• Type: Suggestion
• Resolution: Fixed
• Fix Version/s: None
• Component/s: Administration - Permission Helper
• Labels:

  • affects-server

1. 

   jirawatchers.jpg

   37 kB

   18/Apr/2018 5:33 PM

2. 

   Screenshot 2021-10-19 at 16.24.53.png

   110 kB

   19/Oct/2021 2:26 PM

[JRASERVER-37386] Ability to restrict what users or groups appear in @-mention results

Collapse comment: Maciej Swinarski (Inactive) added a comment - 31/Mar/2022 7:50 AM

Maciej Swinarski (Inactive) added a comment - 31/Mar/2022 7:50 AM

8075761753c3 - as the issue is defined here it is clearly about @mention feature which can be configured via permission schemes. Also note that this issue is defined for Jira Server and Data Center and in your comment you are referring to Jira Cloud. I think this would be the issue for Jira Cloud: https://jira.atlassian.com/browse/JRACLOUD-37386

Expand comment: Maciej Swinarski (Inactive) added a comment - 31/Mar/2022 7:50 AM

Maciej Swinarski (Inactive) added a comment - 31/Mar/2022 7:50 AM 8075761753c3 - as the issue is defined here it is clearly about @mention feature which can be configured via permission schemes. Also note that this issue is defined for Jira Server and Data Center and in your comment you are referring to Jira Cloud. I think this would be the issue for Jira Cloud: https://jira.atlassian.com/browse/JRACLOUD-37386

Collapse comment: Marcin Wasłowicz added a comment - 09/Feb/2022 11:48 PM

Marcin Wasłowicz added a comment - 09/Feb/2022 11:48 PM

This issue is closed and even though the mentions are limited - clients can still access full user list through:
https://ACCOUNTNAME.atlassian.net/secure/popups/UserPickerBrowser.jspa

The current situation provides false sense of a fixed security issue (which is still there).

Expand comment: Marcin Wasłowicz added a comment - 09/Feb/2022 11:48 PM

Marcin Wasłowicz added a comment - 09/Feb/2022 11:48 PM This issue is closed and even though the mentions are limited - clients can still access full user list through: https://ACCOUNTNAME.atlassian.net/secure/popups/UserPickerBrowser.jspa The current situation provides false sense of a fixed security issue (which is still there).

Maciej Swinarski (Inactive) made changes - 19/Oct/2021 2:32 PM

Component/s		New: Administration - Permission Helper [ 43321 ]
Labels	Original: affects-cloud affects-server	New: affects-server

Maciej Swinarski (Inactive) made changes - 19/Oct/2021 2:31 PM

Resolution		New: Fixed [ 1 ]
Status	Original: Gathering Interest [ 11772 ]	New: Closed [ 6 ]

Collapse comment: Maciej Swinarski (Inactive) added a comment - 19/Oct/2021 2:31 PM

Maciej Swinarski (Inactive) added a comment - 19/Oct/2021 2:31 PM

Users showed in the @-mention results are controlled via the permission scheme associated with given project with the Browse Projects permission.

More about permission scheme configuration: https://confluence.atlassian.com/jserverm/latest/managing-project-permissions-979403889.html

 

Expand comment: Maciej Swinarski (Inactive) added a comment - 19/Oct/2021 2:31 PM

Maciej Swinarski (Inactive) added a comment - 19/Oct/2021 2:31 PM Users showed in the @-mention results are controlled via the permission scheme associated with given project with the Browse Projects permission. More about permission scheme configuration: https://confluence.atlassian.com/jserverm/latest/managing-project-permissions-979403889.html  

Maciej Swinarski (Inactive) made changes - 19/Oct/2021 2:26 PM

Attachment

New: Screenshot 2021-10-19 at 16.24.53.png [ 411801 ]

Maciej Swinarski (Inactive) made changes - 19/Oct/2021 2:21 PM

Resolution	Original: Fixed [ 1 ]
Status	Original: Closed [ 6 ]	New: Gathering Interest [ 11772 ]

Maciej Swinarski (Inactive) made changes - 19/Oct/2021 2:21 PM

Resolution		New: Fixed [ 1 ]
Status	Original: Gathering Interest [ 11772 ]	New: Closed [ 6 ]

SET Analytics Bot made changes - 04/Oct/2021 2:38 AM

UIS

Original: 30

New: 3

SET Analytics Bot made changes - 01/Oct/2021 2:12 AM

UIS

Original: 24

New: 30

Load more older events