Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-28247

Can bypass permission check of CopyArtifact with WorkflowJob

    XMLWordPrintable

Details

    Description

      The permission check of copyartifact doesn't work with workflow:

      • Copyartifact performs runtime permission check only when the project name is specified with variables.
        • Variables in workflow jobs are resolved before passed to builders.
        • Even if variable expression is passed to builders, builder cannot resolve that variables (see JENKINS-26694)
      • Configuration-time permission check doesn't performed as it performs only when triggered via stapler.

      Attachments

        Issue Links

          Activity

            jglick Jesse Glick added a comment -

            Is this not just a duplicate of JENKINS-24888? The existing permission model in the plugin is broken.

            jglick Jesse Glick added a comment - Is this not just a duplicate of JENKINS-24888 ? The existing permission model in the plugin is broken.
            ikedam ikedam added a comment -

            Fixed as SECURITY-988, copyartifact-1.44

            ikedam ikedam added a comment - Fixed as SECURITY-988, copyartifact-1.44

            People

              ikedam ikedam
              ikedam ikedam
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: