While using the Project-based Matrix Authorization Strategy users are unable to create a new job unless global read is enabled. The global read permission is too liberal, allowing any authenticated user to see any job. The Create Job Advanced Plugin (https://wiki.jenkins-ci.org/display/JENKINS/Create+Job+Advanced+Plugin) seems to fix this by granting users full permissions to jobs they create, however, it does not apply to duplicated jobs.

When an authenticated user attempts to copy an existing job without global read permissions the resulting job fails to copy the existing values from the copied job. The user is then forwarded to a page that requests the user log in to see the newly created job.

Expected behavior:
A user is only able to copy jobs they have the ability to read and the resultant job should have the same permissions as the copied job.