Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-15277

Check view permissions before showing config page

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Critical Critical
    • core

      In case of views, permissions are checked during form submission allowing to show config page also for unauthorized users.

          [JENKINS-15277] Check view permissions before showing config page

          Code changed in jenkins
          User: Vojtech Juranek
          Path:
          core/src/main/resources/hudson/model/View/configure.jelly
          http://jenkins-ci.org/commit/jenkins/452f4f1c74dd8369644218cd808a16a6376b728b
          Log:
          [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Vojtech Juranek Path: core/src/main/resources/hudson/model/View/configure.jelly http://jenkins-ci.org/commit/jenkins/452f4f1c74dd8369644218cd808a16a6376b728b Log: [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases

          vjuranek added a comment -

          Changed to critical to spot it when searching for LTS backports, as it has some security consequences.

          vjuranek added a comment - Changed to critical to spot it when searching for LTS backports, as it has some security consequences.

          dogfood added a comment -

          Integrated in jenkins_main_trunk #1947
          [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases (Revision 452f4f1c74dd8369644218cd808a16a6376b728b)

          Result = SUCCESS
          Vojtech Juranek : 452f4f1c74dd8369644218cd808a16a6376b728b
          Files :

          • core/src/main/resources/hudson/model/View/configure.jelly

          dogfood added a comment - Integrated in jenkins_main_trunk #1947 [Fixed JENKINS-15277] Check permissions before showing config page as we did in all other cases (Revision 452f4f1c74dd8369644218cd808a16a6376b728b) Result = SUCCESS Vojtech Juranek : 452f4f1c74dd8369644218cd808a16a6376b728b Files : core/src/main/resources/hudson/model/View/configure.jelly

            vjuranek vjuranek
            vjuranek vjuranek
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: