Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-19612

As an Administrator I do not want Bamboo to expose the list of all projects to all users

XMLWordPrintable

    • 1
    • 7

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Starting with Bamboo 6.2, Bamboo adds the project menu, which exposes a list of all projects, including projects the user has no access to.

      This is a cause for concern in multi-tenant setups where users should not see projects they don't have access to because it would potentially expose confidential information, such as the names of other customers or their projects.

      From a usability perspective it's also questionable why a user would be displayed the list of all projects if they don't have access to them - this seems to have little value to the user

      Workaround

      1. Navigate to Administration >> Add-ons >> Manage apps
      2. Select "All apps" to list all the apps
      3. Click on System apps >> Atlassian Bamboo Web Resources Plugin >> 98 of 98 modules enabled
      4. Disable either page-projects or feature-projects-table module
        This will make the All Project list to be empty
      5. Click on Bamboo Global Header >> 39 of 39 modules enabled
      6. Disable Projects (project) module
        This will make Project menu disappear

              achystoprudov Alexey Chystoprudov
              cglockner Christian Glockner
              Votes:
              25 Vote for this issue
              Watchers:
              25 Start watching this issue

                Created:
                Updated:
                Resolved: