Status: Closed (View Workflow)
Resolution: Cannot Reproduce
We have a folder with projects inside which have `project-based security` enabled and the Inheritance Strategy is set to `Inherit from parent`. The folder's permissions are:
In the screenshot above I've added `myname-noaccess` just to illustrate the group permissions - in reality it is missing in the configuration.
The problem is that the users from the `myname-noaccess` group, although not configured anywhere, are able to see the all of projects within the folder. While trying to figure out the issue, I noticed that `myname-noaccess` users actually have the same permissions as the `myname` group and once I removed it the folder and projects inside stopped appearing for `myname-noaccess`.
I believe there might be an issue with how the permissions are being detected - most likely there is a wildcard somewhere.
The temporary fix is to rename `myname` group to something like `myname-core`.
Closing for now. stodorov Please reopen if this is still a problem, and provide the requested information above.
(Everyone else: Please file a new issue if you experience something similar.)
stodorov Is this still a problem?
My best guess is something is weird about the group memberships, and I would have affected users go to the /whoAmI URL to see what groups they're a member of.