Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-15484

New permission controlling ability to configure your own User

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      An administrator may want to block access to /me/configure, for example to prevent users from changing their own display names.

      Currently this appears to be impossible, as User.doConfigSubmit calls User.checkPermission, not Jenkins.checkPermission, and User.getACL is implemented to give every user permission to configure himself, regardless of authorization strategy.

      User.doConfigSubmit should additionally check some newly introduced global permission (such as User.SELF_CONFIGURE) which would be on by default for all (authenticated) users but could be explicitly disabled.

      The tricky part is introducing such a permission and granting it by default, since new permissions are rejected by default, and this one should not be implied by any existing permission.

        Attachments

          Issue Links

            Activity

            jglick Jesse Glick created issue -
            jglick Jesse Glick made changes -
            Field Original Value New Value
            Link This issue is related to JENKINS-17200 [ JENKINS-17200 ]
            jglick Jesse Glick made changes -
            Link This issue is related to JENKINS-21336 [ JENKINS-21336 ]
            rtyler R. Tyler Croy made changes -
            Workflow JNJira [ 146240 ] JNJira + In-Review [ 176562 ]
            danielbeck Daniel Beck made changes -
            Labels configuration permissions security user configuration new-permission permissions security user
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-16502 [ JENKINS-16502 ]

              People

              Assignee:
              jglick Jesse Glick
              Reporter:
              jglick Jesse Glick
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated: