Uploaded image for project: 'Atlassian Product Integrations'
  1. Atlassian Product Integrations
  2. API-580

Disable previews for issues with the security level

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • Jira Cloud for Slack
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Actual behavior: When a link to an issue with a security level assigned is posted to a channel by a user that has access to the issue, it is unfurled exposing issue details to all channel members, while some of them may have no access to the issue in Jira. If the user doesn’t have access to the issue - it isn’t unfurled.

      Suggestion:

      The app should stop sending unfurls for all issues that have any security level assigned or the preview shouldn't be available for the users that don't have access to the issue.
      Add the ability to disable previews for issues with the security level.

            [API-580] Disable previews for issues with the security level

            Johan W added a comment -

            We're affected by this. It's so easy for a user to unintentionally paste a link in the wrong place and reveal data to others that shouldn't see this.

            Johan W added a comment - We're affected by this. It's so easy for a user to unintentionally paste a link in the wrong place and reveal data to others that shouldn't see this.
            Tulsi made changes -
            Description Original: *Actual behavior:* When a link to an issue with a security level assigned is posted to a channel by a user that has access to the issue, it *is unfurled* exposing issue details to all channel members, while some of them may have no access to the issue in Jira. If the user doesn’t have access to the issue - it {*}isn’t unfurled{*}.

            *Suggestion:*

            The app should stop sending unfurls for all issues that have any security level assigned or the preview shouldn't be available for the users that don't have access to the issue.             		New: *Actual behavior:* When a link to an issue with a security level assigned is posted to a channel by a user that has access to the issue, it *is unfurled* exposing issue details to all channel members, while some of them may have no access to the issue in Jira. If the user doesn’t have access to the issue - it {*}isn’t unfurled{*}.

            *Suggestion:*

            The app should stop sending unfurls for all issues that have any security level assigned or the preview shouldn't be available for the users that don't have access to the issue.
            Add the ability to disable previews for issues with the security level.
            Tulsi made changes -
            Summary Original: Jira cloud app to check the Issue security before unfurling the issue link posted in the channel New: Disable previews for issues with the security level
            Tulsi created issue -

              Unassigned Unassigned
              a82fc827eb8d Tulsi
              Votes:
              2 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: