When archiving from a dynamic project name it currently requires read permission on that project for all authenticated. In a corporate environments it means anyone in the corporation should be able to see that project.

The goal would be to check that the current user has read access on the dynamically generated project.

Currently without that security, we could use this plugin and make it safe in our configuration (we don't have per-project access rights).