Defect #16743: Project list lists all projects, even if user is not added to them - Redmine

Actions

Copy link

Defect #16743

closed

Project list lists all projects, even if user is not added to them

Added by Peter L. almost 12 years ago. Updated almost 12 years ago.

Status:

Closed

Priority:

High

Assignee:

Category:

Accounts / authentication

Target version:

Resolution:

Invalid

Affected version:

2.5.1

Description

I added a new user group called "external employees" and just created a user for it.

When I log in, i can already see all projects - even when I have not added the external user to any project.
This seems like a security problem to me?

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Redmine

Custom queries

Defect #16743

Project list lists all projects, even if user is not added to them

Updated by Peter L. almost 12 years ago

Updated by Rafał Lisowski almost 12 years ago

Updated by Peter L. almost 12 years ago

Updated by Rafał Lisowski almost 12 years ago

Updated by Peter L. almost 12 years ago

Updated by Jean-Philippe Lang almost 12 years ago