Details
-
Type:
Bug
-
Status: Reopened (View Workflow)
-
Priority:
Major
-
Resolution: Unresolved
-
Component/s: core, nested-view-plugin, role-strategy-plugin
-
Environment:- CentOS release 6.2 (Final) x86_64
- JDK 1.6.0_30
- Jenkins v1.464 (From Yum)
- Nested View Plugin v1.8
- Role-based Authorization Strategy Plugin v1.1.2
-
Similar Issues:
Description
When Role-based Authorization Strategy is applied to Jobs, users others than admin can see their jobs but can't see any Nested-Views (or sub-Nested-views) other than the default one. Only admin user can see all nested views.
Attachments
Issue Links
- duplicates
-
-
- Closed
-
Activity
True, we also use Folders Plugin. It avoids this bug, but introduces a different concept - with some other advantages, but lots of changes.
I'm not sure yet, but we recently discovered that the folder plugin (there is also a non-enterprise one) could maybe become handy in these cases instead of using the nested view plugin. hth
Issue is still present in 1.549!!!
I have a nested view, with one sub-view (type list view).
Admin users can see nested view and its sub-view, and all jobs associated with it.
Regulars users (with only Global Read permission), can't see the nested view. But they can see jobs in the tab "All".
The only way I found is to assign View Read Permission to regulars users. But they can see all views, even those without jobs.
Using 1.5.45, this is still present for, at least, list views.
i created a pull request to fix this bug: https://github.com/jenkinsci/nested-view-plugin/pull/20
the fix involves implementing the hasPermission method in the nestedview class. the method checks if any of the containing sub views returns true for hasPermission, if none returned true, it calls super.hasPermission. this allows configuration of empty nested views.