Customers can see links to issues he cannot access

Description

On the customer portal the similiar issues addon shows issues that the customer does not have access to.

The use case:
User is part of an JSD organisation and starts writing in the summary field.
He then gets a list of both issues that he can see as well as issues that are not visible to his organisation.
Clicking on an issue he does not have access to redirects him to the portal page.

Desired behaviour:
Only show issues that is accessible for the customer.

SIF-73 does not resolve this problem.

Environment

None

Activity

Show:
Deniz Oğuz
April 18, 2019, 9:04 AM

This behavior is caused by "Issue Types" settings of project specific "Similar Issues Finder" configuration. If you set "Issue Types" to empty this will not occur. But this field is causing confusion and we have decided to revert back to normal visibility rules of Jira instead of overriding it for issue types selected here. In 1.20.0 version this field will be removed and users will only able to access issues they have access to. Sorry for the confusion.
"Filter by Fields" setting only works for issues displayed on "Similar Issues Tab Panel" it is not used on create issue screen because we don't know most field values on issue create screen because issue is not created yet.

Torbjörn Richter
March 8, 2019, 2:10 PM

I also have the same problem.
The 'filter by fields' setting doesnt work.
In our case we would like to have 'Project', 'Issue Type' and 'Organizations' as filters but only Project seems to work.

Fixed
Your pinned fields
Click on the next to a field label to start pinning.

Assignee

Deniz Oğuz

Reporter

Björn Gullander