Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-25691

Redeploy link is displayed to Anonymous users with read only permissions for a job

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • maven-plugin
    • Jenkins: 1.590
      Java: 1.7.0_67

      Hello,

      We have a job with project-based security enabled. The job has to be visible to anonymous users and they should only have read-only permissions. After applying the "Read" permission for the job I tried checking out it out as an anonymous user. The job is displayed to the user, but I found out he can redeploy artifacts by clicking on the last successful/failed build number. This functionality is not desired and probably a bug.

      Regards,
      Steve

        1. Configure Global Security ACL.png
          Configure Global Security ACL.png
          54 kB
        2. job acl.png
          job acl.png
          37 kB
        3. screenshot.png
          screenshot.png
          35 kB

            danielbeck Daniel Beck
            tftd Steve Todorov
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: