Hi,
I have a rather sensitive customer that realised that when you for example type the JQL in the search bar "reporter = xxx" it gives you suggestions for users. Some of the users that show up are external Customers in one certain jira project and some of the technicians say that this is "sensitive" information.
Is there any way to control this by project?
thank you for your question.
The possibility to find users is controlled by the global permission Browse users and groups
This can not be changed on a project base.
But I'm not quite sure if I fully understand the problem: Do you have customers using your JSM projects with agent view? If so, this might be the problem?
I can reply to this since I'm also involved with this issue. The problem is this:
"User A" (normal JSM Agent) does not have access to "Project A".
In Project A there exists a lot of External customers which User A should not be able to see.
But when User A does a JQL-search using "reporter = ..." Jira then shows a list of all Customers, even those that only exist in Project A, a project which User A hs no access to.
Why?
Can this be limited?
Is there any documentation regarding this?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.