-
Bug
-
Resolution: Fixed
-
Major
-
Jenkins ver. 1.656
Role-based Authorization Strategy 2.2.0
-
-
548.vb_60076577ec7
We use the "Restrict project naming - Role-Based Strategy" feature. This option works fine for restricting the name of a job as we cannot create jobs where names doesn't match our regular expressions set in "Project roles".
The problem we encounter is that no restriction is enforced to prevent creation/renaming of a job where a user doesn't have any rights.
ie:
- user A is allowed to name his job as "^project-A_.*$"
- user B is allowed to name his job as "^project-B_.*$"
-> user A or B cannot create projects with name "project-C_test" == good
-> user A is allowed to create a job "project-A_test" == good
-> user A is allowed to create a job "project-B_test" == bad
-> user A is allowed to rename a job "project-A_test" to "project-B_test" == bad
Do we miss an option? Is this a bug?
This has an impact on our security scheme...
[JENKINS-34337] Job Naming Strategy doesn't enforce restriction on rename
kumy kumy
created issue -
| Component/s | New: core [ 15593 ] | |
| Component/s | Original: role-strategy-plugin [ 15758 ] |
| Workflow | Original: JNJira [ 170421 ] | New: JNJira + In-Review [ 183889 ] |
| Assignee | Original: Oleg Nenashev [ oleg_nenashev ] |
| Labels | New: newbie-friendly |
| Summary | Original: Job Naming Strategy doesn't enforce restriction | New: Job Naming Strategy doesn't enforce restriction on rename |
| Assignee | New: James Milligan [ nightowlengineer ] |
| Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
| Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
| Component/s | New: role-strategy-plugin [ 15758 ] | |
| Component/s | Original: core [ 15593 ] |
Markus Winter
made changes -
| Released As | New: 548.vb_60076577ec7 | |
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: In Review [ 10005 ] | New: Fixed but Unreleased [ 10203 ] |