-
New Feature
-
Resolution: Unresolved
-
Major
-
None
-
jenkins version 1.580
It seems, for the ownership plugin doesnot work with the global security method “Matrix based security” (works with “Project-based matrix authorization strategy” since in this case there is an option for enabling project-based security and we can add and assign different rights to users in this option in the job configure page).
Now, if matrix based security turned on by "configure global security", then the admin or the users with rights to "Manage ownership" (given in the matrix) can see the option of "Manage Ownership" in the left panel of every Project, which is completely right.
But when going from Manage Ownership -> Configure specific access rights and then adding a user and assigning him some permissions (for example "Delete Job"), this user don't see it in the project page ("Delete Project").
Can anybody figure out what causes it??
Thanks in advance.
[JENKINS-26973] Support project-specific security in "Matrix based security" plugin
"Configure specific access rights" is designed to work with Role Strategy Plugin only.
It's explicitly mentioned on its Wiki page, but it worth to mention it on Jenkins Web UI (or just hide controls)
I'll convert the issue to the feature request
vikas choudhary
added a comment - The following steps produce the issue:
1. I installed the ownership plugin.
2. After I globally configured it like (enable "Assign job creators as owners"), uncheck the option "Setup default permissions for jobs item-specific security" .
3. On the job configuration page, I clicked "Manage Ownership" then "Manage Owners" and add a user as owner.
4. Next, I clicked "Configure specific access rights" in the same page and add the user and assign him some permissions presented in the matrix (after checking the option "Use item-specific security" and then "Enable project-based security" .
5. Now after the user login, the user is not able to see the options in the job page.
Thanks
vikas choudhary
added a comment - The following steps produce the issue:
1. I installed the ownership plugin.
2. After I globally configured it like (enable "Assign job creators as owners"), uncheck the option "Setup default permissions for jobs item-specific security" .
3. On the job configuration page, I clicked "Manage Ownership" then "Manage Owners" and add a user as owner.
4. Next, I clicked "Configure specific access rights" in the same page and add the user and assign him some permissions presented in the matrix (after checking the option "Use item-specific security" and then "Enable project-based security" .
5. Now after the user login, the user is not able to see the options in the job page.
Thanks vikas choudhary
added a comment - If "Configure specific access rights" is designed to work with Role Strategy Plugin only then how one can manage the ownership in case of "Matrix based security" in the global security ??
Is it possible in this case??
vikas choudhary
added a comment - If "Configure specific access rights" is designed to work with Role Strategy Plugin only then how one can manage the ownership in case of "Matrix based security" in the global security ??
Is it possible in this case?? vikas choudhary
added a comment - When I try to add new user/group in Global configuration setttings in Jenkins, it displays the user as ERROR in the screenshot attached in this comment.
vikas choudhary
added a comment - When I try to add new user/group in Global configuration setttings in Jenkins, it displays the user as ERROR in the screenshot attached in this comment.
> If "Configure specific access rights" is designed to work with Role Strategy Plugin only then how one can manage the ownership in case of "Matrix based security" in the global security ?? Is it possible in this case??
No. This control only manages the permission to change ownership configs. You can edit the product-specific security, but it won't affect security checks
> When I try to add new user/group in Global configuration setttings in Jenkins, it displays the user as ERROR in the screenshot attached in this comment.
Yes, it's a bug. See JENKINS-22869
Please provide more info about the issue and reproduction steps.
"Manage ownership" works for me on 1.580.3 LTS.