Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-14546

Regular users (others than admin) can't see any nested-views (other than the default one) with role-based authorization strategy activated

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • core, nested-view-plugin
    • - CentOS release 6.2 (Final) x86_64
      - JDK 1.6.0_30
      - Jenkins v1.464 (From Yum)
      - Nested View Plugin v1.8
      - Role-based Authorization Strategy Plugin v1.1.2

      When Role-based Authorization Strategy is applied to Jobs, users others than admin can see their jobs but can't see any Nested-Views (or sub-Nested-views) other than the default one. Only admin user can see all nested views.

          [JENKINS-14546] Regular users (others than admin) can't see any nested-views (other than the default one) with role-based authorization strategy activated

          Hannes Kogler added a comment -

          We have the same problems when using both of the plugins.

          Jenkins v1.518
          Role-based Authorization Strategy Plugin v1.1.2
          Nested View Plugin v1.10

          regardless if the jobs of the nested views have jobs or not. Users with standard permissions cannot access the nested Views and only see those jobs through the All view.
          Would be great if anybody fixes this, because I don't want to grant every user the admin permissions to see all views..

          Hannes Kogler added a comment - We have the same problems when using both of the plugins. Jenkins v1.518 Role-based Authorization Strategy Plugin v1.1.2 Nested View Plugin v1.10 regardless if the jobs of the nested views have jobs or not. Users with standard permissions cannot access the nested Views and only see those jobs through the All view. Would be great if anybody fixes this, because I don't want to grant every user the admin permissions to see all views..

          What is the remaining problem?

          A user assigned to role with Overall.Read & Job.Read & View.Read
          can see nested views.

          Tested on

          • Jenkins 1.538
          • Role-based Authorization Strategy 2.1.0
          • Nested View Plugin 1.13

          Yoichi Nakayama added a comment - What is the remaining problem? A user assigned to role with Overall.Read & Job.Read & View.Read can see nested views. Tested on Jenkins 1.538 Role-based Authorization Strategy 2.1.0 Nested View Plugin 1.13

          Facundo Mateo added a comment - - edited

          Yoichi the problem is that we don't want to give that kind of permission to all users.
          A standar user with just a job specific permission (not global) should view the tab if it contains any allowed job in a subview

          Facundo Mateo added a comment - - edited Yoichi the problem is that we don't want to give that kind of permission to all users. A standar user with just a job specific permission (not global) should view the tab if it contains any allowed job in a subview

          Facundo,
          The behavior described in my previous post is same for ListView and AllView,
          then the remaining problem is not specific to NestedView.

          Yoichi Nakayama added a comment - Facundo, The behavior described in my previous post is same for ListView and AllView, then the remaining problem is not specific to NestedView.

          oblongzebra added a comment -

          Small workaround, if you have a link for the page, a normal user can access the page. (btw we are using 1.534 and are experiencing this problem)

          oblongzebra added a comment - Small workaround, if you have a link for the page, a normal user can access the page. (btw we are using 1.534 and are experiencing this problem)

          Using 1.5.45, this is still present for, at least, list views.

          Pedro Algarvio added a comment - Using 1.5.45, this is still present for, at least, list views.

          Joël Royer added a comment - - edited

          Issue is still present in 1.549!!!

          I have a nested view, with one sub-view (type list view).

          Admin users can see nested view and its sub-view, and all jobs associated with it.
          Regulars users (with only Global Read permission), can't see the nested view. But they can see jobs in the tab "All".

          The only way I found is to assign View Read Permission to regulars users. But they can see all views, even those without jobs.

          Joël Royer added a comment - - edited Issue is still present in 1.549!!! I have a nested view, with one sub-view (type list view). Admin users can see nested view and its sub-view, and all jobs associated with it. Regulars users (with only Global Read permission), can't see the nested view. But they can see jobs in the tab "All". The only way I found is to assign View Read Permission to regulars users. But they can see all views, even those without jobs.

          Klaus Azesberger added a comment - - edited

          I'm not sure yet, but we recently discovered that the folder plugin (there is also a non-enterprise one) could maybe become handy in these cases instead of using the nested view plugin. hth

          Klaus Azesberger added a comment - - edited I'm not sure yet, but we recently discovered that the folder plugin (there is also a non-enterprise one) could maybe become handy in these cases instead of using the nested view plugin. hth

          Harry G. added a comment -

          True, we also use Folders Plugin. It avoids this bug, but introduces a different concept - with some other advantages, but lots of changes.

          Harry G. added a comment - True, we also use Folders Plugin. It avoids this bug, but introduces a different concept - with some other advantages, but lots of changes.

          i created a pull request to fix this bug: https://github.com/jenkinsci/nested-view-plugin/pull/20

          the fix involves implementing the hasPermission method in the nestedview class. the method checks if any of the containing sub views returns true for hasPermission, if none returned true, it calls super.hasPermission. this allows configuration of empty nested views.

          Daniel Mueller added a comment - i created a pull request to fix this bug: https://github.com/jenkinsci/nested-view-plugin/pull/20 the fix involves implementing the hasPermission method in the nestedview class. the method checks if any of the containing sub views returns true for hasPermission, if none returned true, it calls super.hasPermission. this allows configuration of empty nested views.

            mindless Alan Harder
            aherbe Anthony HERBÉ
            Votes:
            16 Vote for this issue
            Watchers:
            24 Start watching this issue

              Created:
              Updated: