Security.permit introduced in https://github.com/jenkinsci/blueocean-plugin/commit/32b9f388a00e22d053ccdab4b1fe7aeb54406563#diff-5f10fdcd6cd7c58aa1d9cce6ab7a975c has caused this obscure but bad regression (bad as it is the type of job we encourage):

You won't see a "cog" for pipelines created as a github org folder

To reproduce:

• Create a pipeline via the new flow (or classic, doesn't matter)
• Navigate to its activity screen, and a single run
• Note that there is no cog
• Do the same with classic and a non org folder - and you will see it has one

For some reason the following isn't allowing this:

https://github.com/jenkinsci/blueocean-plugin/blob/master/blueocean-core-js/src/js/security.js checks permissions - and this is done by:

    if (Security.permit(pipeline).configure()) {
        link = <a href={buildClassicConfigUrl(pipeline)} target="_blank"><Icon size={24} icon="settings" style={{ fill: '#fff' }} /></a>;
    }

Same on pipeline summary and results page (same check, so makes sense). there is something about pipelines created that way that are missing some permission that need investigation, or else we need to roll this small change back.