Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-43399

Allow the ability to deactivate the All Updates tab

XMLWordPrintable

    • 5
    • 30
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Problem Definition

      Site administrators cannot disable the All Updates or Popular tabs that appear on the dashboard.

      Suggested Solution

      Provide the ability to disable this functionality in the General Configuration section.

      Workaround

            [CONFSERVER-43399] Allow the ability to deactivate the All Updates tab

            Vikki Taylor added a comment -

            Yes, We need this too please!

            Vikki Taylor added a comment - Yes, We need this too please!

            Michael Woffenden added a comment -

            We need this urgently! 

            Michael Woffenden added a comment - We need this urgently! 

            Marius Mayer added a comment -

            Thats true, this bug leaks our employees first name, last names and usernames alongside with what they did when.

            But let's wait a while until Atlassian finished "GATHERING INTEREST" before the consider fixing it

            Marius Mayer added a comment - Thats true, this bug leaks our employees first name, last names and usernames alongside with what they did when. But let's wait a while until Atlassian finished "GATHERING INTEREST" before the consider fixing it

            Frank Fischer added a comment -

            May I add to @Dorte's comment that this is not only in violation of the GDPR but a privacy and securiy breach in general: Access to content in seperate spaces has to be strictly controlled based on the configured space permissions.

            To be a bit polemic: Who needs log4shell if you have a security hole like this. I can't understand this has not been adressed asap.

            Frank Fischer added a comment - May I add to @Dorte's comment that this is not only in violation of the GDPR but a privacy and securiy breach in general: Access to content in seperate spaces has to be strictly controlled based on the configured space permissions. To be a bit polemic: Who needs log4shell if you have a security hole like this. I can't understand this has not been adressed asap.

            Dorte Jacobsen added a comment - - edited

            We use restricted access (view only) and have defined a Viewport (using Scroll Viewport) to control what external users can see. But users can just modify the URL slightly and get to see the dashboard with "All updates". 

            It's a serious issue for us that user names and emails are visible and that this cannot be controlled.

            Without having investigated this in detail, I assume this might actually be in violation of the EU General Data Protection Regulation (GDPR) which we have to comply with as a company.

            I realize that Confluence started as a collaboration tool but many are now using it to create technical documentation so it's not longer "just" an internal tool. 

            Please consider a configuration option to hide personal information from the dashboard.

            Dorte Jacobsen added a comment - - edited We use restricted access (view only) and have defined a Viewport (using Scroll Viewport) to control what external users can see. But users can just modify the URL slightly and get to see the dashboard with "All updates".  It's a serious issue for us that user names and emails are visible and that this cannot be controlled. Without having investigated this in detail, I assume this might actually be in violation of the EU General Data Protection Regulation (GDPR) which we have to comply with as a company. I realize that Confluence started as a collaboration tool but many are now using it to create technical documentation so it's not longer "just" an internal tool.  Please consider a configuration option to hide personal information from the dashboard.

            Yves Martin added a comment -

            For any adventurer, I have successfully applied edition of confluence-dashboard-17.3.1.jar files js/confluence-dashboard.js (for reference) and so js/confluence-dashboard-min.js (for execution)

            • Removal of "all-updates" from DISCOVERY variable.
            • Replacement var DEFAULT_PAGE = 'recently-worked';

            And upload app for replacement. First tests are OK.

            Yves Martin added a comment - For any adventurer, I have successfully applied edition of confluence-dashboard-17.3.1.jar files js/confluence-dashboard.js (for reference) and so js/confluence-dashboard-min.js (for execution) Removal of "all-updates" from DISCOVERY variable. Replacement var DEFAULT_PAGE = 'recently-worked'; And upload app for replacement. First tests are OK.

            Kagithala Babu Anvesh added a comment -

            Hi team,

            Happy New Year 2020.

            May i know , any developer is working on it .

            Thanks and regards,

            Anvesh 

            Kagithala Babu Anvesh added a comment - Hi team, Happy New Year 2020. May i know , any developer is working on it . Thanks and regards, Anvesh 

              Unassigned Unassigned
              rfuerst Rachel Fuerst (Inactive)
              Votes:
              79 Vote for this issue
              Watchers:
              56 Start watching this issue

                Created:
                Updated: