Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-28247

Can bypass permission check of CopyArtifact with WorkflowJob

    XMLWordPrintable

Details

    Description

      The permission check of copyartifact doesn't work with workflow:

      • Copyartifact performs runtime permission check only when the project name is specified with variables.
        • Variables in workflow jobs are resolved before passed to builders.
        • Even if variable expression is passed to builders, builder cannot resolve that variables (see JENKINS-26694)
      • Configuration-time permission check doesn't performed as it performs only when triggered via stapler.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-23475 Can bypass permission check of CopyArtifact with WebAPI/CLI

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-24888 Complete runtime permission check of Copyartifact

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            ikedam ikedam created issue -
            ikedam ikedam made changes -
            Field Original Value New Value
            Link This issue is related to JENKINS-24888 [ JENKINS-24888 ]
            ikedam ikedam made changes -
            Link This issue is related to JENKINS-23475 [ JENKINS-23475 ]
            jglick Jesse Glick made changes -
            Labels workflow
            rtyler R. Tyler Croy made changes -
            Workflow JNJira [ 163078 ] JNJira + In-Review [ 181086 ]
            abayer Andrew Bayer made changes -
            Labels workflow pipeline workflow
            abayer Andrew Bayer made changes -
            Labels pipeline workflow pipeline
            ikedam ikedam made changes -
            Link This issue relates to SECURITY-988 [ SECURITY-988 ]
            ikedam ikedam made changes -
            Released As https://github.com/jenkinsci/copyartifact-plugin/blob/master/CHANGELOG.adoc#144
            Assignee ikedam [ ikedam ]
            Resolution Fixed [ 1 ]
            Status Open [ 1 ] Fixed but Unreleased [ 10203 ]
            ikedam ikedam made changes -
            Status Fixed but Unreleased [ 10203 ] Closed [ 6 ]

            People

              ikedam ikedam
              ikedam ikedam
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: