Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-19128

Recently Updated - Shows Blogs when it should not

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Medium Medium
    • None
    • None
    • None

      Recently Updated or Recently Update Dashboard will display Blog updates even though Space Admin permissions are set to No access to Add or Remove blog. And the Space Home page is also set to View Restrictions. This seems to be a bug that would allow access to blogs when you are trying to lock them down.

      Ideally, Atlassian should consider applying the Page View & Edit Restriction concept to blogs. Similar to CONF-5332 issue, you should be able to set access to certain blogs only. For instance, I have a HR space. We blog all our corporate events and important HR news. However,my HR team cannot post anything that they don't want everyone in the company to see.

      Even if we live within the current security model, we still have the bug with Recent Update list that allow non-approved users access to blog postings.

      I listed as major since any security/permission bug could be very costly to a company.

              Unassigned Unassigned
              5efcee5eeed0 Stephanie Gallert
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: