authorize-project plugin can easily cause security issues like following situations:
- User A configured a project X run as user A.
- User B updates the configuration of project B.
- User B can do something with the authentication of user A.
authorize-project avoids this problem by raising an exception when user B tries to configure project A.
But this has following problem:
- Raising exception isn't the "proper" way to forbid configuration.
- It might not work in some cases or in the future version of Jenkins.
- Users have to configure the project again from the beginning if it is rejected by authorize-project plugin. It isn't user-friendly.
- There are several ways to configure projects. Web UI, REST WebAPI, CLI. Authorize-project have to cover all configuration methods.
I believe the "proper" way to forbid a user to configure a project is to revoke Job.CONFIGURE permission for that project form that user.
Then what I need is a mechanism for plugins to restrict Job.CONFIGURE permissions.