Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-3937

Reviews search - project select box exposes all projects instead of projects that user has rights to see

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.2.1
    • Fix Version/s: 3.4
    • Component/s: Issues
    • Labels:
      None

      Description

      When performing search for a review with user that has only access to a subset of projects (through roles and groups settings), a project select box will display a list of all projects.

      This can lead to potentially unwanted information disclosure. It is also inconsistent with rest of the interface.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            mmrvelj Marko Mrvelj
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: