- Currently: all users can see all other users, including their e-mail. This is a privacy issue.
- Idea: allow only admins to see all users.
- Use-Case: We work with external clients from different companies and they are not supposed to see each other’s e-mails
The issue is mainly about:
- “People” menu item in the left menu - if that would be not visible to all users, that would be already a huge win (why do members even need that?)
- User entities that can be found through search and other means - should not be accessible to non-admins
P.S. In the latest Sharing & Permission guide fibery asked to share pain points via intercom, hope I’m correct here