You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
Portfolio plug-in allows editing of read-only fields. A custom field that was made read only in Jira is editable in Advanced roadmaps and this is circumventing controls. how can we fix that?
I'm using this plugin and I have noticed this problem. I ask you to give more importance to this issue as this is also a major security issue. If you use a Security Level based on a user picker field, and this is editable by anyone with Advanced Roadmap it is possible to make visible issues that normally would not be visible on JIRA. Advanced Roadmap overrides any controls that are set in JIRA.
This is huge an issue. the workflow controls, custom fields controls validations do not apply in advanced roadmaps. The Plans simply allows users to circumvent all of the business rules and poses a gaping hole for data integrity issues. is there a way to make fields read-only or restrict certain operations based on roles in advanced roadmaps?
If it is read only unconditionally, we simply remove it from the create/edit screen. If there are only a few cases where it is read only then we use behaviors.
Tried disassociating all the edit screens to the custom field. It is still editable in Advanced Roadmaps(3.29).
Same issue was observed in other versions as well. Is there a way Advanced Roadmaps allows to set a field as read-only on the plan view?