Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-22136

Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security


    • Icon: Bug Bug
    • Resolution: Not A Defect
    • Icon: Critical Critical
    • crowd2-plugin
    • None

      The Jenkins Crowd2 plugin security plugin functionality NOT working as described (expected) in the 'Project-based Matrix Authorization Strategy':
      1) Crowd group (call the group "X_TEST") given read-only permissions for all jobs in the Project-based Matrix Authorization Strategy within the jenkins application's 'Configuration Global Security' link.
      2) While configuring a job (project) called "JobX_test" , I checked (true) the 'Enable project-based security' option and added the same crowd group "X_TEST" to the 'User/group' security with all job related permissions (read | discover | build | workspace | configure...etc.). Saved it.
      3) Note: No other group is enabled within the project ("JobX_test").
      4) User "X" who is part of the "X_TEST" group only logs in and can NOT configure (nor build) the job ("jobX_test").
      5) IF I increase the overall group's ("X_TEST") permissions to build and configure in the application's 'Configuration Global Security' link, THEN the user can build or configure the job ("JobX_test")!

      So, bottom line, application permissions overrides the individual 'project-based security' permissions! It should be the opposite functionality in which individual 'project' permissions supercedes the applications's security settigns for the group (or user) as described in the following link:

            integer Kanstantsin Shautsou
            cvecchione chris vecchione
            0 Vote for this issue
            2 Start watching this issue