/* @font-face { font-family: "TT Norms"; src: url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Regular.woff2") format("woff2"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Regular.woff") format("woff"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Regular.otf") format("opentype"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Regular.ttf") format("truetype"); font-weight: 400; font-style: normal; font-display: swap; } @font-face { font-family: "TT Norms"; src: url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Italic.woff2") format("woff2"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Italic.woff") format("woff"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Italic.otf") format("opentype"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Italic.ttf") format("truetype"); font-weight: 400; font-style: italic; font-display: swap; } @font-face { font-family: "TT Norms"; src: url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium.woff2") format("woff2"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium.woff") format("woff"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium.otf") format("opentype"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium.ttf") format("truetype"); font-weight: 500; font-style: normal; font-display: swap; } @font-face { font-family: "TT Norms"; src: url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium_Italic.woff2") format("woff2"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium_Italic.woff") format("woff"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium_Italic.otf") format("opentype"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_Medium_Italic.ttf") format("truetype"); font-weight: 500; font-style: italic; font-display: swap; } @font-face { font-family: "TT Norms"; src: url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold.woff2") format("woff2"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold.woff") format("woff"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold.otf") format("opentype"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold.ttf") format("truetype"); font-weight: 600; font-style: normal; font-display: swap; } @font-face { font-family: "TT Norms"; src: url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold_Italic.woff2") format("woff2"),url("//www.santa-greenland.com/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold_Italic.woff") format("woff"),url("/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold_Italic.otf") format("opentype"),url("/themes/custom/valinor/css/fonts/TT%20Norms/TT_Norms_Pro_DemiBold_Italic.ttf") format("truetype"); font-weight: 600; font-style: italic; font-display: swap; } */ .footer { font-size: 16px; } .footer, .footer a, .footer li, .footer .copyright { font-family: "TT Norms",Helvetica,Arial,sans-serif; } .footer .page-headline__logo,hotsheet .footer .page-headline__logo,engage .footer .page-headline__logo{ margin:0 0 2rem 0; max-width: 150px; } .footer .copyright,hotsheet .footer .copyright,engage .footer .copyright{ font-weight:400; font-stretch:normal; color:#455264; max-width:82ch; font-size: 0.875em; line-height: 1.3575; letter-spacing:0; margin:0 0 2rem 0; } @media screen and (min-width:85.375em){ .footer .copyright,hotsheet .footer .copyright,engage .footer .copyright{ line-height:1.3125; } } .footer .footer_app-downloads,hotsheet .footer .footer_app-downloads,engage .footer .footer_app-downloads{ display:none; } .footer .footer_app-downloads a,hotsheet .footer .footer_app-downloads a,engage .footer .footer_app-downloads a{ width:7.5em; } .footer .footer_app-downloads a img,hotsheet .footer .footer_app-downloads a img,engage .footer .footer_app-downloads a img{ width:100%; } .footer-list,hotsheet .footer-list,engage .footer-list{ list-style:none; font-stretch:normal; color:var(--headlineColor); max-width: 75ch; font-size: 1em; font-size: clamp(1em,0.5944rem + 0.5495vw,1.125em); line-height: 1.3125; letter-spacing: 0; font-weight:600; padding:0; margin:0; display:flex; flex-direction:row; flex-wrap:wrap; align-items:center; justify-content:center; width:100%; } @media print{ .footer-list,hotsheet .footer-list,engage .footer-list{ font-size:10pt; line-height:13pt; } } @media screen and (min-width:31.25em){ .footer-list,hotsheet .footer-list,engage .footer-list{ max-width:100ch; } } .footer-list .footer-list__item,hotsheet .footer-list .footer-list__item,engage .footer-list .footer-list__item{ text-transform:uppercase; padding:0 2rem 1.5rem 2rem; } .footer-list .footer-list__item a,hotsheet .footer-list .footer-list__item a,engage .footer-list .footer-list__item a{ width:100%; height:100%; text-decoration:none; display:inline-block; color:#212936; position:relative; } @media (hover:hover){ .footer-list .footer-list__item a:before,hotsheet .footer-list .footer-list__item a:before,engage .footer-list .footer-list__item a:before{ content:""; position:absolute; width:0; height:0.125em; bottom:0; left:0; background-color:#2a75d1; transition:width 0.3s ease; } } .footer-list .footer-list__item a:before,hotsheet .footer-list .footer-list__item a:before,engage .footer-list .footer-list__item a:before{ bottom:-0.125em; } @media (hover:hover){ .footer-list .footer-list__item a:hover:before,.footer-list .footer-list__item a.active:before,.footer-list .footer-list__item a.is-active:before,.footer-list .footer-list__item a.js-is-actve:before,hotsheet .footer-list .footer-list__item a:hover:before,hotsheet .footer-list .footer-list__item a.active:before,hotsheet .footer-list .footer-list__item a.is-active:before,hotsheet .footer-list .footer-list__item a.js-is-actve:before,engage .footer-list .footer-list__item a:hover:before,engage .footer-list .footer-list__item a.active:before,engage .footer-list .footer-list__item a.is-active:before,engage .footer-list .footer-list__item a.js-is-actve:before{ width:100%; right:0; z-index:1; } } @media screen and (max-width:31.25em){ .footer-list .footer-list__item a,hotsheet .footer-list .footer-list__item a,engage .footer-list .footer-list__item a{ word-wrap:break-word; } } .footer-list .footer-list__item a:hover,hotsheet .footer-list .footer-list__item a:hover,engage .footer-list .footer-list__item a:hover{ text-decoration:none; color:#2a75d1; } .footer, .hotsheet .footer, .engage .footer { flex-direction: column; align-items: center; justify-content: flex-start; } .footer, .hotsheet .footer, .engage .footer, .view-academy-schedule, .hotsheet .view-academy-schedule, .engage .view-academy-schedule, .views-exposed-form, .hotsheet .views-exposed-form, .engage .views-exposed-form, .breadcrumb-container, .hotsheet .breadcrumb-container, .engage .breadcrumb-container, .organism { display: flex; flex-direction: column; flex-wrap: wrap; width: 100%; padding: 4rem 0; } .footer-list, .hotsheet .footer-list, .engage .footer-list { max-width: 900px; font-size: 1.06em; min-width: 25ch; list-style: none; font-stretch: normal; letter-spacing: 0; line-height: 1.333; color: var(--headlineColor); font-family: "robotobold",Helvetica,Arial,sans-serif; padding: 0 calc(1.1713vw*2) calc(1.1713vw*1.5) calc(1.1713vw*2); margin: 0; display: flex; flex-direction: row; flex-wrap: wrap; align-items: center; justify-content: center; width: 100%; } .Footer{ background:#FFFFFF; color:#555a62; font-size:1em; line-height:1.5em; padding:18px 0 } .Footer a{ color:#2a75d1 } .Footer a:hover{ color:#2362af } .Footer .row{ display:-webkit-box; display:-ms-flexbox; display:flex; -ms-flex-wrap:wrap; flex-wrap:wrap; -webkit-box-pack:justify; -ms-flex-pack:justify; justify-content:space-between; -webkit-box-align:center; -ms-flex-align:center; align-items:center; margin:-3px } .Footer .col{ padding:0 3px } .Footer .col-copyRight{ -webkit-box-pack:start; -ms-flex-pack:start; justify-content:flex-start } .Footer .col-logo{ -webkit-box-pack:end; -ms-flex-pack:end; justify-content:flex-end } .Footer .col-copyRight,.Footer .col-logo{ -webkit-box-flex:1; -ms-flex:1; flex:1; display:-webkit-box; display:-ms-flexbox; display:flex } .Vanilla-logo{ width:120px; height:28px; opacity:.6 } @media screen and (max-width:768px){ .Footer .col{ width:100%; text-align:center; margin:6px 0 } .Footer .col:first-child{ margin-top:0 } .Footer .col:last-child{ margin-bottom:0 } .Footer .col-copyRight,.Footer .col-logo{ -webkit-box-pack:center; -ms-flex-pack:center; justify-content:center } .Vanilla-logo{ margin:0 auto } } @media (max-width:31.188em){ .footer { display: flex; flex-direction: column; flex-wrap: wrap; width: auto; padding: 0rem 2rem 4rem; } .footer .copyright,hotsheet .footer .copyright,engage .footer .copyright{ margin:var(--lg) 0; text-align:center; max-width:38ch; z-index:0 } .footer .footer_app-downloads,hotsheet .footer .footer_app-downloads,engage .footer .footer_app-downloads{ margin:2rem 0; } .footer .footer_app-downloads,.footer .footer_app-downloads > div,hotsheet .footer .footer_app-downloads,hotsheet .footer .footer_app-downloads > div,engage .footer .footer_app-downloads,engage .footer .footer_app-downloads > div{ display:flex; flex-direction:row; justify-content:space-evenly; width:100%; z-index: 0 } .footer__social-section.icons{ z-index:0; padding-top: 1em; } .footer-list,hotsheet .footer-list,engage .footer-list{ padding:0; display:grid; grid-template-columns:1fr 1fr; grid-gap:0 1.5em; } .footer-list .footer-list__item,hotsheet .footer-list .footer-list__item,engage .footer-list .footer-list__item{ text-align:center; margin:1rem 0; min-width:0; padding:0; } .footer-list .footer-list__item a,hotsheet .footer-list .footer-list__item a,engage .footer-list .footer-list__item a{ display:inline; } .social-media-icon,hotsheet .social-media-icon,engage .social-media-icon{ margin:0 0.25em; } } .social-media-icon,hotsheet .social-media-icon,engage .social-media-icon { opacity: 1; font-size: 1.2em; line-height: 1.5; text-align: center; color: white; width: 2em; height: 2em; cursor: pointer; background: #003059; margin-right: 0.5em; padding: 0.5rem; border-radius: 100%; margin-bottom: 0; display: inline-flex; justify-content: center; vertical-align: baseline; } .social-media-icon:hover,hotsheet .social-media-icon:hover,engage .social-media-icon:hover{ text-decoration:none; opacity:0.8; } span.visually-hidden { position: absolute !important; height: 0.063em; width: 0.063em; overflow: hidden; } .social-media-icon-group .social-media-icon,body.hotsheet .social-media-icon-group .social-media-icon,body.engage .social-media-icon-group .social-media-icon{ font-family:"FontAwesome"; font-size: 12px; } .social-media-icon-group .social-media-icon.fa-facebook-f,body.hotsheet .social-media-icon-group .social-media-icon.fa-facebook-f,body.engage .social-media-icon-group .social-media-icon.fa-facebook-f{ background:#3b5998; } .social-media-icon-group .social-media-icon.fa-twitter,body.hotsheet .social-media-icon-group .social-media-icon.fa-twitter,body.engage .social-media-icon-group .social-media-icon.fa-twitter{ background:#55acee; } .social-media-icon-group .social-media-icon.fa_linkedin,body.hotsheet .social-media-icon-group .social-media-icon.fa_linkedin,body.engage .social-media-icon-group .social-media-icon.fa_linkedin{ background:#007ab9; } .social-media-icon-group .social-media-icon.fa-instagram,body.hotsheet .social-media-icon-group .social-media-icon.fa-instagram,body.engage .social-media-icon-group .social-media-icon.fa-instagram{ background:#ec176c; } .social-media-icon-group .social-media-icon.fa-envelope,body.hotsheet .social-media-icon-group .social-media-icon.fa-envelope,body.engage .social-media-icon-group .social-media-icon.fa-envelope{ background:#d44638; } .social-media-icon-group .social-media-icon.fa-rss,body.hotsheet .social-media-icon-group .social-media-icon.fa-rss,body.engage .social-media-icon-group .social-media-icon.fa-rss{ background:#ee802f; } .social-media-icon-group #youtube-img,body.hotsheet .social-media-icon-group #youtube-img,body.engage .social-media-icon-group #youtube-img{ background:#fd2a00; vertical-align:top; padding:0; } .social-media-icon svg, .hotsheet .social-media-icon svg, .engage .social-media-icon svg { height: 1.25rem; width: 1.25rem; font-size: 1.2em; display: flex; fill: white; box-sizing: border-box; } /* .SocialIcon .Text { color : #FFF !important; } */ @media screen and (max-width: 815px) { #page #titleBar .searchbox button.coveoSearchButton { padding-left: 0.75em !important; } }

Sign in to submit new ideas and vote

Get Started

Jira Connector - Security Risk with Bi-Directional and Manual Push workflow options

Jeanne Howe ✭

01/20/23 inSmartsheet Product Feedback & Ideas

When a bi-directional or manual push workflow is created in the Jira Connector the connector does not respect Jira licensing or permissions. The connector only verifies the user creating the workflow and, when run against a smartsheet, the smartsheetownerhas Jira access.

This creates a very large security risk and a corrupted audit trail. With this connector, smartsheet userswithout a Jira license能够更新和修改Jira蜱虫ets and data.

Example 1:

I create a smartsheet and set up a bi-directional workflow connector. Along with my smartsheet access, I have a Jira licenses and permissions within the project the smartsheet is referencing.

I then grant edit access to my smartsheet to Jane. Jane has access to my smartsheetbut does not have a Jira license and does not have any permissions within Jira.

Jane updates the data in the smartsheet.

The connector updates all changes made by Jane against the Jira tickets,despite the fact thatJane does not have a Jira license or any permissions within Jira

Example 2:

I create a smartsheet and set up a bi-directional workflow connector. Along with my smartsheet access, I have a Jira licenses and permissions within the project the smartsheet is referencing.

I then grant edit access to my smartsheet to John. John has access to smartsheet. John has a Jira license but, John does not have any permissions within Jira project the smartsheet is referencing.

John updates the data in the smartsheet.

The connector updates all changes made by John in the Jira tickets,despite the fact thatJohn does not have any permissions within the Jira project to update tickets.

This also leads to a corrupt audit trail as allupdates via the Jira Connector come into Jira under the user name of the person who owns the smartsheet andnot the actual editor of the data.

There are two ways to mitigate this issue:

Smartsheet updates the Jira Connector to verify the usereditingthe smartsheet has Jira access and Jira project permissions
Smartsheet updates the Jira Connector to allow admins todisablethe Bi-Directional and Manual Push workflow options.

Tags:

2 votes

Idea Submitted·Last Updated01/20/23

FAQs and Guidelines for posting Product Feedback Ideas
Hi Community, Welcome to the Product Feedback and Ideas space where you can help shape the future of Smartsheet! We really appreciate your feedback and will take all posts into consideration. Our product team will review top ideas and requests monthly and we'll share updates as soon as we get them. Remember: if you have a…

Trending Ideas

Control Center Automation Ability to Trigger Document Sets Specific to Project Category
We would like the ability for Control Center automation to be configurable to trigger different document sets based on the category selected in the project intake sheet. For instance, if the new project request is Category 1, we would like to trigger a set of reports and sheets specific to Category 1. If the new project…
Clear buffer on a form after use
Avoid the form from saving your information when clicking a field.
Conditional formatting OR option
Please create an OR option for conditional formatting. I have a list of 50 numbers, and I need to highlight if any of them exist in a specific cell. Without an OR option, I have to make 50 rules to accomplish this. Frustrating!

Sign in to submit new ideas and vote

Jira Connector - Security Risk with Bi-Directional and Manual Push workflow options

Idea Submitted·Last Updated01/20/23

Categories