-
Bug
-
Resolution: Fixed
-
Medium
-
3.4.2
-
3.04
-
Try creating a "Visible to" multi-user picker custom field, and allow only this custom field's users to "Browse" issues in the permission scheme. One can no longer view issues in affected projects, even if you are in the "Visible to" custom field for some issues.
- relates to
-
JRASERVER-8950 "Current Assignee" on Browse Permission creates security hole
- Closed
-
JRASERVER-8615 Granting User Custom Field "Create" or "Administer" permission grants it to everyone
- Closed
-
JRASERVER-8941 User Picker custom field used in Security Level makes issues invisible to searchers
- Closed