Redeploy link is displayed to Anonymous users with read only permissions for a job

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Minor
    • Component/s: maven-plugin
    • Environment:
      Jenkins: 1.590
      Java: 1.7.0_67

      Hello,

      We have a job with project-based security enabled. The job has to be visible to anonymous users and they should only have read-only permissions. After applying the "Read" permission for the job I tried checking out it out as an anonymous user. The job is displayed to the user, but I found out he can redeploy artifacts by clicking on the last successful/failed build number. This functionality is not desired and probably a bug.

      Regards,
      Steve

        1. screenshot.png
          35 kB
          Steve Todorov
        2. Configure Global Security ACL.png
          54 kB
          Steve Todorov
        3. job acl.png
          37 kB
          Steve Todorov

            Assignee:
            Daniel Beck
            Reporter:
            Steve Todorov
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: