-
Suggestion
-
Resolution: Unresolved
-
152
-
88
-
NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.
Issue Summary
Grant "Browse Project" permission to "User custom field value (XXXX)" makes the project is visible to all users. Regardless of whether that field is filled or not.
Steps to Reproduce
Go to the permission scheme > grant "Browse Project" permission to "User custom field value (XXXX)"
Expected Results
The project should not be visible to all users here: https://<sitename>.atlassian.net/projects
Actual Results
The project is visible to all users here: https://<sitename>.atlassian.net/projects
Workaround
Remove the "User custom field value (XXXX)" in the Browse project permission
- depended on by
-
JSDCLOUD-12350 Granting "Browse Project" permission to "User Custom Field Value" makes project visible to all portal customers
-
- Closed
-
- is cloned from
-
JRACLOUD-37117 Grant "Browse Project" permission to "User Custom Field Value" makes project visible to all users
-
- Closed
-
- is related to
-
JRACLOUD-92832 Hide project list
- Closed
- mentioned in
-
Page Failed to load
-
Page Failed to load
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
- relates to
-
EVEREST-2400 Loading...
This is still a bug and changing it to "suggestion" is simply wrong.
Why?
In other settings we do in Jira you have to meet all criteria's to see something, not only one/some of them but in this case a project gets visible to all users as soon as to grant the"Browse Project" permission to Grant "Browse Project" permission to "User custom field value (XXXX)"
The solution proposed does not solve anything as far as I can see.
To repeat the problem:
We use the "User custom field value (XXXX)" to give access to specific users on an issue basis.
Example:
Person 1 and person 2 can now se the issue regardless of being assignee or having other roles in the project. BUT everyone with access to the Jira instance can see the project name.
As far as I can see the linked page dones NOT cover this senario, and I do not see how it can.