Actions
Feature #370
closedRestricted list of project names on account/show
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Description
A user may only read/edit the projects he/she is a member of.
Using the account/show page however, any unprivileged user can read a list of all project names. All project details
are kept confidential but project names may also be regarded as confidential data.
For better confidentiality, it would much better to display a restriced list of other users' projects or not to display
them at all.
see the following thread for details:
http://rubyforge.org/forum/forum.php?thread_id=15166&forum_id=7505
Actions