![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Affects Versions:
|
current |
|
Assignee:
|
Unassigned |
|
Attachments:
|
Jenkins System Properties.doc, jenkins_copy_job_screen1.png, jenkins_copy_job_screen2.png |
|
Components:
|
core, security |
|
Created:
|
25/Jun/13 4:40 PM
|
|
Description:
|
While using the Project-based Matrix Authorization Strategy users are unable to create a new job unless global read is enabled. The global read permission is too liberal, allowing any authenticated user to see any job. The Create Job Advanced Plugin (https://wiki.jenkins-ci.org/display/JENKINS/Create+Job+Advanced+Plugin) seems to fix this by granting users full permissions to jobs they create, however, it does not apply to duplicated jobs.
When an authenticated user attempts to copy an existing job without global read permissions the resulting job fails to copy the existing values from the copied job. The user is then forwarded to a page that requests the user log in to see the newly created job.
Expected behavior:
A user is only able to copy jobs they have the ability to read and the resultant job should have the same permissions as the copied job.
|
|
Environment:
|
CentOS release 6.4, OpenJDK 1.6.0_24, x86_64,
|
|
Project:
|
Jenkins
|
|
Labels:
|
permissions
job
authentication
|
|
Priority:
|
![Minor]() Minor
|
|
Reporter:
|
Timothy Forbes
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit
https://groups.google.com/groups/opt_out.
