Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-15277

Check view permissions before showing config page

    XMLWordPrintable

Details

    Description

      In case of views, permissions are checked during form submission allowing to show config page also for unauthorized users.

      Attachments

        Activity

          Code changed in jenkins
          User: Vojtech Juranek
          Path:
          core/src/main/resources/hudson/model/View/configure.jelly
          http://jenkins-ci.org/commit/jenkins/452f4f1c74dd8369644218cd808a16a6376b728b
          Log:
          [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases

          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Vojtech Juranek Path: core/src/main/resources/hudson/model/View/configure.jelly http://jenkins-ci.org/commit/jenkins/452f4f1c74dd8369644218cd808a16a6376b728b Log: [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases
          vjuranek vjuranek added a comment -

          Changed to critical to spot it when searching for LTS backports, as it has some security consequences.

          vjuranek vjuranek added a comment - Changed to critical to spot it when searching for LTS backports, as it has some security consequences.
          dogfood dogfood added a comment -

          Integrated in jenkins_main_trunk #1947
          [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases (Revision 452f4f1c74dd8369644218cd808a16a6376b728b)

          Result = SUCCESS
          Vojtech Juranek : 452f4f1c74dd8369644218cd808a16a6376b728b
          Files :

          • core/src/main/resources/hudson/model/View/configure.jelly
          dogfood dogfood added a comment - Integrated in jenkins_main_trunk #1947 [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases (Revision 452f4f1c74dd8369644218cd808a16a6376b728b) Result = SUCCESS Vojtech Juranek : 452f4f1c74dd8369644218cd808a16a6376b728b Files : core/src/main/resources/hudson/model/View/configure.jelly

          People

            vjuranek vjuranek
            vjuranek vjuranek
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: