Issues that should be hidden with security level are visible in Service Management SLA reports

XMLWordPrintable

    • 1
    • Severity 2 - Major
    • 2

      Issue Summary

      Service Management SLA reports do not respect issue security. A user could see an issue in the Service Management SLA report even if they can't browse it due to its security level.

      Steps to Reproduce

      1. Create a security scheme with a level that hides an issue from userA
      2. Create a Service Management project and assign the security scheme to it
      3. Display an SLA report that contains one issue from userA

      Expected Results

      The report shouldn't show the issue to the user if they can't see it due to its security leve.

      Actual Results

      The issue is visible in the report. When the user clicks it, they're presented with the message that they can't browse it.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

              Assignee:
              Unassigned
              Reporter:
              Arbi Dridi
              Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: