Loading...

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 2.14.1
Affects Version/s: 2.1.5, 2.2.2, 2.14.0
Component/s: Resources
Labels:

Support reference count:
1
Symptom Severity:
Severity 2 - Major
UIS:
21
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

NOTE: This bug report is for JIRA Portfolio Server. Using JIRA Portfolio Cloud? See the corresponding bug report.

Summary

In Plan configuration > Permissions > Plan access. Non-admin users can try to add Viewers and see all users/groups on the instance.

Steps to Reproduce

Login as non-admin user
Create a plan
Go to Plan configuration > permission
Try add users or groups

Expected Results

Only groups that the user are belong to should be listed
Only users that has "Browse Users" in Global Permission should be able to list all users

Actual Results

All users and groups are listed (max 50 on drop down)

Workaround

None

Attachments

Issue Links

relates to

JSWCLOUD-19238 Non-admin User Should not be able to see all users/groups in drop down

Closed

JPOS-1681 Loading...

mentioned in: Page Loading...; Page Loading...

Activity

People

Assignee:: Thomas

Reporter:: Zul NS [Atlassian]

Archiver:: Aakrity Tibrewal

Dates

Due:: 12/Jun/2018

Created:: 06/Jan/2017 11:12 AM

Updated:: 14/Aug/2019 6:20 AM

Resolved:: 05/Jul/2018 4:50 AM

Archived:: 12/Oct/2023 2:33 AM