I’m working on a plugin for JSD Server that needs some server-side logic.
When I’m logged in as the customer, I can see a number of requests in the portal, as well as via the /servicedeskapi/request endpoint. Sanity check passed.
Now, I have a server resource talking to ServiceDeskCustomerRequestService (and other services). To my surprise, it does not return any issues for this customer at all.
@GET
@Path("/my-requests")
public Object getMyRequests() throws SearchException {
ApplicationUser user = authenticationContext.getLoggedInUser();
Either<AnError, PagedResponse<CustomerRequest>> requests = serviceDeskCustomerRequestService
.getCustomerRequests(
user,
serviceDeskCustomerRequestService.newQueryBuilder()
.requestOwnership(CustomerRequestQuery.REQUEST_OWNERSHIP.ALL_REQUESTS)
.requestStatus(CustomerRequestQuery.REQUEST_STATUS.ALL_REQUESTS)
.build()
);
// ...
}
After some investigation, I see that under the hood it’s calling the core SearchService as my customer user. Even though my project grants the “Browse Projects” permission to “Service desk customer - portal access”, I suspect that this SearchService call is failing because somehow the “portal context” is lost and it’s treated as regular search by unprivileged user.
Am I doing something wrong? How do you use the ServiceDeskCustomerRequestService in Java API as a customer? Are the customers limited to Cloud API?