Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 3.5
Affects Version/s: 3.4.2
Component/s: Issue - Fields, Project Administration - Permissions
Labels:
- affects-server

Introduced in Version:
3.04
Bug Fix Policy:
View Atlassian Server bug fix policy

Try creating a "Visible to" multi-user picker custom field, and allow only this custom field's users to "Browse" issues in the permission scheme. One can no longer view issues in affected projects, even if you are in the "Visible to" custom field for some issues.

relates to

JRASERVER-8950 "Current Assignee" on Browse Permission creates security hole

Closed

JRASERVER-8615 Granting User Custom Field "Create" or "Administer" permission grants it to everyone

Closed

JRASERVER-8941 User Picker custom field used in Security Level makes issues invisible to searchers

Closed

Assignee:: Dylan Etkin [Atlassian]

Reporter:: Jeff Turner

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 05/Jan/2006 1:17 AM

Updated:: 27/Mar/2019 11:49 PM

Resolved:: 09/Jan/2006 1:51 AM

Estimated:

Remaining:

Logged:

Not Specified

Details

Description

Attachments

Issue Links

Activity

People

Dates

Time Tracking