Hi All,
are you awaking with this bug?
When you are not logged in, you can see the managed filters! Is it a bug???
However all the filters are empty.
Have a look:
BASEURL/secure/ManageFilters.jspa
I don't think it's even a real "bug", because if you share a filter with "all users", that should probably include the "anonymous" users. I'm not sure how you'd know how to block that.
2 cents: Shouldn't be "shared with anyone" instead of "shared with all users" ? I think this is a little confusing; that sharing should be really split in two, one to allow anonymous access and the other one to allow all logged in users (so: "Shared with all users" and "Shared with anyone").
There's a security problem here, some users may leak information to the outside world without knowing it. Just an opinion.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think the language could be improved - it feels like it was written by an experienced Jira admin, who is fully aware that enabling "anonymous" access implies that "anyone" is a "user".
But replacing "shared with all users" with "shared with anyone" is wrong. You don't *know* that anonymous can see stuff when you use that screen.
There is no security problem, as long as your admins are fully aware of how "anyone/anonymous" works and exposes lots of information (potentially)
But I do think all the wording is unhelpful.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I agree. Filter names can have sensitive data. If it is shared with all users, it should be visible only to logged in users. If shared with anyone, it should be visible to anonymous users.
But at the moment, JIRA has only one option to share with "Everyone". Fix should start there.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
IMHO it's a bug, and you should report it.
You can see the names of the "popular filters" which are shared, indeed, but since you cannot browse for other filters, it is a low severity bug.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think it only shows filters that are shared with all users. The content will be based on the permissions of the projects involved in the filter.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.