Non-admin User Should not be able to see all users/groups in drop down

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

XMLWordPrintable

    • 1
    • Severity 2 - Major
    • 21

      NOTE: This bug report is for JIRA Portfolio Server. Using JIRA Portfolio Cloud? See the corresponding bug report.

      Summary

      In Plan configuration > Permissions > Plan access. Non-admin users can try to add Viewers and see all users/groups on the instance.

      Steps to Reproduce

      1. Login as non-admin user
      2. Create a plan
      3. Go to Plan configuration > permission
      4. Try add users or groups

      Expected Results

      • Only groups that the user are belong to should be listed
      • Only users that has "Browse Users" in Global Permission should be able to list all users

      Actual Results

      All users and groups are listed (max 50 on drop down)

      Workaround

      None

              Assignee:
              Thomas
              Reporter:
              Zul NS [Atlassian] (Inactive)
              Archiver:
              Aakrity Tibrewal

                Created:
                Updated:
                Resolved:
                Archived: