@Mention emails sent to Customer users

XMLWordPrintable

    • Type: Bug
    • Resolution: Not a bug
    • Priority: Low
    • None
    • Affects Version/s: 7.10.0
    • Component/s: Email notifications
    • None
    • 7.1
    • 1
    • Severity 2 - Major

      Summary

      • Customer users are sent @mention emails even though they should not have access to the project. This may give them access to information that they should not have.

      Steps to Reproduce

      1. Create a user without application access
      2. Mention the user in a comment

      Expected Results

      • Since the user does not have access they should not receive an email.

      Actual Results

      • The user receives the email (as a Mentioned you notification) with details of the comment.

      Workarounds

      • Do not mention the user if you do not wish for them to receive an email.
      • Change the Project Permission "Browse projects" to not include "Any user logged in" and instead use roles, groups or users with specific application access.

            Assignee:
            Unassigned
            Reporter:
            Keri Duthie (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: