COYO: Ideas & Roadmap

Security trim search results

At the moment, when a user carries out a search in Coyo, all results are returned, irrespective of whether the user can access any of the documents, communities etc. The user receives an error if they try to access a document etc in the search results, if they do not have access.

The results should be security trimmed. That means that user should only be presented with results that they can access.

9 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Aftab Khan shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    Declined  ·  AdminSven Hoffmann (Product Owner, COYO) responded  · 

    Permissions, visibility and other security limitation are applied to all content in the search. If users can find results that they are not supposed to find then this is a serious security issue and a bug. I am currently not aware of an open issue which would cause this to happen, though.

    Please contact our service and open a bug ticket with some examples: https://www.service.coyoapp.com

    4 comments

    Comments are closed

    Feedback and Knowledge Base