Uploaded image for project: 'Jira Align'
  1. Jira Align
  2. JIRAALIGN-2141

API 2.0: Endpoints returning all records regardless of the Portfolio or Program assigned to the API user

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Low Low
    • 10.83
    • 10.79
    • REST API
    • None
    • 1
    • Severity 3 - Minor
    • Breakers - Usher 8

      Issue Summary

      The following endpoints are returning all records regardless of the Portfolio or Program assigned to the API user.

      • Features
      • Themes

      Steps to Reproduce

      1. With a non-Super Admin role/token 
      2. Assing the user to only one Program/Portfolio 
      3. Using API 2.0.
      4. Send GET for Features. 
      5. Check the response. 

      Expected Results

      Only records assigned to the same Program/Portfolio of the user running the request should return

      Actual Results

      All Feature records are returned

      Workaround

      Currently, no workaround available. A workaround will be added once available

              kforeman@atlassian.com Kyle Foreman
              amacedo@atlassian.com Alessandro Macedo
              Votes:
              2 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: