Put an experiment:
Create role GA (group access) - group access to task
Create role PA (personal access) - personal access to task
Create group GA / role GA
Create group PA / role PA
Create user Magic with assigned groups GA, PA
Create task with assigned group PA (no GA) and assigned user NoName
The user Magic has access to the created task, although it seems to me that he should not.
Task in group with personal access and user Magic not assigned to this task.
Create role GA (group access) - group access to task
Create role PA (personal access) - personal access to task
Create group GA / role GA
Create group PA / role PA
Create user Magic with assigned groups GA, PA
Create task with assigned group PA (no GA) and assigned user NoName
The user Magic has access to the created task, although it seems to me that he should not.
Task in group with personal access and user Magic not assigned to this task.
Comment