Status: Closed (View Workflow)
Jenkins 1.459 + Nested View Plugin 1.8 + Role-based Authorization Strategy 1.1.2
User has read permissions for "View" but Jenkins main page is missing Nested views (even if they have sub views with jobs).
Adding "configure" perms for "View" results in Nested views showing up correctly.
It looks like it's connected with:
"Added the View.READ permission to control visibility of views, and updated the default implementation to hide empty views. (issue 3681)"
- is duplicated by
JENKINS-14546 Regular users (others than admin) can't see any nested-views (other than the default one) with role-based authorization strategy activated
JENKINS-13942 Cannot display the view for Readonly user
JENKINS-17315 Nested view no longer shows unless logged in
- is related to
JENKINS-3681 Hide Empty Tabs (Views) in the GUI
|Field||Original Value||New Value|
This issue is related to
|Assignee||Alan Harder [ mindless ]||Kohsuke Kawaguchi [ kohsuke ]|
Seeing the same with matrix based security.
Nested View Plugin 1.8.
Active Directory plugin 1.23
Upgraded from 1.456 (which had nested views of nested views showing ok) to 1.462 and now it only shows the default "All" view and no nested views.
Had to revert and will have to stick with 1.458 until nested tabs can be visible again with "anonymous view.read" permission.
Pull request created for this issue
Upgraded from 1.458 to 1.463 yesterday and started experiencing this issue. It's fairly important in our company implementation that anonymous users be able to continue to browse through nested views without requiring authentication; for security purposes, the workaround of giving configure perms for View for anonymous is not viable.
Badly in need of this correction. The workaround to give 'Configure' permission for the same seems to be dangerous.
Code changed in jenkins
User: Vincent Latombe
Backward compatibility is preventing the View.READ permission to apply
correctly. It actually overrides the View.READ instead of complementing
This change only applies default READ right if the View.READ is not
available, and the user has View.CONFIGURE + the view is not empty.
|Resolution||Fixed [ 1 ]|
|Status||Open [ 1 ]||Resolved [ 5 ]|
So which release contains this correction? The changelogs doesn't seem to indicate this.
This issue is duplicated by
Integrated in jenkins_ui-changes_branch #30
[FIXED JENKINS-13429] (Revision d1b2ba7e4988d26fbb815b8912efb16273c407d4)
Result = SUCCESS
Kohsuke Kawaguchi : d1b2ba7e4988d26fbb815b8912efb16273c407d4
|Link||This issue is duplicated by JENKINS-14546 [ JENKINS-14546 ]|
This issue is duplicated by
|Status||Resolved [ 5 ]||Closed [ 6 ]|
|Workflow||JNJira [ 143895 ]||JNJira + In-Review [ 205788 ]|
Taking into consideration, that Sectioned View plugin will laso have the same problem if we use it without any job inside (for example using only text lists inside) I think that "hide empty views" implementation is too naive, looking only at jobs directly under view.