Versions Compared

Old Version 13

changes.mady.by.user Old Street Apps

Saved on

compared with

New Version Current

changes.mady.by.user Morgan Folsom (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Expand
titleIs User Impersonation enabled by default?

No. By default, User Impersonation is disabled and no users have access to Impersonate themselves, or any other users.

To give users access to this feature individual users and/or groups must be added to the User Impersonation Permissions in the Custom Jira Charts administration settings.

Expand
titleHow is User Impersonation secured? What is a "Unique Hash" for User Impersonation?

When a user builds a Custom Jira Chart in the Confluence editor and clicks Insert or Save a number of very important steps happen:

  1. The User Impersonation permissions of the user are checked again to ensure that they still have the correct permissions to create a chart impersonating the selected user

  2. Every parameter from the chart is used to generate a unique hash. This includes:

    1. The source JQL or Saved Filter for finding issues

    2. The Chart By and Group By field selections

    3. All segment configuration (color, names, order, etc.)

    4. The page ID of the page the chart is being created on

  3. This hash is sent to the database

    1. On Confluence Server and Data Center this is the same database as your Confluence instance

    2. On Confluence Cloud, this hash is stored on the Custom Jira Charts database

This means that, if anyone attempts to change anything about the chart, even the color of a segment, the hash that is created won’t match the has stored in the database and there will be an error.

Info

User Impersonation is secure by design so that only the Jira data specified by the creator of the chart is displayed.

...