-
Improvement
-
Resolution: Fixed
-
Major
-
None
-
Platform: All, OS: All
Non-authenticated users like anonymous have limited permissions when viewing projects – for instance,
they are not allowed to browse a project's workspace. However, the task scanner plugin circumvents this
security measure by allowing anonymous users to view the source code files in the task reports. This
plugin should prevent these reports from being shown unless the user is authenticated in Hudson.
I agree. We share Hudson with two groups - tech support and programmers. Tech
support are not allowed access to the source code, and this prevents us from
using this plugin (which is a shame because the programmers all really want
it). Perhaps the portions of the plugin that display the source code could be
tied to the workspace read permission?