Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Timed out
Priority: Low
Fix Version/s: N/A
Affects Version/s: 3.5.0
Component/s: None
Labels:

Symptom Severity:
Severity 3 - Minor
UIS:
1
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

https://domain/rest-service/users-v1/some_username/ GET resource doesn't give e-mail information if you're logged in as a normal user (non-admin). But the strange thing is that if you try to see that user from normal Web interface it is possible to see its e-mail via this page:
https://domain/user/some_username
in About section. So there is some security misconception. If I see the e-mail on the web interface with certain user I should see it via Restful API, too.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Peter Mitev

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 23/Jul/2014 5:18 PM

Updated:: 05/Oct/2018 8:45 AM

Resolved:: 05/Oct/2018 8:45 AM