Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 3.2 Beta
Affects Version/s: 2.6.1 Enterprise
Component/s: Project Administration - Permissions
Labels:
- affects-server
Environment:

-

Introduced in Version:
2.06
Bug Fix Policy:
View Atlassian Server bug fix policy

When i add the "Current Reporter" to the "Browse Project" Permission of one project. This project instantly becomes visible to ALL users(via the project table portlet), if they have any kind of permission to see this project or not.

So all users can see this project, but can't see any issues within it. Thats not very good, as we want to keep our customers strictly seperated from one another and we have a lot of projects. That would be very confusing if you see lots of projects in your dashboard, but only one or two of them are relevant to you and the rest is empty.

is related to

JRASERVER-8950 "Current Assignee" on Browse Permission creates security hole

Closed

JRASERVER-12051 Adding group selector permission makes project name visible to everyone

Closed

JRASERVER-14941 Users without permissions can browse projects that they do not have perms to if custom field-user picker

Closed

JRASERVER-4927 Suppress Error Message, when user has no right to browse project

Closed

JRASERVER-14424 Separate permissions for issue filtering and project display

Gathering Interest

Assignee:: MarkC

Reporter:: Gerd Gueldenast

Votes:: 1 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 14/Oct/2004 4:19 PM

Updated:: 27/Mar/2019 11:46 PM

Resolved:: 21/Apr/2005 2:09 AM

Estimated:

Remaining:

Logged:

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates

Time Tracking