The context

We have a large enterprise installation with hundreds of teams.

It is useful for them to see the activity and details of other teams projects, so we leave the "view" permission active for all authenticated users.

The Problem

But now that we are using Bamboo 5 with Releases may teams are exposing full ear/war and properties files needed for deployments. Anyone who can authenticate to bamboo can also download all applications artifacts, some of which may be sensitive.

The Desire

Another permission level either globally or plan level (or artifact definition level) that would define additional restrictions to view/download artifacts from a build Plan.

This would apply whether viewing the build plan, or trying to push a release from the related deployment project.