-
Suggestion
-
Resolution: Unresolved
-
None
-
0
-
1
-
The Activity Stream in JIRA is at the moment showing information regarding all commit messages.
Users without access to projects mentioned on the Commit Messages still see the messages and are provided links to pages were they don't have access to.
This is a Privacy concern on instances with Restricted Projects.
On instances with a lot of dev activity, this generates unnecessary noise on the Dashboard.
Activity Stream should be restricted to the user visibility according to permissions. Commits from issues without access should be discarded.
- relates to
-
JSWSERVER-14400 Show BitBucket/github pull requests for a select set of repos in activity stream gadget
- Gathering Interest
- links to
- mentioned in
-
Page Failed to load
This is affecting our users as well - is there any workaround? We are trying to filter an activity log by project category but all commits from GitHub are showing up. Users who don't have permissions to view those repositories still see the commit message, but the user photo is broken and the links cannot be viewed. Due to federal security requirements, we may have to remove this gadget altogether as it's a security vulnerability. If we do not have to remove it, we would at least like the option to remove commit messages from the filter. There is already an "Activity" filter to remove certain entries - but commits aren't listed as one of the options.