Set up Issue security for request participants using Automation
Platform Notice: Cloud - This article applies to Atlassian products on the cloud platform.
Summary
When a security level is set for a JSM issue, Request participants cannot view the issue from the customer portal. This KB helps you setup Issue security level to work with the Request participants on JSM issues using Automation.
Diagnosis
When a request participant tries to view an issue with a security level set, they receive an error: "No Access. You do not have permission to view this request."
Cause
"Request participants" field is not available when configuring a security level so we cannot configure Request participants to view these issues. We have a Feature request to provide this functionality:
Note: The ideal solution for this issue is mentioned on that Feature Request. Use the "Service Project Customer - Portal Access" security group instead of an Automation Rule. This article will remain here for posterity, as it is an example of ways to use Automation to solve issues.
Solution
While we wait for this functionality to be available, we can use Automation to achieve the same results.
This requires adding a new multi user picker custom field, this will be included in the security levels configuration. We will then create two automation rules, the first one will copy the Request participants to the multi user picker custom field configured in the security level. This ensures that the request participants are added to the necessary security level and allows them to view these issue on customer portal. However this will not trigger any notifications to the Request participants since there is a security level set. So we will need a second automation rule to send the notifications when a request participant is added.
Configure Security Level
- Create a multi user picker custom field, lets call it Req Participants Copy
- Add this field in all the relevant screens. No need to add it to the Request form
- Add this newly created custom field to the necessary Issue Security levels that should allow request participant to view an issue. Here is an example of one such security level:
First Automation rule: Copy Request Participants
Create an Automation rule that updates the new field Req Participants Copy on any changes made to the Request Participants field.
- Go to Project Settings > Automations
- Click on Create rule
- Select Trigger Field value changed
Field: Request Participants
Change Type: Any changes - Create a new action "Edit issue" Select the custom field Req Participants Copy.
- Click on the 3 dots to copy Request Participants to the new field Req Participants Copy.
- Uncheck the "Add to existing values" box.
- Click on Save and Turn it on
Second Automation rule: Send notification to new participants
The notification for new participants needs to be done through automation, as Jira won't send the customer notifications for request participants when a security level is configured.
After the access is granted in the first automation rule, we need a new automation rule to notify them:
- Go to Project Settings > Automations
- Click on Create rule
- Select a Trigger Field value changed
- Field: Request Participants
- Change Type: Value Added - Add a new branch and select "Advanced branching" to iterate the Request participants list and send emails only to the new added users (whose names are added to the changelog under addedfieldChange.values)
- Smart value: Request Participants
- Variable name: participant- Within that advanced branching, add the following Condition:
- And Action to send email to participant of the above condition matches
- Within that advanced branching, add the following Condition:
- Click on Save and Turn it on
Here is an example of an email sent with this second automation rule:
Contact Atlassian support if you have any questions.