Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Medium
Component/s: Search - Quick Search
Labels:
- RIBS-SHORT

Support reference count:
1
Symptom Severity:
Major
Affected Products:

Confluence

Issue Summary

When the org admin and/or Support logs in as/impersonates a certain user and conducts a search in Confluence, the returned results are not reflective of that impersonated user's perms and access.

Steps to Reproduce

Log in as a user through the instance's admin UI.
Once logged into Confluence as the impersonated user, conduct a quick search or advanced search on information that the impersonated user does not have access to.
Observe that the returned results include information normally restricted from the impersonated user.

Expected Results

The search should not return information that the impersonated user does not have access to.

Actual Results

The search returns information normally not included in the impersonated user's access/permissions.

Workaround

Currently there is no known workaround for this behavior. A workaround will be added here when available.

is duplicated by

CONFCLOUD-82523 During User Impersonation - impersonated account can access advanced search results that include pages they should not have permission to view.

Gathering Impact

relates to

AI-992 Impersonating a user returns results the user has no permissions to see

Gathering Impact

Assignee:: Richard Washer

Reporter:: Matt Hansen [Atlassian Support]

Votes:: 1 Vote for this issue

Watchers:: 9 Start watching this issue

Due:: 27/Feb/2025

Created:: 30/Jan/2025 10:51 PM

Updated:: 28/Aug/2025 1:38 PM

Resolved:: 10/Mar/2025 3:58 AM

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Issue Links

Forms

Activity

People

Dates