-
Type:
Suggestion
-
Resolution: Fixed
-
Component/s: Permissions, Projects
-
1
-
7
Starting with Bamboo 6.2, Bamboo adds the project menu, which exposes a list of all projects, including projects the user has no access to.
This is a cause for concern in multi-tenant setups where users should not see projects they don't have access to because it would potentially expose confidential information, such as the names of other customers or their projects.
From a usability perspective it's also questionable why a user would be displayed the list of all projects if they don't have access to them - this seems to have little value to the user
Workaround
- Navigate to Administration >> Add-ons >> Manage apps
- Select "All apps" to list all the apps
- Click on System apps >> Atlassian Bamboo Web Resources Plugin >> 98 of 98 modules enabled
- Disable either page-projects or feature-projects-table module
This will make the All Project list to be empty - Click on Bamboo Global Header >> 39 of 39 modules enabled
- Disable Projects (project) module
This will make Project menu disappear
- duplicates
-
BAM-20037 All projects visible regardless of user permission
-
- Closed
-
- is duplicated by
-
- Closed
- is incorporated by
-
- Future Consideration
- is cloned as
-
BDEV-15286 Loading...
- mentioned in
-
-
-
-
-
-
-
-
-