Uploaded image for project: 'SR for Confluence - Development'
  1. SR for Confluence - Development
  2. SRCONF-776

Make sure all Confluence features with a code editor abide by script edit permissions

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Done
    • High
    • Resolution: Done
    • 5.5.9
    • 5.6.0, 5.6.4, 5.6.5
    • None
    • None
    • SR Squad 116, SR Squad 117, SR Squad 118, SR Squad 119, SR Squad 120, SR Squad 121
    • 2
    • 0

    Description

      Known missed spots at the moment:

      • Script Jobs (this is also cross product), code editor is available even when the user has no permissions. The REST resource also does not validate permissions when creating/updating a job, which allows an unauthorised user to create jobs with code via REST.

      Attachments

        Activity

          People

            rholban Roland Holban [X] (Inactive)
            rholban Roland Holban [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: