Profile Security

Owned by Ryan Clifton
Last updated: Dec 08, 2023
3 min read

Summary

This section allows you customise who can comment on issues and the Issue security level that should be applied by default.

 

Configuration options

Privileged User

In order to perform some low level operations, normally done under a human user context, a user with sufficient privilege to perform that action is required. This field specifies that user, which defaults to the person who created the Profile.

Places where Privileged User is required:

  • Issue Commenting - used to perform a search and locate the existing issue.

  • JQL Thread Match Rejection - used to perform custom JQL query searches on existing issues to validate commenting

  • Regex Field Processor - used for issue association. In order to perform a search and locate the existing issue.

  • Email Participant Processing - in order to add the sender and email addressees to the request participants field.

  • Sender Processing - in order to add the sender who is a member of the organization as a request participant.

  • Issue Security - in order to retrieve security levels and set issue security on an issue.

  • Project Mapping - in order to add a group to a given project role.

  • Project Mapping - in order to set Epic Link custom field with the value.

  • User - in order to auto-create new Jira users and create Groups, typically auto-joining users to them.

Strict JIRA permissions

By default JEMH will enforce strict JIRA permissions regarding updates. This means that any issue operation must pass valid authorisation (i.e., auto adding watchers requires EDIT_ISSUE). Disabling Strict permissions reduces some of these rules.

Allow Anonymous Commenting

Allows anyone who uses the issue key in the email subject to comment on a issue.

Default reporter overrides derived

If enabled, will always use the Default Reporter in the User section. This could be used to ensure users are not created.

Use email sender for security checks

A convenience feature, for example, an project lead wants to forward a user email into JIRA for issue creation, the project lead has permission in the project, but the user the email belongs to and who is being nominated as @reporter does not (perhaps STRICT security is enabled). With this enabled, JEMH will run under the senders associated JIRA user account for the purposes of security checks.

Treat Unprivileged users as non-Jira

This will treat users with no issue permission or right to use as a “email user” with the reporter being the “default reporter”.

Within JEMH 4.1.27 this has been changed to “Flexible Reporter” with some additional features. See the following page for more info:

Issue Security

Issue security level

If set, will apply a default issue security level to all created issues, applying some basic security by default.

Issue Visibility

Comment Level Security for groups

Enables matching of groups for security level checks.

Comment Visibility

Selects a project role or group. Naturally, these must be valid for whatever project an issue resolves to.

Comment Visibility Optional

This will set the comment as non-restricted when the commenter does not have the group or role set in Comment Visibility.

Jira Service Desk

External Customer Comments Enabled

This will allow customers to comment on an issue even if they are not an issue participant

Related Pages