-
Improvement
-
Resolution: Fixed
-
Minor
-
Jenkins 1.580.3. Matrix auth 1.2. LDAP auth. Lots of plugins and users.
Root problem:
Global permission matrix too wide to show leftmost username when using right most toggle permissions or delete user buttons.
This applies for a large number of usernames and plugins that require permissions.
Example usecases:
- It is too easy (relative to the consequences) to accidentally toggle all permissions for "Anonymous" when creating a new user, as both are normally sorted last. This would be really bad for an internet exposed Jenkins installation.
- It is too easy to accidentally delete the wrong user (red X rightmost).
Suggested improvements:
- tr.permission-row:hover { background: #999999; }
- Some sort of unobtrusive popup display of username and permission name affected when hovering over checkbox, delete or "toggle permissions" in matrix.
- Name column duplicated to the right.
- Remove toggle permissions for the "Anonymous" user. Or at least popup a confirmation box just for "Anonymous".
- is duplicated by
-
-
- Resolved
-
- links to
[JENKINS-26824] Easy to accidentally modify wrong user using many plugins and many users
Thomas Herrlin
created issue -
Thomas Herrlin
made changes -
| Description |
Original:
Root problem: Global permission matrix too wide to show leftmost username when using right most toggle permissions or delete user buttons. This applies for a large number of usernames and plugins that require permissions. Example usecases: * It is too easy to accidentally toggle all permissions for "Anonymous" when creating a new user, as both are normally sorted last. This would be really bad for an internet exposed Jenkins installation. * It is too easy to accidentally delete the wrong user (red X rightmost). Suggested improvements: * tr.permission-row:hover { background: #999999; } * Some sort of unobtrusive popup display of username and permission name affected when hovering over checkbox, delete or "toggle permissions" in matrix. * Name column duplicated to the right. * Remove toggle permissions for the "Anonymous" user. Or at least popup a confirmation box just for "Anonymous". |
New:
Root problem: Global permission matrix too wide to show leftmost username when using right most toggle permissions or delete user buttons. This applies for a large number of usernames and plugins that require permissions. Example usecases: * It is too easy (relative to the consequences) to accidentally toggle all permissions for "Anonymous" when creating a new user, as both are normally sorted last. This would be really bad for an internet exposed Jenkins installation. * It is too easy to accidentally delete the wrong user (red X rightmost). Suggested improvements: * tr.permission-row:hover { background: #999999; } * Some sort of unobtrusive popup display of username and permission name affected when hovering over checkbox, delete or "toggle permissions" in matrix. * Name column duplicated to the right. * Remove toggle permissions for the "Anonymous" user. Or at least popup a confirmation box just for "Anonymous". |
| Assignee | Original: Jesse Glick [ jglick ] |
| Workflow | Original: JNJira [ 160997 ] | New: JNJira + In-Review [ 180536 ] |
| Labels | Original: configuration plugin security user-experience | New: configuration newbie-friendly plugin security user-experience |
| Epic Link |
New:
|
| Assignee | New: Daniel Beck [ danielbeck ] |
| Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
| Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Clarification: Too easy to make mistakes relative to the potential consequences.