Branch: refs/heads/master Home: https://github.com/jenkinsci/role-strategy-plugin Commit: b60076577ec7fed7ff9286966e2b56dad7a65c90 https://github.com/jenkinsci/role-strategy-plugin/commit/b60076577ec7fed7ff9286966e2b56dad7a65c90 Author: Markus Winter <m.win...@sap.com> Date: 2022-07-28 (Thu, 28 Jul 2022)
Changed paths: M README.md M src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleBasedAuthorizationStrategy.java M src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleMap.java A src/main/java/org/jenkinsci/plugins/rolestrategy/NamingStrategyAdministrativeMonitor.java M src/main/java/org/jenkinsci/plugins/rolestrategy/RoleBasedProjectNamingStrategy.java M src/main/resources/com/michelin/cio/hudson/plugins/rolestrategy/Messages.properties A src/main/resources/org/jenkinsci/plugins/rolestrategy/NamingStrategyAdministrativeMonitor/description.jelly A src/main/resources/org/jenkinsci/plugins/rolestrategy/NamingStrategyAdministrativeMonitor/description.properties A src/main/resources/org/jenkinsci/plugins/rolestrategy/NamingStrategyAdministrativeMonitor/message.jelly A src/main/resources/org/jenkinsci/plugins/rolestrategy/NamingStrategyAdministrativeMonitor/message.properties A src/test/java/org/jenkinsci/plugins/rolestrategy/RoleBasedProjectNamingStrategyTest.java A src/test/resources/org/jenkinsci/plugins/rolestrategy/Configuration-as-Code-Macro.yml A src/test/resources/org/jenkinsci/plugins/rolestrategy/Configuration-as-Code-Naming.yml Log Message: ----------- [JENKINS-19934] fix project naming strategy (#179) * [JENKINS-19934] WIP fix project naming strategy The project naming strategy is currently not considering if the user has the permission to create a job with a given name at all. I just checks if the passed name matches any of the patterns. Also it doesn't consider the full name, e.g. when a project is created inside a folder. This can lead to the situtation that a user creates a job but is then unable to configure the job. This change will do the following: Prerequisites: - Rolebased project naming strategy is enabled. - for each role when create is enabled also configure and read should be enabled If a user has either globally or in any item role the create permission then he will see the "New item" link in the side panel. A user that has global create permissions can create jobs with any name. For a user that has create permission on one or more item roles the entered name is matched against the role and the users permissions. Current limitation is that it only works reliably via the UI. When trying to create a job via the CLI, there is no staplerrequest that can be used to find the parent item. So job creation via cli will fall back to the old behaviour and just check the item name itself. In case JENKINS-68602 gets resolved requests coming in via the CLI would also be properly checked. This also adds an admin monitor that warns when the role based project naming strategy is not enabled. * fix javadoc ref * add more tests * fix group resolution can't use the code path from authorities as roles that is wrong. Add tests that verify group permissions work properly * fix javadoc * code cleanup * optimize checking create permission * update documentation * remove unused method * fix formatting * exclude macro roles from naming check * add tests * adjust readme -- You received this message because you are subscribed to the Google Groups "Jenkins Commits" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-commits+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/role-strategy-plugin/push/refs/heads/master/f21f4b-b60076%40github.com.