.plugins.insight.services.permission.DefaultInsightPermissionsChecker.checkObjectViewPermission(DefaultInsightPermissionsChecker.java:124) at com.riadalabs.jira.plugins.insight.services.core.ObjectServiceImpl.loadObject(ObjectServiceImpl.java:1304) at com.riadalabs.jira.plugins.insight.channel.external.api.facade.impl.ObjectFacadeImpl.loadObjectBean(ObjectFacadeImpl.java:155)
      

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            [JSDSERVER-8488] Insight Java APIs dont respect customer permisisons

            Has the same issue been resolved?

            hyojun choi added a comment - Has the same issue been resolved?
            Adrian Castillo made changes -
            Remote Link Original: This issue links to "JSDS-10409 (Bulldog)" [ 569951 ] New: This issue links to "JSMDC-10409 (JIRA Server (Bulldog))" [ 569951 ]
            Charlie Marriott made changes -
            Remote Link Original: This issue links to "Page (Confluence)" [ 568446 ]
            Kunal Kanojia made changes -
            Fix Version/s New: Insight 8.8.2 [ 97719 ]
            Kunal Kanojia made changes -
            Resolution New: Fixed [ 1 ]
            Status Original: Waiting for Release [ 12075 ] New: Closed [ 6 ]
            Kunal Kanojia made changes -
            Fix Version/s New: Insight 8.8.0 [ 97710 ]
            Kunal Kanojia made changes -
            Description Original: h3. Issue Summary

            Jira service management provides CustomerContextService to run a request as a customer. Insight java API's dont respect customer permission settings when invoked in customer context.
            h3. Steps to Reproduce
             # Create a new object schema and enable it for customer access.
             # Invoke Insight API to get objeect bean in a customer context `objectFacade.getObjectBeanByObjectId(id)` .

            h3. Expected Results

            Correct object is returned
            h3. Actual Results

            PermissionInsightException is thrown instead. Sample log - 
            {noformat}
            2020-12-08 16:30:30,825+0100 http-nio-8812-exec-11 ERROR abbey 990x754x1 bgx4ld 0:0:0:0:0:0:0:1 /rest/jsdaction/1.0/jsdaction/validtransition [c.i.j.p.actions.rest.InsightFieldsUtils] Could not load Insight object com.riadalabs.jira.plugins.insight.common.exception.PermissionInsightException: PermissionInsightException: User JIRAUSER10800 didn't have correct permission (view) for object: 24 at com.riadalabs.jira.plugins.insight.services.permission.DefaultInsightPermissionsChecker.checkPermission(DefaultInsightPermissionsChecker.java:79) at com.riadalabs.jira.plugins.insight.services.permission.DefaultInsightPermissionsChecker.checkObjectViewPermission(DefaultInsightPermissionsChecker.java:124) at com.riadalabs.jira.plugins.insight.services.core.ObjectServiceImpl.loadObject(ObjectServiceImpl.java:1304) at com.riadalabs.jira.plugins.insight.channel.external.api.facade.impl.ObjectFacadeImpl.loadObjectBean(ObjectFacadeImpl.java:155)
            {noformat}
            h3. Workaround

            Currently there is no known workaround for this behavior. A workaround will be added here when available
            New: h3. Issue Summary

            Jira service management provides CustomerContextService to run a request as a customer. Insight java API's dont respect customer permission settings when invoked in customer context.
            h3. Steps to Reproduce
             # Create a new object schema and enable it for customer access.
             # Invoke Insight API to get object bean in a customer context `objectFacade.getObjectBeanByObjectId(id)` .

            h3. Expected Results

            Correct object is returned
            h3. Actual Results

            PermissionInsightException is thrown instead. Sample log - 
            {noformat}
            2020-12-08 16:30:30,825+0100 http-nio-8812-exec-11 ERROR abbey 990x754x1 bgx4ld 0:0:0:0:0:0:0:1 /rest/jsdaction/1.0/jsdaction/validtransition [c.i.j.p.actions.rest.InsightFieldsUtils] Could not load Insight object com.riadalabs.jira.plugins.insight.common.exception.PermissionInsightException: PermissionInsightException: User JIRAUSER10800 didn't have correct permission (view) for object: 24 at com.riadalabs.jira.plugins.insight.services.permission.DefaultInsightPermissionsChecker.checkPermission(DefaultInsightPermissionsChecker.java:79) at com.riadalabs.jira.plugins.insight.services.permission.DefaultInsightPermissionsChecker.checkObjectViewPermission(DefaultInsightPermissionsChecker.java:124) at com.riadalabs.jira.plugins.insight.services.core.ObjectServiceImpl.loadObject(ObjectServiceImpl.java:1304) at com.riadalabs.jira.plugins.insight.channel.external.api.facade.impl.ObjectFacadeImpl.loadObjectBean(ObjectFacadeImpl.java:155)
            {noformat}
            h3. Workaround

            Currently there is no known workaround for this behavior. A workaround will be added here when available
            Kunal Kanojia made changes -
            Fix Version/s New: 4.19.0 [ 96190 ]
            Kunal Kanojia made changes -
            Status Original: In Progress [ 3 ] New: Waiting for Release [ 12075 ]
            Kunal Kanojia made changes -
            Status Original: Needs Triage [ 10030 ] New: In Progress [ 3 ]

              kkanojia Kunal Kanojia
              kkanojia Kunal Kanojia
              Affected customers:
              0 This affects my team
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: