Uploaded image for project: 'Atlassian Intelligence'
  1. Atlassian Intelligence
  2. AI-992

Impersonating a user returns results the user has no permissions to see

XMLWordPrintable

    • 3
    • Severity 3 - Minor

      Issue Summary

      When support and admins have been impersonating users in their instance - this is not being correctly propagated through search. So understandably, they are not able to reproduce issues with other users or correctly retrieve the appropriate results for the impersonated user

      Steps to Reproduce

      1. Impersonate the user through the admin UI
      2. Execute an advanced search for results that the impersonated user does not have permissions to

      Expected Results

      The search should NOT return the results the impersonated user does not have permissions to.

      Actual Results

      The search does return those results since the actual original user (not the impersonated user) has permissions to see it. 
      Clicking on the page returned won't show the page content though.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

              Unassigned Unassigned
              jhonda@atlassian.com Jessica
              Votes:
              4 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: