Members on a Specific Project can view other project dashboards | Voters | Qase

Members on a Specific Project can view other project dashboards

under review

Rajveer Singh

We have added new members to QASE on a specific project, however they are still able to view and access dashboards for other projects.

September 18, 2025

Manjunatha Reddy

marked this post as

under review

Manjunatha Reddy

Team, as discussed, we're moving this to Feature requests board. This request is also captured internally with ticket ref: 1424.

Imad Majid

Steps to Reproduce:
1.	Create a dashboard that uses data exclusively from Project A.
2.	Ensure User X does not have access to Project A.
3.	Log in as User X and navigate to the dashboard list.
4.	Observe that:
•	User X can see the dashboard title (which may include the project name).
•	The project logo is displayed in the project column.
Expected Behavior
•	Users without access to Project A should not see dashboards tied exclusively to Project A.
•	The project logo should not be displayed for dashboards associated with projects they cannot access.
⸻
Actual Behavior:
•	Users without access to Project A can see the dashboard title and project logo in the dashboard list.
•	Widgets correctly show no data (or only data for accessible projects), but the dashboard visibility itself is not restricted.
⸻
Impact / Severity:
•	Privacy risk: Clients are exposed to project names/logos they should not be aware of.
•	Potential GDPR compliance issue, as the presence of project information could be considered sensitive.

Imad Majid

Possible Solution:

Leave the Dashboard section for only Regular users of a workspace (Unless sharing a public link like a public test run)
Implement Dashboard space inside a project. Previous feature request: https://roadmap.qase.io/feature-requests/p/feature-request-redirect-to-the-project-dashboard-or-a-new-section-from-the-proj