I am using version 259 with matrix-based security enabled. I assigned a user
the following privileges:

Overall: Read
Job: Configure, Build, Workspace
Run: Update
View: Create, Configure
SCM: Tag

However, when the user attempted to update a build job, he received the
following error message:

Access Denied

org.acegisecurity.providers.UsernamePasswordAuthenticationToken@a2fb5983:
Username: hudson.security.HudsonPrivateSecurityRealm$Details@b1c468; Password:
[PROTECTED]; Authenticated: true; Details:
org.acegisecurity.ui.WebAuthenticationDetails@fffed504: RemoteIpAddress:
172.19.30.128; SessionId: FE3443EC28A4C60B2BD01D95828A72E2; Granted
Authorities: authenticated is missing Administer
Huds

It appears that in order to update jobs, a user needs to be able to Administer
all of Hudson, which is not correct.

Thanks!