Re: Role Strategy Plugin - how to apply multiple patterns in project roles

[Rob C]

I'm replying because this thread is a very high result on google searches.
You can enter a string such as this into the "Pattern" field to allow a 
single role to apply multiple prefix patterns

((prefix1|prefix2|prefix3).*)

Or if you want to match on the middle of a job name you can do something 
like this 

(.*(middle1|middle2|middle3).*) 


-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/1ec31cd1-22cc-4b0e-b665-7bb9aee117d7n%40googlegroups.com.

Performance Improvements to Role Strategy Plugin - Google Summer of Code 2019f

[Abhyudaya Sharma]

Hi everyone!

I'm Abhyudaya from New Delhi, India and I'm participating in this year's
Google Summer of Code. I'm working on improving the performance of the Role
Strategy Plugin. I'm really excited to contribute to Jenkins throughout
this summer with support from my mentors Oleg Nenashev, Runze Xia and Supun
Wanniarachchi. You can find more details about my project here
<https://summerofcode.withgoogle.com/projects/#6612887823450112>.

As there are a lot of ways to use the Role Strategy Plugin, could you
please let me know how you use it to manage your Jenkins instances? It
would be great if you could share some ideas with me that you may have to
help improve this plugin and its performance affecting your use cases. It
will also be really useful to know how your projects built by Jenkins are
organized and the general pattern (if any) of the regular expressions that
you may use for the Role Strategy Plugin.

To discuss and sync-up on the project, we have a couple of meetings every
week, at 7:00 AM UTC on Tuesdays and Fridays. We also discuss our project
on the Role Strategy Plugin Gitter
<https://gitter.im/jenkinsci/role-strategy-plugin> chatroom. The project
page <https://jenkins.io/projects/gsoc/2019/role-strategy-performance/> on
Jenkins Website also contains details about this project. It will be really
great if you could join us and help improve this plugin. I’m really looking
forward to working with this amazing community!
Thanks
Abhyudaya Sharma
GitHub: AbhyudayaSharma

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAPBRr8eg3-xGAwx77gUH%3DHAWs%2Bur%3D0rogV6Yf2XDg64HzVMyEA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Role Strategy Plugin - how to apply multiple patterns in project roles

[Kaushal]

Maneesh thanks for the reference.

@daniel 

the following worked for me

*"(?)joba||(?)jobb||(?)jobc||(?)jobn"*

where job{a..n} are the job names.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/36290579-3d9c-4f61-adc0-ff35d467918d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

RE: Users unable to build projects they're authorized for via role-strategy-plugin

[Benjamin Primrose]

Yeah, I had nothing too.  I’m not a good enough coder to provide a patch & 
merge request, and the role-base security plugin doesn’t have a bug submission 
link that I can find.

From: jenkinsci-users@googlegroups.com  On 
Behalf Of Richard Bywater
Sent: Friday, January 18, 2019 4:19 PM
To: jenkinsci-users@googlegroups.com
Subject: Re: Users unable to build projects they're authorized for via 
role-strategy-plugin

I've had this issue in the part. In my experience there isn't really much that 
you can do about it except to try and get people to use a particular case when 
logging in (e.g. all lower case).

If there's an alternative option that can be chosen would love to hear about it 
though.

Richard.

On Sat, 19 Jan 2019, 5:38 AM Benjamin Primrose, 
mailto:bprimr...@wcu.com>> wrote:
I’m not sure if this is FYI or a plea for help☺  TL:DR, role-strategy-plugin 
evaluates user permissions by case-sensitively comparing the username as 
entered in Assign Roles with the way they typed their name when *logging in*.


Running:

   Jenkins 2.150.2 on windows server 2016
Active Directory plugin 2.10 (this may be incidental info)
Role-based Authorization Strategy 2.9.0


What’s happening:

I’m configuring a set of users with access.  Adding the users to project 
roles in “Manage Jenkins”->”Manage and Assign Roles”->”Assign Roles” works 
wonderfully.  More importantly, it is *case insensitive*.  User’s logons at 
this org have the initial letter of first and last name capitalized in active 
directory, but no matter what case they’re entered in here the lookup in AD 
succeeds.

The issue occurred when those users attempt to build the projects they’re 
authorized for—they can’t.  I have a secondary account of my own, which I added 
in the same way as the other users.  It could build projects, so I know my 
project role regex is OK.  The one other user who did work I’d lazily entered 
in all lower case instead of in the local “official” mixed-case format.  We 
went through the AD config for that user to figure out which field had their 
username in all lower case, but none did.  After some talking in circles, most 
users are entering their username in all lower case when logging in.  It 
appears the role-strategy-plugin compares the username logged in with *as 
typed* against the username entered in the Assign Roles config screen *as 
typed*.


I had expected either the Assign Roles screen and logging in to do a lookup 
against AD, and store the actual username.  The actual behavior is very 
finicky, and some users do enter their username in mixed case.  Does anyone 
have a fix or workaround for this?




Benjamin Primrose
Principal Developer
• Fitchburg, MA 01420

Ph:978-353-8054 • bprimr...@wcu.com<mailto:bprimr...@wcu.com>



[https://www.wcu.com/wp-content/uploads/2018/10/WorkersLogo_4cp.png]



Confidentiality Notice:  The materials in this electronic mail transmission 
(including attachments) are private and confidential and are the property of 
the sender and Workers Credit Union.  Unless stated to the contrary, any 
opinions or comments are personal to the writer and do not represent the 
official view of Workers Credit Union.  If you are not the intended recipient, 
you are hereby notified that any use, dissemination, disclosure or copying of 
this communication is strictly prohibited.  If you have received this 
communication in error, please destroy all copies of this message and its 
attachments and notify us immediately.  Thank you.


--
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 
jenkinsci-users+unsubscr...@googlegroups.com<mailto:jenkinsci-users+unsubscr...@googlegroups.com>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/5c4200fc.1c69fb81.a63cb.3fdaSMTPIN_ADDED_MISSING%40gmr-mx.google.com<https://groups.google.com/d/msgid/jenkinsci-users/5c4200fc.1c69fb81.a63cb.3fdaSMTPIN_ADDED_MISSING%40gmr-mx.google.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 
jenkinsci-users+unsubscr...@googlegroups.com<mailto:jenkinsci-users+unsubscr...@googlegroups.com>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAAy0hwei9hQB1NqPuBg8XtJo%2BA_vbgsNxHeoYsOPvfHkk0mQng%40mail.gmail.com<https://groups.google.com/d/msgid/jenkinsci-users/CAAy0hwei9hQB1NqPuBg8XtJo%2BA_vbgsNxHeoYsOPvfHkk0mQng%40mail.gmail.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are s

Re: Users unable to build projects they're authorized for via role-strategy-plugin

[Richard Bywater]

I've had this issue in the part. In my experience there isn't really much
that you can do about it except to try and get people to use a particular
case when logging in (e.g. all lower case).

If there's an alternative option that can be chosen would love to hear
about it though.

Richard.

On Sat, 19 Jan 2019, 5:38 AM Benjamin Primrose,  wrote:

> I’m not sure if this is FYI or a plea for helpJ  TL:DR,
> role-strategy-plugin evaluates user permissions by case-sensitively
> comparing the username as entered in Assign Roles with the way they typed
> their name when *logging in*.
>
>
>
>
>
> Running:
>
>
>
>Jenkins 2.150.2 on windows server 2016
>
> Active Directory plugin 2.10 (this may be incidental info)
>
> Role-based Authorization Strategy 2.9.0
>
>
>
>
>
> What’s happening:
>
>
>
> I’m configuring a set of users with access.  Adding the users to
> project roles in “Manage Jenkins”->”Manage and Assign Roles”->”Assign
> Roles” works wonderfully.  More importantly, it is **case insensitive**.
> User’s logons at this org have the initial letter of first and last name
> capitalized in active directory, but no matter what case they’re entered in
> here the lookup in AD succeeds.
>
>
>
> The issue occurred when those users attempt to build the projects
> they’re authorized for—they can’t.  I have a secondary account of my own,
> which I added in the same way as the other users.  It could build projects,
> so I know my project role regex is OK.  The one other user who did work I’d
> lazily entered in all lower case instead of in the local “official”
> mixed-case format.  We went through the AD config for that user to figure
> out which field had their username in all lower case, but none did.  After
> some talking in circles, most users are entering their username in all
> lower case when logging in.  It appears the role-strategy-plugin compares
> the username logged in with **as typed** against the username entered in
> the Assign Roles config screen **as typed**.
>
>
>
>
>
> I had expected either the Assign Roles screen and logging in to do a
> lookup against AD, and store the actual username.  The actual behavior is
> very finicky, and some users do enter their username in mixed case.  Does
> anyone have a fix or workaround for this?
>
>
>
>
>
> Benjamin Primrose
> Principal Developer
> • Fitchburg, MA 01420
>
> Ph:978-353-8054 • bprimr...@wcu.com
>
>
>
>
>
> *Confidentiality Notice:  The materials in this electronic mail
> transmission (including attachments) are private and confidential and are
> the property of the sender and Workers Credit Union.  Unless stated to the
> contrary, any opinions or comments are personal to the writer and do not
> represent the official view of Workers Credit Union.  If you are not the
> intended recipient, you are hereby notified that any use, dissemination,
> disclosure or copying of this communication is strictly prohibited.  If you
> have received this communication in error, please destroy all copies of
> this message and its attachments and notify us immediately.  Thank you.*
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-users/5c4200fc.1c69fb81.a63cb.3fdaSMTPIN_ADDED_MISSING%40gmr-mx.google.com
> <https://groups.google.com/d/msgid/jenkinsci-users/5c4200fc.1c69fb81.a63cb.3fdaSMTPIN_ADDED_MISSING%40gmr-mx.google.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CAAy0hwei9hQB1NqPuBg8XtJo%2BA_vbgsNxHeoYsOPvfHkk0mQng%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Users unable to build projects they're authorized for via role-strategy-plugin

[Benjamin Primrose]

I’m not sure if this is FYI or a plea for help☺  TL:DR, role-strategy-plugin 
evaluates user permissions by case-sensitively comparing the username as 
entered in Assign Roles with the way they typed their name when *logging in*.


Running:

   Jenkins 2.150.2 on windows server 2016
Active Directory plugin 2.10 (this may be incidental info)
Role-based Authorization Strategy 2.9.0


What’s happening:

I’m configuring a set of users with access.  Adding the users to project 
roles in “Manage Jenkins”->”Manage and Assign Roles”->”Assign Roles” works 
wonderfully.  More importantly, it is *case insensitive*.  User’s logons at 
this org have the initial letter of first and last name capitalized in active 
directory, but no matter what case they’re entered in here the lookup in AD 
succeeds.

The issue occurred when those users attempt to build the projects they’re 
authorized for—they can’t.  I have a secondary account of my own, which I added 
in the same way as the other users.  It could build projects, so I know my 
project role regex is OK.  The one other user who did work I’d lazily entered 
in all lower case instead of in the local “official” mixed-case format.  We 
went through the AD config for that user to figure out which field had their 
username in all lower case, but none did.  After some talking in circles, most 
users are entering their username in all lower case when logging in.  It 
appears the role-strategy-plugin compares the username logged in with *as 
typed* against the username entered in the Assign Roles config screen *as 
typed*.


I had expected either the Assign Roles screen and logging in to do a lookup 
against AD, and store the actual username.  The actual behavior is very 
finicky, and some users do enter their username in mixed case.  Does anyone 
have a fix or workaround for this?




Benjamin Primrose
Principal Developer
• Fitchburg, MA 01420

Ph:978-353-8054 • bprimr...@wcu.com<mailto:bprimr...@wcu.com>



[https://www.wcu.com/wp-content/uploads/2018/10/WorkersLogo_4cp.png]



Confidentiality Notice:  The materials in this electronic mail transmission 
(including attachments) are private and confidential and are the property of 
the sender and Workers Credit Union.  Unless stated to the contrary, any 
opinions or comments are personal to the writer and do not represent the 
official view of Workers Credit Union.  If you are not the intended recipient, 
you are hereby notified that any use, dissemination, disclosure or copying of 
this communication is strictly prohibited.  If you have received this 
communication in error, please destroy all copies of this message and its 
attachments and notify us immediately.  Thank you.


-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/5c4200fc.1c69fb81.a63cb.3fdaSMTPIN_ADDED_MISSING%40gmr-mx.google.com.
For more options, visit https://groups.google.com/d/optout.

Role Strategy Plugin

['Uygar Bayar' via Jenkins Users]

Hi all, 
I have a question about Role Strategy  Plugin. We use version 2.6.1. 
I get answer from this query : 

curl -X GET -uX: 
'http://localhost:8081/role-strategy/strategy/getAllRoles'

But when i try to add a new role I get this :
curl -X POST -uX: 
'http://localhost:8081/role-strategy/strategy/unassignRole --data 
"type=globalRoles&roleName=developers&sid=test"'

Bad Message 400reason: Unknown Version

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/1526d57d-fcbe-4caa-826e-7c20bdfe5008%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Role strategy plugin: how to give specific access

[Alex Domoradov]

Thanks a lot. It is exactly what I was looking for. It works like a charm

On Thursday, May 18, 2017 at 6:42:36 PM UTC+3, Artur Szostak wrote:
>
> I believe you need to install "Extended Read Permission Plugin" to add an 
> additional cell to the permission table. Then you can select/check the 
> "ExtendedRead" option rather than the "Configure" option to give read only 
> access to the job's configuration. 
>
>  
> From: jenkins...@googlegroups.com  <
> jenkins...@googlegroups.com > on behalf of Alex Domoradov <
> alex...@gmail.com > 
> Sent: 18 May 2017 17:32:08 
> To: Jenkins Users 
> Subject: Role strategy plugin: how to give specific access 
>
> Hello, 
>
> we have been using role strategy plugin for a few years. And it works 
> fine. But now we need to give specific access to specific users. We need 
> that people will be able to view configuration of a job but at the same 
> time they won't be able to change the configuration itself. Is it possible 
> to configure the plugin in such way? 
>
> Thanks in advance 
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Users" group. 
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-use...@googlegroups.com  jenkinsci-users+unsubscr...@googlegroups.com >. 
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/jenkinsci-users/bf2694a2-6686-4439-9cd8-6a77a6ee0aec%40googlegroups.com
> <
> https://groups.google.com/d/msgid/jenkinsci-users/bf2694a2-6686-4439-9cd8-6a77a6ee0aec%40googlegroups.com?utm_medium=email&utm_source=footer>.
>  
>
> For more options, visit https://groups.google.com/d/optout. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/b26e23c6-8cef-4518-ab01-e9a164c504d7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Role strategy plugin: how to give specific access

[Artur Szostak]

I believe you need to install "Extended Read Permission Plugin" to add an 
additional cell to the permission table. Then you can select/check the 
"ExtendedRead" option rather than the "Configure" option to give read only 
access to the job's configuration.


From: jenkinsci-users@googlegroups.com  on 
behalf of Alex Domoradov 
Sent: 18 May 2017 17:32:08
To: Jenkins Users
Subject: Role strategy plugin: how to give specific access

Hello,

we have been using role strategy plugin for a few years. And it works fine. But 
now we need to give specific access to specific users. We need that people will 
be able to view configuration of a job but at the same time they won't be able 
to change the configuration itself. Is it possible to configure the plugin in 
such way?

Thanks in advance

--
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 
jenkinsci-users+unsubscr...@googlegroups.com<mailto:jenkinsci-users+unsubscr...@googlegroups.com>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/bf2694a2-6686-4439-9cd8-6a77a6ee0aec%40googlegroups.com<https://groups.google.com/d/msgid/jenkinsci-users/bf2694a2-6686-4439-9cd8-6a77a6ee0aec%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/b4a7de7518d04b1e97a4074292848d79%40partner.eso.org.
For more options, visit https://groups.google.com/d/optout.

Role strategy plugin: how to give specific access

[Alex Domoradov]

Hello,

we have been using role strategy plugin for a few years. And it works fine. 
But now we need to give specific access to specific users. We need that 
people will be able to view configuration of a job but at the same time 
they won't be able to change the configuration itself. Is it possible to 
configure the plugin in such way?

Thanks in advance

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/bf2694a2-6686-4439-9cd8-6a77a6ee0aec%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Issues with role-strategy plugin on 2.32.1

[Francisca Munhoz]

Thanks for your help! The issue was fixed!

On Friday, January 13, 2017 at 12:52:58 AM UTC+11, Daniel Beck wrote:
>
>
> > On 11.01.2017, at 23:10, Francisca Munhoz  > wrote: 
> > 
> > Caused by: com.thoughtworks.xstream.mapper.CannotResolveClassException: 
> com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy 
> > 
> > 
>
> You're using the role strategy plugin and it isn't installed, disabled, or 
> failed to load. The Jenkins log will tell you which. 
>
> That last one could be caused by 
> https://jenkins.io/doc/upgrade-guide/2.19/#plugin-dependency-resolution-fix 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/038e26d0-db6a-4272-a13b-0380a9319bd5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Issues with role-strategy plugin on 2.32.1

[Daniel Beck]

> On 11.01.2017, at 23:10, Francisca Munhoz  wrote:
> 
> Caused by: com.thoughtworks.xstream.mapper.CannotResolveClassException: 
> com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy
> 
> 

You're using the role strategy plugin and it isn't installed, disabled, or 
failed to load. The Jenkins log will tell you which.

That last one could be caused by 
https://jenkins.io/doc/upgrade-guide/2.19/#plugin-dependency-resolution-fix

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/B229AC98-1710-40C2-A539-E330660C1076%40beckweb.net.
For more options, visit https://groups.google.com/d/optout.

Issues with role-strategy plugin on 2.32.1

[Francisca Munhoz]

I have upgraded from 2.7.1 to 2.32.1 yesterday, and I got this message 
about RoleBasedAuthorizationStrategy:

Does anyone had this issue before? 

I was using role-strategy:2.3.2 on 2.7.1 and it did not changed for 2.32.1


hudson.util.HudsonFailedToLoad: org.jvnet.hudson.reactor.ReactorException: 
java.io.IOException: Unable to read /home/jenkins/config.xml
at hudson.WebAppMain$3.run(WebAppMain.java:248)
Caused by: org.jvnet.hudson.reactor.ReactorException: java.io.IOException: 
Unable to read /home/jenkins/config.xml
at org.jvnet.hudson.reactor.Reactor.execute(Reactor.java:269)
at jenkins.InitReactorRunner.run(InitReactorRunner.java:47)
at jenkins.model.Jenkins.executeReactor(Jenkins.java:1110)
at jenkins.model.Jenkins.(Jenkins.java:926)
at hudson.model.Hudson.(Hudson.java:85)
at hudson.model.Hudson.(Hudson.java:81)
at hudson.WebAppMain$3.run(WebAppMain.java:231)
Caused by: java.io.IOException: Unable to read /home/jenkins/config.xml
at hudson.XmlFile.unmarshal(XmlFile.java:161)
at jenkins.model.Jenkins.loadConfig(Jenkins.java:3015)
at jenkins.model.Jenkins.access$1100(Jenkins.java:326)
at jenkins.model.Jenkins$16.run(Jenkins.java:3033)
at 
org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:169)
at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:282)
at jenkins.model.Jenkins$7.runTask(Jenkins.java:1086)
at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:210)
at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: jenkins.util.xstream.CriticalXStreamException: 
com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy : 
com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy
 Debugging information 
message : 
com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy
cause-exception : 
com.thoughtworks.xstream.mapper.CannotResolveClassException
cause-message   : 
com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy
class   : hudson.model.Hudson
required-type   : hudson.model.Hudson
converter-type  : hudson.util.RobustReflectionConverter
path: /hudson/authorizationStrategy
line number : 8
version : not available
---
at 
hudson.util.RobustReflectionConverter.doUnmarshal(RobustReflectionConverter.java:356)
at 
hudson.util.RobustReflectionConverter.unmarshal(RobustReflectionConverter.java:270)
at 
com.thoughtworks.xstream.core.TreeUnmarshaller.convert(TreeUnmarshaller.java:72)
at 
com.thoughtworks.xstream.core.AbstractReferenceUnmarshaller.convert(AbstractReferenceUnmarshaller.java:65)
at 
com.thoughtworks.xstream.core.TreeUnmarshaller.convertAnother(TreeUnmarshaller.java:66)
at 
com.thoughtworks.xstream.core.TreeUnmarshaller.convertAnother(TreeUnmarshaller.java:50)
at 
com.thoughtworks.xstream.core.TreeUnmarshaller.start(TreeUnmarshaller.java:134)
at 
com.thoughtworks.xstream.core.AbstractTreeMarshallingStrategy.unmarshal(AbstractTreeMarshallingStrategy.java:32)
at com.thoughtworks.xstream.XStream.unmarshal(XStream.java:1189)
at hudson.util.XStream2.unmarshal(XStream2.java:114)
at com.thoughtworks.xstream.XStream.unmarshal(XStream.java:1173)
at hudson.XmlFile.unmarshal(XmlFile.java:159)
... 11 more
Caused by: com.thoughtworks.xstream.mapper.CannotResolveClassException: 
com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy
at 
com.thoughtworks.xstream.mapper.DefaultMapper.realClass(DefaultMapper.java:79)
at 
com.thoughtworks.xstream.mapper.MapperWrapper.realClass(MapperWrapper.java:30)
at 
com.thoughtworks.xstream.mapper.DynamicProxyMapper.realClass(DynamicProxyMapper.java:55)
at 
com.thoughtworks.xstream.mapper.MapperWrapper.realClass(MapperWrapper.java:30)
at 
com.thoughtworks.xstream.mapper.PackageAliasingMapper.realClass(PackageAliasingMapper.java:88)
at 
com.thoughtworks.xstream.mapper.MapperWrapper.realClass(MapperWrapper.java:30)
at 
com.thoughtworks.xstream.mapper.ClassAliasingMapper.realClass(ClassAliasingMapper.java:79)
at 
com.thoughtworks.xstream.mapper.MapperWrapper.realClass(MapperWrapper.java:30)
at 
com.thoughtworks.xstream.mapper.MapperWrapper.realClass(MapperWrapper.java:30)
at 
com.thoughtworks.xstream.mapper.MapperWrapper.realClass(MapperWrapper.java:30)
at 
com.thoughtworks.xstream.mapper.MapperWrapper.realClass(MapperWrapper.java:30)
at 
com.thoughtworks.xstream.map

setting roles in role-strategy-plugin through groovy script

[Maneesh M P]

Can anyone help me to figure out to how to write a groovy script to set 
roles through groovy script in role based strategy ?

I am able to do it for MatrixAuthorization 

def strategy = new GlobalMatrixAuthorizationStrategy()
strategy.add(Jenkins.ADMINISTER, "test")  
strategy.add(Jenkins.READ, "test")  
strategy.add(Jenkins.RUN_SCRIPTS, "test")
instance.setAuthorizationStrategy(strategy)
instance.save()

but same way if i try for RoleBasedAuthorization it doesn't work
def strategy = new 
com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy()

Thanks,
Maneesh

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/dcc8e0d4-af2f-45af-9277-782a3b108880%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Manual Promotion and Upstream Promotion Criteria along with Role Strategy plugin

[scott]

The "Force Promotion" button seems to appear when you are not an "official" 
approver for a manual approval step - but you have the "Promotion" 
permission associated with your Jenkins role (which appears to act as an 
override, and is *not* needed - unless you want a specific role to have 
that override behavior.)

In addition, for at least some roles providers (like Cloudbees RBAC), the 
promotion plugin doesn't appear to recognize group names.  I've had to put 
in the full email address of the approvers - then they get the actual 
"approve" button.

On Thursday, August 29, 2013 3:52:14 AM UTC-5, Deevan Kumar wrote:
>
> Thanks for the reply... I agree it works fine with manual approver as 
> username, but i am trying to use role which is defined using RoleStrategy 
> plugin. By mentioning the role as manual approver it does not provide 
> "Approve Button" but only "Force promotion" 
>
>
> Regards, 
> Deevan 
>
>
>
> -- 
> View this message in context: 
> http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887p4677146.html
>  
> Sent from the Jenkins users mailing list archive at Nabble.com. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Role Strategy Plugin: Groups?

[Stephen Connolly]

On Monday, 17 February 2014, Kevin Gary  wrote:

> Ah OK thanks. Yes it is nice that is why I wanted it ;)
>
> Guess I'll have to go the long way. You folks ought to consider academic
> pricing :)
>
>
> KG
>
>
> On Monday, February 17, 2014 12:26:29 PM UTC-7, Stephen Connolly wrote:
>>
>> You are looking at the CloudBees RBAC plugin docs and not the role
>> strategy plugin docs.
>>
>> The CloudBees RBAC plugin is a Jenkins Enterprise plugin and requires a
>> for pay license.
>>
>> BTW I put a lot of effort into giving it that nice UI for editing groups
>> ;-)
>>
>> On Monday, 17 February 2014, Kevin Gary  wrote:
>>
>>> I have looked all over the place for an answer to a seemingly simple
>>> question. I am teaching a class where we are using a Jenkins server to
>>> build each student project. The projects are worked on in groups of 6
>>> students. So I want to create a group per project and give those students
>>> access to configure and execute their builds. In the documentation it shows
>>> a nice easy way to create groups, and the I can use the role strategy
>>> plugin to define permissions to projects associated with the groups.
>>>
>>> http://jenkins-enterprise.cloudbees.com/docs/user-guide-
>>> bundle/rbac-sect-setup.html#rbac-img-manage-groups-new-name
>>>
>>> But it doesn't say how I get that Group left-nav enabled in the 1st
>>> place??? I have the role strategy plugin installed and working, but I do
>>> not see how I enable these groups.
>>>
>>> KG
>>>
>>>  --
>>> You received this message because you are subscribed to the Google
>>> Groups "Jenkins Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to jenkinsci-users+unsubscr...@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>
>>
>>
>> --
>> Sent from my phone
>>
>
I have logged the request


>  --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to 
> jenkinsci-users+unsubscr...@googlegroups.com
> .
> For more options, visit https://groups.google.com/groups/opt_out.
>


-- 
Sent from my phone

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Role Strategy Plugin: Groups?

[Kevin Gary]

Ah OK thanks. Yes it is nice that is why I wanted it ;)

Guess I'll have to go the long way. You folks ought to consider academic 
pricing :)

KG


On Monday, February 17, 2014 12:26:29 PM UTC-7, Stephen Connolly wrote:
>
> You are looking at the CloudBees RBAC plugin docs and not the role 
> strategy plugin docs.
>
> The CloudBees RBAC plugin is a Jenkins Enterprise plugin and requires a 
> for pay license.
>
> BTW I put a lot of effort into giving it that nice UI for editing groups 
> ;-)
>
> On Monday, 17 February 2014, Kevin Gary > 
> wrote:
>
>> I have looked all over the place for an answer to a seemingly simple 
>> question. I am teaching a class where we are using a Jenkins server to 
>> build each student project. The projects are worked on in groups of 6 
>> students. So I want to create a group per project and give those students 
>> access to configure and execute their builds. In the documentation it shows 
>> a nice easy way to create groups, and the I can use the role strategy 
>> plugin to define permissions to projects associated with the groups.
>>
>>
>> http://jenkins-enterprise.cloudbees.com/docs/user-guide-bundle/rbac-sect-setup.html#rbac-img-manage-groups-new-name
>>
>> But it doesn't say how I get that Group left-nav enabled in the 1st 
>> place??? I have the role strategy plugin installed and working, but I do 
>> not see how I enable these groups.
>>
>> KG
>>
>>  -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Jenkins Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to jenkinsci-users+unsubscr...@googlegroups.com.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
> -- 
> Sent from my phone
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Role Strategy Plugin: Groups?

[Stephen Connolly]

You are looking at the CloudBees RBAC plugin docs and not the role strategy
plugin docs.

The CloudBees RBAC plugin is a Jenkins Enterprise plugin and requires a for
pay license.

BTW I put a lot of effort into giving it that nice UI for editing groups ;-)

On Monday, 17 February 2014, Kevin Gary  wrote:

> I have looked all over the place for an answer to a seemingly simple
> question. I am teaching a class where we are using a Jenkins server to
> build each student project. The projects are worked on in groups of 6
> students. So I want to create a group per project and give those students
> access to configure and execute their builds. In the documentation it shows
> a nice easy way to create groups, and the I can use the role strategy
> plugin to define permissions to projects associated with the groups.
>
>
> http://jenkins-enterprise.cloudbees.com/docs/user-guide-bundle/rbac-sect-setup.html#rbac-img-manage-groups-new-name
>
> But it doesn't say how I get that Group left-nav enabled in the 1st
> place??? I have the role strategy plugin installed and working, but I do
> not see how I enable these groups.
>
> KG
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to 
> jenkinsci-users+unsubscr...@googlegroups.com
> .
> For more options, visit https://groups.google.com/groups/opt_out.
>


-- 
Sent from my phone

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Role Strategy Plugin: Groups?

[Kevin Gary]

I have looked all over the place for an answer to a seemingly simple 
question. I am teaching a class where we are using a Jenkins server to 
build each student project. The projects are worked on in groups of 6 
students. So I want to create a group per project and give those students 
access to configure and execute their builds. In the documentation it shows 
a nice easy way to create groups, and the I can use the role strategy 
plugin to define permissions to projects associated with the groups.

http://jenkins-enterprise.cloudbees.com/docs/user-guide-bundle/rbac-sect-setup.html#rbac-img-manage-groups-new-name

But it doesn't say how I get that Group left-nav enabled in the 1st 
place??? I have the role strategy plugin installed and working, but I do 
not see how I enable these groups.

KG

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Role Strategy Plugin not taking effect for user

[Otavio Salvador]

Hello,

(I am not subscribed, please keep me in Cc)

I am trying to set a set of users to have access to specific projects. I 
did:

Global role:

 -partners:

Overall: Read
View: Read

Project role:

 -jobs:

Job: Read

User 

 : -partners

Project roles

 -partners: -jobs


So far everything looks right but when  login he cannot see the
project's jobs or anything. This is confusing as the roles seems to
proper give the read rights for it.

Could someone help on this?

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Difference btw. Enterprise Role-Based-Access-Control and Free Role-Strategy Plugin?

[Daniel Beck]

t; wrote:

> Hi everyone and esp. CloudBees!
> 
> What are the main benefits the Jenkins Enterprise [Role-based Access Control 
> Plugin][1] offers over the free [Role Strategy Plugin][2] ???
> 
> thanks for any insight,
> Martin
> 
> 
> [1] : 
> http://www.cloudbees.com/jenkins-enterprise-by-cloudbees-features-role-based-access-control-plugin.cb
> [2] : https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Difference btw. Enterprise Role-Based-Access-Control and Free Role-Strategy Plugin?

[Walter Kacynski]

I have used the Enterprise Version in a limited trial and I currently use 
the RegEx version in our PROD Jenkins instance.  I like the simplicity and 
centralized management of the RegEx version.   However, the RBAC 
(Enterprise) version allows for decentralized management which is great if 
you want a true multi-use one Jenkins Master to rule them all for your 
company.  My only complaint is that there isn't a report of all the 
security permissions that are defined in the organization for audit 
purposes.

On Tuesday, November 19, 2013 5:04:46 AM UTC-5, Martin B. wrote:
>
> Hi everyone and esp. CloudBees! 
>
> What are the main benefits the Jenkins Enterprise [Role-based Access 
> Control Plugin][1] offers over the free [Role Strategy Plugin][2] ??? 
>
> thanks for any insight, 
> Martin 
>
>
> [1] : 
>
> http://www.cloudbees.com/jenkins-enterprise-by-cloudbees-features-role-based-access-control-plugin.cb
>  
> [2] : https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Difference btw. Enterprise Role-Based-Access-Control and Free Role-Strategy Plugin?

[Stephen Connolly]

Well I am biased, because the RBAC plugin was the first plugin I wrote once
joining CloudBees.

When I started using Jenkins, one of the issues I had is that the LDAP
server is controlled by heavyweight processes, which can even end up being
outsourced to a consulting company. For example at my former employers
there was a person on site who did not work for us and who was responsible
for the corporate IT helpdesk support on-site.

If you wanted to get a new group in LDAP... file a change request, get it
signed by 4 layers of management, and 6 weeks later your request *might* be
approved and a few weeks later still it gets approved.

If you wanted to change the people in the LDAP group... lather rinse repeat.

My solution at the time was to use the PAM authorization strategy and plug
LDAP authentication as the PAM back-end on the Unix side... thus everyone
who could access Jenkins had a unix account on the Jenkins box (with no
login permissions) their password was their corporate password and their
group membership was controlled by using unix groups on the Jenkins server.

That let me manage groups quickly without the pain of change requests...
but it was a messy solution.

So my dream of the ideal authorization strategy is that it would let you
define local groups (which could consist of users, other local groups,
special identities and external groups - if you have a reactive IT then
your local groups may only have one member, i.e. the external group that
contains all the users for that local group).

The RBAC plugin gives you that feature.

Additionally I hated having to manage permissions at the checkbox level, I
wanted roles that contained all the check-boxes you would want for that
*role*.

So the basic model in the RBAC plugin is that you define your roles and
then assign roles to local groups (which are associated with group
containers - i.e. can define groups in folders, jobs, etc).

Because we have roles tied to groups and groups are tied to objects, we
also have the ability to filter out role assignments from higher levels...
that gives you a subtractive model for permissions... allowing easy
configuration of "dark" projects

On the other side we have the Roles strategy... this does not give you
local groups, so you will have a UI pain if there are lots of users that
you want specific permission sets for and they are not exactly mapped by a
security realm group... on top of that, as I understand, the permission
model is additive only, so dark projects can only be created by ensuring
all other projects are light.

One of our customers (you know who you are... I'm humming "Devil's Haircut"
right now) may be able to explain some more, but I understand there are
some, IMHO rare, cases where the Role Strategy's use of regexes to identify
projects to apply roles to can lead to easier configuration of role
assignments...

In general, however, my belief is that the RBAC model, once you get your
head around it, is easier to work with... but I would say that since I came
up with its model


On 19 November 2013 10:04, Martin Ba <0xcdcdc...@gmx.at> wrote:

> Hi everyone and esp. CloudBees!
>
> What are the main benefits the Jenkins Enterprise [Role-based Access
> Control Plugin][1] offers over the free [Role Strategy Plugin][2] ???
>
> thanks for any insight,
> Martin
>
>
> [1] : http://www.cloudbees.com/jenkins-enterprise-by-
> cloudbees-features-role-based-access-control-plugin.cb
> [2] : https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Difference btw. Enterprise Role-Based-Access-Control and Free Role-Strategy Plugin?

[Martin Ba]

Hi everyone and esp. CloudBees!

What are the main benefits the Jenkins Enterprise [Role-based Access 
Control Plugin][1] offers over the free [Role Strategy Plugin][2] ???


thanks for any insight,
Martin


[1] : 
http://www.cloudbees.com/jenkins-enterprise-by-cloudbees-features-role-based-access-control-plugin.cb

[2] : https://wiki.jenkins-ci.org/display/JENKINS/Role+Strategy+Plugin

--
You received this message because you are subscribed to the Google Groups "Jenkins 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Role Strategy Plugin - how to apply multiple patterns in project roles

[Maneesh M P]

You can do with piping I guess

*(?i)RB_MIB.* *|* (?i)HMI_MIB.*  | **(?i)JXE_MIB.**

Thanks,
Maneesh

On Friday, October 11, 2013 4:35:12 AM UTC-7, Daniel Beck wrote:
>
> There's no way to define multiple patterns for a given role (which would 
> enable different permissions depending on the job for the same role). 
>
> But the pattern '(RB|HMI|JXE)_MIB.*' should do it. Maybe look up the 
> java.util.regex.Pattern docs? 
>
> On 11.10.2013, at 13:25, Jan Seidel > 
> wrote: 
>
> > 
> > 
> > Hi folks, 
> > 
> > I am setting up Role Strategy as too many people can peek and poke in 
> too many jobs and mess around. 
> > We have many build jobs which leads me to a problem when assigning Roles 
> in Projects roles. 
> > 
> > I need multiple patterns for a single role if possible. 
> > e.g. the role MIB admin must access all jobs starting with (?i)RB_MIB.*, 
> (?i)HMI_MIB.* and (?i)JXE_MIB.* but not (?i)MB_GUIDE_MIB.* nor any other 
> job that is outside of the scope of this project. 
> > So simply taking (?i).*MIB.* won't work. 
> > 
> > Is it possible to use multiple patterns for one role and if yes, how? 
> > 
> > Cheers 
> > Jan 
> > 
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Jenkins Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to jenkinsci-use...@googlegroups.com . 
> > For more options, visit https://groups.google.com/groups/opt_out. 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Role Strategy Plugin - how to apply multiple patterns in project roles

[Daniel Beck]

There's no way to define multiple patterns for a given role (which would enable 
different permissions depending on the job for the same role).

But the pattern '(RB|HMI|JXE)_MIB.*' should do it. Maybe look up the 
java.util.regex.Pattern docs?

On 11.10.2013, at 13:25, Jan Seidel  wrote:

> 
> 
> Hi folks,
> 
> I am setting up Role Strategy as too many people can peek and poke in too 
> many jobs and mess around.
> We have many build jobs which leads me to a problem when assigning Roles in 
> Projects roles.
> 
> I need multiple patterns for a single role if possible.
> e.g. the role MIB admin must access all jobs starting with (?i)RB_MIB.*, 
> (?i)HMI_MIB.* and (?i)JXE_MIB.* but not (?i)MB_GUIDE_MIB.* nor any other job 
> that is outside of the scope of this project.
> So simply taking (?i).*MIB.* won't work.
> 
> Is it possible to use multiple patterns for one role and if yes, how?
> 
> Cheers
> Jan
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Role Strategy Plugin - how to apply multiple patterns in project roles

[Jan Seidel]

Hi folks,

I am setting up Role Strategy as too many people can peek and poke in too 
many jobs and mess around.
We have many build jobs which leads me to a problem when assigning Roles in 
Projects roles.

I need multiple patterns for a single role if possible.
e.g. the role *MIB admin* must access all jobs starting with *(?i)RB_MIB.*, 
(?i)HMI_MIB.* *and *(?i)JXE_MIB.* *but *not (?i)MB_GUIDE_MIB.** nor any 
other job that is outside of the scope of this project.
So simply taking *(?i).*MIB.** won't work.

Is it possible to use multiple patterns for one role and if yes, how?

Cheers
Jan


-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Manual Promotion and Upstream Promotion Criteria along with Role Strategy plugin

[deevant07]

Thanks for the reply... I agree it works fine with manual approver as
username, but i am trying to use role which is defined using RoleStrategy
plugin. By mentioning the role as manual approver it does not provide
"Approve Button" but only "Force promotion"


Regards,
Deevan



--
View this message in context: 
http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887p4677146.html
Sent from the Jenkins users mailing list archive at Nabble.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Manual Promotion and Upstream Promotion Criteria along with Role Strategy plugin

[John Vacz]

Am 22.08.2013 14:41, schrieb deevant07:

Hi,

I have the following scenario.

A build job is created. On successful build i want the build to be promoted
by a particular role( "DEV Approvers" - Using Role Strategy Plugin ) to
environment say DEV. On successful completion of DEV promotion i want that
build to be enabled for promotion to next level(say UAT) only to particular
role say "UAT-Aproovers". Subsequently the next levels...
We have a similar setting, it is probably less fine grained as yours, 
but it basically works as expectd.


I have used Promoted builds plugin along with Role Strategy plugin. Although
this works to some extent but it does not provide me the exact behavior as
explained above.

1. Job is given access to role "build" with build permission. It allows
users with build role to execute the build.
2. Job is given access to role "DEV Approvers" with promote permission. It
does not give users of "DEV Approvers" the option "Approve Button" but
rather it gives "Force Promotion" Option.
3. Similarly, Job is given access to role "UAT Approvers" with promote
permission. It does not give users of "UAT Approvers" the option "Approve
Button" but rather it gives "force promotion"
In the promotion configuration on job configure screen, we check "only 
when manually approved"
with approvers username provided in the "Approvers" input field. The 
approvers then
have a approve button (IIUC the approver still need the promote 
permission, that means,
the also have the "force promotion" button at the same time). This might 
not be perfect,
but we are not aming at restict role controll, but rather conienience 
for the users.




Now if the step 2 is not executed then i dont want to allow the step 3 to be
executed but in my case step 3 is executing even though  i have given the
criteria "When the following upstream promotions are promoted" with step 2
promotion label.
We also use "When the following upstream promotions are promoted" to 
controll the promotion
dependencies. My experience so far is: if step 2 is not yet promted, the 
user can still do
the step 3 promotion, but it is blocked by step2. If step 2 is promoted, 
then step 3
will be performed immediately thereafter (this is only my observation, I 
didnt test it deliberately,

so I may well be wrong).

Can someone help with a solution or any workaround?

Thanks,
Deevan



--
View this message in context: 
http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887.html
Sent from the Jenkins users mailing list archive at Nabble.com.



--
You received this message because you are subscribed to the Google Groups "Jenkins 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Manual Promotion and Upstream Promotion Criteria along with Role Strategy plugin

[deevant07]

Hi,

I have the following scenario.

A build job is created. On successful build i want the build to be promoted
by a particular role( "DEV Approvers" - Using Role Strategy Plugin ) to
environment say DEV. On successful completion of DEV promotion i want that
build to be enabled for promotion to next level(say UAT) only to particular
role say "UAT-Aproovers". Subsequently the next levels...

I have used Promoted builds plugin along with Role Strategy plugin. Although
this works to some extent but it does not provide me the exact behavior as
explained above.

1. Job is given access to role "build" with build permission. It allows
users with build role to execute the build.
2. Job is given access to role "DEV Approvers" with promote permission. It
does not give users of "DEV Approvers" the option "Approve Button" but
rather it gives "Force Promotion" Option.
3. Similarly, Job is given access to role "UAT Approvers" with promote
permission. It does not give users of "UAT Approvers" the option "Approve
Button" but rather it gives "force promotion"

Now if the step 2 is not executed then i dont want to allow the step 3 to be
executed but in my case step 3 is executing even though  i have given the
criteria "When the following upstream promotions are promoted" with step 2
promotion label.

Can someone help with a solution or any workaround?

Thanks,
Deevan



--
View this message in context: 
http://jenkins-ci.361315.n4.nabble.com/Manual-Promotion-and-Upstream-Promotion-Criteria-along-with-Role-Strategy-plugin-tp4676887.html
Sent from the Jenkins users mailing list archive at Nabble.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.