Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Task
Resolution: Fixed
Priority: Critical
Component/s: blueocean-plugin
Labels:
- issue-exported-to-github

Epic Link:
Creation
Sprint:
1.0

Users that lack the "create job" permission should not be able to access the Creation flow as they cannot actually complete it: it will fail with a 403 at the end.

Scope

Only show the "New Pipeline" button on Dashboard for users with "create job"
If the user navigates directly to the "create-pipeline" URL, we should short-circuit the Creation flow for users lacking the "create job" permission
Do the same short-circuit for "create-pipeline" if the user has not authenticated

Notes

Need to update core-js User to automatically expose data from the passed in "blueUser" otherwise we'll have to touch this time every time we want to expose new data.

is blocked by

JENKINS-41433 Add new API for "permissions"

Resolved

JENKINS-42354 ATH must support users and run logged in where needed

Closed

relates to

JENKINS-41373 Github SCM "creation" returns unhandled 403 exception when user lacks "create job" permission

Closed

JENKINS-41573 Git Creation needs to better handle users with restricted credential permissions

Closed

Assignee:: Ivan Meredith
Reporter:: Cliff Meyers

Created:: 2017-01-25 15:45
Updated:: 2025-12-01 17:10
Resolved:: 2017-03-01 22:40
Archived:: 2025-12-01 17:11

Details

Description

Attachments

Issue Links

Activity

People

Dates