-
Bug
-
Resolution: Unresolved
-
Major
In order to be included in Permission.getAll(), a Permission needs to be initialized in a static block inside an @Extension or otherwise definitely loaded during startup.
The visible symptom is that you might configure an authorization strategy such as matrix with all permissions granted, then go back later and see SCM/Tag missing, because it was unknown earlier.
- is blocking
-
JENKINS-16502 Permission to see an agent
-
- Reopened
-
- is related to
-
JENKINS-15484 New permission controlling ability to configure your own User
-
- Open
-
-
-
- Open
-
-
-
- In Progress
-
-
-
- Open
-
- links to
[JENKINS-17200] SCM.TAG permission not eagerly loaded
| Link | New: This issue is related to JENKINS-15484 [ JENKINS-15484 ] |
| Labels | Original: permissions | New: api permissions |
| Link | New: This issue is blocking JENKINS-16502 [ JENKINS-16502 ] |
| Link | New: This issue is related to SECURITY-91 [ SECURITY-91 ] |
| Link | New: This issue is related to JENKINS-27134 [ JENKINS-27134 ] |
| Labels | Original: api permissions | New: 2.0 api permissions |
| Labels | Original: 2.0 api permissions | New: 2.0-rejected api permissions |
Would be better to have some kind of declarative registration for permissions. Could handle default grant status for things like JENKINS-15484 as well. Some other messiness: hudson.security.WipeOutPermission=true; hudson.security.ArtifactsPermission=true; and of course https://wiki.jenkins-ci.org/display/JENKINS/Extended+Read+Permission+Plugin is well known.
https://github.com/jenkinsci/embeddable-build-status-plugin/pull/4/files#r4421926 claims that at least for Project-based Matrix Authorization Strategy even loading the permission in an @Extension does not suffice—perhaps because it tries to load the matrix before extensions are loaded?