2 projects: P1, P2
2 Users: U1 and U2
U1: Full access to P1, Read-only to P2
U2: Read-only access to P1, Full access to P2
1) U1 adds a "Build after other projects are built" trigger to P1. Then he sets completion of P2 as a trigger. Although U1 has no configuration access rights to P1, P1 is reconfigured to trigger P2 <<< ERROR?
2) After that, U2 configures some stuff in his job. After clicking on "Save button" he receives error "You have no permissions to build P1"
3) User U2 won't be able to save his job till he removes triggering of P1 from his job. Jenkins does not check configuration permissions, so U2 is able to remove trigger from P1 <<< ERROR?
=> Configuration wars and complains from users
Issue can be even more complex if many users have access to these jobs => configuration saving will work differently for users.
- Require "build" access rights for adding of new items;
- Print warning for projects w/o build permissions, but allow saving of configs
- Completely decouple fictive triggers (replace them to BuildListeners) and post-build actions in jobs