-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Major
-
Component/s: core
2.32.2. Set up Jenkins from the setup wizard. Install matrix-auth and configure admin to have everything but anonymous to have only discover, and Save. You will see config.xml as expected:
<authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy"> <permission>hudson.model.Hudson.Administer:admin</permission> <permission>hudson.model.Hudson.Read:anonymous</permission> <permission>hudson.model.Item.Discover:anonymous</permission> </authorizationStrategy>
Yet after restart if you revisit /configureSecurity, in the UI and reality, anonymous is granted Item.READ.
Seems that the JENKINS-2324 workaround is incorrectly being applied, since Jenkins.isUpgradedFromBefore is broken, since version on config.xml is still 1.0!
Workaround is to go to /configure and Save.
- blocks
-
JENKINS-2324 Feature - Set read permission by project for project-based security
-
- Resolved
-
- depends on
-
-
- Resolved
-
- is duplicated by
-
-
- Resolved
-
- is related to
-
-
- Resolved
-
- relates to
-
-
- Resolved
-
- links to
