User is able to see all Groups existing in JIRA in the edit screen of Project Pivot Gadget whereas user should be able to see only those groups where he has access
Issue #591
resolved
Hi Andriy,
We are using JIRA 6.3.12 and "JIRA Timesheet Reports and Gadgets" plugin version jira-timesheet-plugin-2.8.2.6-JRA-32510.jar
We have restricted all groups in "Timesheet Configuration" except jira-system-administrators group. (Screenshot Restricted_Groups.png)
But we can see that all groups are appearing in Groups and "Exclude Groups" in the "Configure - Timesheet Report" page. Ideally, it should appear only one group jira-system-administrators at "Exclude Groups" field.
Is there any other way to restrict visibility of groups in "Configure - Timesheet Report" page and "Report: Project Pivot Report" pages? A non-admin user is also able to see all groups while he is not a member of those groups.
Please suggest.
Thanks, Reetesh
Comments (12)
-
-
reporter
Hi Andriy,
Can you please let us know that by when can we expect this change?
Thanks, Reetesh
-
Hi Reetesh,
I will try to make it this or next week.
Thank you.
-
reporter
Thanks for the support Andriy.
-
- changed status to resolved
fix issue
#591: filter available groups depending on auditors and restricted groups settings→ <<cset ca90d1dd2b97>>
-
Fix is available in 2.8.2.7.
Reetesh, you may need to use patched jar instead instead.
-
reporter
Thanks Andriy for the quick fix. We are now going to install this plugin and will let you know if we face any issue.
-
Account Deleted
Hi Andriy
I am handling the timesheet plugin now on behalf of Reetesh.
I was testing this issue after installing the patched jar . I have restricted all groups except CD-INT and system-jira-administrators(screenshot: restricted.png). Then i checked the configured page of Project Pivot Report . Groups and Exclude groups is showing None(screenshot: Pivot_report.png). This is not the expected behaviour . These groups fields should show the CD-INT and system-jira-administrators groups. I have tested for many such cases . But every time Groups and Exclude groups is showing None.
Thanks Mohit
-
Account Deleted
- attached restricted.png
- attached Pivot_report.png
-
Hi Mohit,
Looks like there is some misunderstanding. If you expect CD-INT and system-jira-administrators groups be shown report configuration, you need be a member of these groups and have them selected im Timesheet Restricted Groups in Timehseet Configuration.
Please let me know if it helps.
Thank you.
-
Account Deleted
I am the member of these two groups . I think we should not select them in timesheet Restricted groups on timesheet configuration page . But i tried both ways i.e selecting and deselecting them. In both case no group is coming .
-
Hi Mohit,
Sorry, I can't reproduce it. Beeing a member of group selected in restricted groups, it appears in report configuration, excluding myself from the group, it disappears. Once again, restricted group need to be selected, if you want member of it see each others timesheet. But also, they need to be member of Auditors Groups, if any is selected in admin configuration.
Thank you.
- Log in to comment
Hi Reetesh,
The 'Timesheet Restricted Groups' option influences report itself, not configuration options. But I think it's good idea for improvement: Filter available groups for selection in Groups, depending on Timesheet Configuration options: Timesheet Auditors and Timesheet Restricted Groups.
Thank you for suggesting.