Project

General

Profile

Actions

Feature #370

closed

Restricted list of project names on account/show

Added by Philippe Liège almost 17 years ago. Updated almost 17 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:

Description

A user may only read/edit the projects he/she is a member of.

Using the account/show page however, any unprivileged user can read a list of all project names. All project details
are kept confidential but project names may also be regarded as confidential data.

For better confidentiality, it would much better to display a restriced list of other users' projects or not to display
them at all.

see the following thread for details:

http://rubyforge.org/forum/forum.php?thread_id=15166&forum_id=7505

Actions #1

Updated by Philippe Liège almost 17 years ago

Or you could add under Role/permissions/members one or two
checkboxes
- view project membership (all projects)
- view shared projects only

Actions #2

Updated by Jean-Philippe Lang almost 17 years ago

Fixed in rev 567.

Only public projects or private projects that the logged in user
belongs to are now displayed.

Regards

Actions

Also available in: Atom PDF