Mike: that's not the expected behavior at all: private groups and everything that they contain should remain private until a user joins the group. One caveat might be that you might be seeing this as the admin user (who has the ability to see everything), are other users seeing this behavior in addition to you?
We are having the same issue. I logged in with normal user permissions and I was able to see private projects. I tested this out with others as well, same result. I should add that we are currently on 4.0.2.
Things are not quite as I represented but still not consistent with a private group.
First, I created a test user with no permissions and then I searched for the private group name.
Among other things returned from a full search are: the name of the private group in the Places widget.
If I click on that private group's name, up comes the overview page and a message telling me that the group is private.
However, the tags that the so-called private group has also are shown in the group overview (not a good idea).
When I click on the tag that happens to be the name of the private group (I tagged it that way because the private group is about a company and the name of the company is also the name of the tag and the name of the private group). Anyway the tag search results come up with tags associated with my first tag (however, they are tags that are only used within the private group). I don't want the tags associated with stuff inside the private group to be searchable. What's ironic is that if I click on any of the "related tags", I get a message indicating there is no item in the system associated with that tag. Except that there are five tags listed as associated with my private group.
It kind of looks like this: secret-tag1 secret-tag2 secret-tag3
I don't think showing related tags for things that are only tags of documents within a private group is correct search behavior.
Currently we have 4 types of groups
- You can see everything and reply to anything
- You can see everything, you must join to reply
- You can see the group, you must request to join to be able to see content
- You can not see the group. Someone who is part of the group must invite you.
In your case it sounds like you should be using a Secret group instead of a Private group in order to hide the name of the group from the public.
Thanks, but I want the name of the company public. I just don't want the rest of the details to be revealed. That is the implication of the private group.
I think that if you do a search on tags, the ones that only exist inside a private group shouldn't appear if you don't have permission to be in that private group. Using secret groups solves one problem - nobody will know about the existence of the group. However, if no one knows about it then they won't know to ask about it either. I am just trying to have two levels of privacy. Public and Private (where the name is ok to know, but not the rest of the data inside).
Our company has experienced this same issue--that people who are not members of a private group can see and access content within a Project related to the private group. We're using Jive SBS 4.0.2. Is this a bug and something being looked at? Or is there a way to ensure that Projects within private groups are restricted to the members of that group?
Is this something that may be addressed in a future release?
I'd appreciate any advice as to how to work through this.
I'm pretty sure this is fixed in a later release. We are still on 4.0.2 right now but we discovered a bigger bug. Anyone can move a document out of a space into a group (unless each individual document is changed in the collaboration options) that they created or into their personal profile documents. This is a permissions bug. Not good. We are waiting launch our intranet to all team members until we can upgrade to 4.0.11.