Hi,
I have a problem where we have several projects in our customer help center, not every customer is supposed to see all projects. We have set the customer access to: "Customers added to this service project only by agents and admins"
Still if you are a customer in one project you have access to all others as well. Even if you are removed as a customer from the one project you still have access. The only way is to remove the users completely from the site.
To hide a project from the help center we've had to remove customer access in the permission scheme, but this obviously makes it impossible for that project to have any customers accessing the project from the portal.
EDIT: after a more thorough search we realised it is only one project where customers still have access even after being removed, they dont have any ticket s in the portel nor are they participant on any issues.
The Browse Project permission may make project details visible to all users in directories and while searching Jira
There’s a known issue when granting a User custom field value, Reporter, Current assignee, or Group custom field value the Browse Project permission. In these cases, a project becomes visible to any logged in user on your Jira site.
The issue is caused by an intentional design in Jira’s backed that couples the Browse Project and View issue permissions. We’re currently working to decouple these permissions.
@Lise Wåsjø could you please check if any User custom field value, Reporter, Current assignee, or Group custom field value added into browse project permission
Yes thats it, thanks!
We do have one user custom field value.
Do you know by when this bug is estimated to be fixed?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Lise Wåsjø Currently the bug is "in progress" status, I would like to share here
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Lise Wåsjø , can you check the global settings for customer access. Here is a guide that may help explain the options - how-global-permissions-affect-project-permissions
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the update Lise. It would be interesting to see if the customer still sees a project if their user is removed from any Reporter or Participant field.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Our global settings are :
So basicly we want only those customers or groups to access specific projects based on which they are added to in the projects themselves. they are mostly internal customers
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That all looks good. Based upon your earlier finding...
is this correct? Assuming so, one theory I have is that if that customer is still assigned as the reporter or a request participant then they may still see the project. I haven't tested this as yet.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
We investigated this even further now and found that it is only in one project in our instance where this happens. We checked the project roles of the individual users and they were not listed as having access to that one project, but they still saw it in the customer portal.
We've submitted a support ticket to Atlassian since we were unable to replicate this issue for any other project.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Also they did not have any tickets in the project, nor were they participants
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @Jack Brickey please find the related JAC
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
After some more research I see that the restriction of access to JSM project does work for new projects. The problem arises when a user has been a customer previously but then been removed from that specific projecct
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
 
 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.