Uploaded image for project: 'Jira Server and Data Center'
  1. Jira Server and Data Center
  2. JRASERVER-66161

As an admin, allow me configuring what user's information is shared between users

    XMLWordPrintable

    Details

    • Support reference count:
      1
    • Feedback Policy:
      We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      There are several scenarios where user's username and email are shown. This can be considered a security risk for some customers.

      Examples:

      • When doing a user search, a suggestion list appears while writing, this list includes the user display name, email and even username.
      • From the issue view, any user can see another user's profile, which shows all the information of the user.

      Similarly suggested for Confluence, the suggestion is allowing a way to control the access to this information (like only showing display names for non-admin users) or using the following as an example:

      1. A user is only allowed to see the name and profile of another user if they are in the same group. (at least one group, not all)

      2. Allow a global administrative option for enabling/disabling user names and profiles.

      3. Allow each user to decide whether their username, email and/or profile should be viewable.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              rchiquete Rene Chiquete
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: