[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Title: Message Title dogfood commented on JENKINS-22769 Re: ListView's ItemListener runs with user privileges, might miss affected views Integrated in jenkins_main_trunk #4292 [FIXED JENKINS-22769] ItemListener callbacks should run as SYSTEM since they sometimes do ACL-checked calls. (Revision 0efd811adb89769c8a6180e33e3d06d755bca4b5) [FIXED JENKINS-25400] Rework fix of JENKINS-22769 (c04cdcd) to put the burden on each listener to impersonate ACL.SYSTEM if it needs to. (Revision 8478e24609d407268bd579609bf0ce3ad395a046) Result = UNSTABLE ogondza : 0efd811adb89769c8a6180e33e3d06d755bca4b5 Files : core/src/main/java/hudson/model/listeners/ItemListener.java test/src/test/java/hudson/model/ListViewTest.java ogondza : 8478e24609d407268bd579609bf0ce3ad395a046 Files : core/src/main/java/hudson/tasks/BuildTrigger.java core/src/main/java/hudson/model/ListView.java core/src/main/java/hudson/model/Fingerprint.java core/src/main/java/hudson/model/listeners/ItemListener.java Add Comment This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265)
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
SCM/JIRA link daemon commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Code changed in jenkins User: Jesse Glick Path: core/src/main/java/hudson/model/Fingerprint.java core/src/main/java/hudson/model/ListView.java core/src/main/java/hudson/model/listeners/ItemListener.java core/src/main/java/hudson/tasks/BuildTrigger.java http://jenkins-ci.org/commit/jenkins/8478e24609d407268bd579609bf0ce3ad395a046 Log: FIXED JENKINS-25400 Rework fix of JENKINS-22769 (c04cdcd) to put the burden on each listener to impersonate ACL.SYSTEM if it needs to. (cherry picked from commit a6a3d5e1660735edc18d331500f7ce9850fbc724) Conflicts: changelog.html Compare: https://github.com/jenkinsci/jenkins/compare/be835bfcfb17...8478e24609d4 This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
SCM/JIRA link daemon commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Code changed in jenkins User: Jesse Glick Path: core/src/main/java/hudson/model/listeners/ItemListener.java test/src/test/java/hudson/model/ListViewTest.java http://jenkins-ci.org/commit/jenkins/0efd811adb89769c8a6180e33e3d06d755bca4b5 Log: FIXED JENKINS-22769 ItemListener callbacks should run as SYSTEM since they sometimes do ACL-checked calls. (cherry picked from commit c04cdcd9f717ddcd3e8c9dbe86cb353c14ae511e) Conflicts: changelog.html This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Jesse Glick commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views If backporting you would need to include the fix of JENKINS-25400 as well, which is not “soaked” yet. This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Oleg Nenashev commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Backporting w/o a fix for JENKINS-25400 would be a really bad idea. We don't know the real impact of the issue. This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
SCM/JIRA link daemon commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Code changed in jenkins User: Jesse Glick Path: changelog.html core/src/main/java/hudson/model/Fingerprint.java core/src/main/java/hudson/model/ListView.java core/src/main/java/hudson/model/listeners/ItemListener.java core/src/main/java/hudson/tasks/BuildTrigger.java http://jenkins-ci.org/commit/jenkins/a6a3d5e1660735edc18d331500f7ce9850fbc724 Log: FIXED JENKINS-25400 Rework fix of JENKINS-22769 (c04cdcd) to put the burden on each listener to impersonate ACL.SYSTEM if it needs to. Compare: https://github.com/jenkinsci/jenkins/compare/ee13a9a930ba...a6a3d5e16607 This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Daniel Beck commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Undecided. How difficult is it to get the real user while impersonating? (FWIW this may also break some aspects of Job Config History, haven't try it though.) This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Oleg Nenashev commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Caused JENKINS-25400 . Daniel, do you vote for reverting the fix? This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Jesse Glick assigned JENKINS-22769 to Jesse Glick ListViews ItemListener runs with user privileges, might miss affected views Change By: Jesse Glick (24/Sep/14 1:11 PM) Assignee: JesseGlick This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Jesse Glick started work on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Change By: Jesse Glick (24/Sep/14 1:11 PM) Status: Open InProgress This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Jesse Glick commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Can also be a performance issue (even when all the ACL checks pass) in case the authorization strategy takes much longer to check an ACL for a real user than for SYSTEM. This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Jesse Glick updated JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Change By: Jesse Glick (24/Sep/14 1:22 PM) Labels: performance permissions This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
Jesse Glick updated JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Change By: Jesse Glick (24/Sep/14 2:56 PM) Labels: lts-candidate performancepermissions This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
SCM/JIRA link daemon resolved JENKINS-22769 as Fixed ListViews ItemListener runs with user privileges, might miss affected views Change By: SCM/JIRA link daemon (24/Sep/14 3:52 PM) Status: InProgress Resolved Resolution: Fixed This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
SCM/JIRA link daemon commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Code changed in jenkins User: Jesse Glick Path: changelog.html core/src/main/java/hudson/model/listeners/ItemListener.java test/src/test/java/hudson/model/ListViewTest.java http://jenkins-ci.org/commit/jenkins/c04cdcd9f717ddcd3e8c9dbe86cb353c14ae511e Log: FIXED JENKINS-22769 ItemListener callbacks should run as SYSTEM since they sometimes do ACL-checked calls. Compare: https://github.com/jenkinsci/jenkins/compare/28dfd90d2d6a...c04cdcd9f717 This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [core] (JENKINS-22769) ListView's ItemListener runs with user privileges, might miss affected views
dogfood commented on JENKINS-22769 ListViews ItemListener runs with user privileges, might miss affected views Integrated in jenkins_main_trunk #3703 FIXED JENKINS-22769 ItemListener callbacks should run as SYSTEM since they sometimes do ACL-checked calls. (Revision c04cdcd9f717ddcd3e8c9dbe86cb353c14ae511e) Result = SUCCESS Jesse Glick : c04cdcd9f717ddcd3e8c9dbe86cb353c14ae511e Files : test/src/test/java/hudson/model/ListViewTest.java changelog.html core/src/main/java/hudson/model/listeners/ItemListener.java This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.