Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-42577

Jenkins.version saved only from doConfigSubmit

    XMLWordPrintable

Details

    Description

      2.32.2. Set up Jenkins from the setup wizard. Install matrix-auth and configure admin to have everything but anonymous to have only discover, and Save. You will see config.xml as expected:

        <authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy">
    <permission>hudson.model.Hudson.Administer:admin</permission>
    <permission>hudson.model.Hudson.Read:anonymous</permission>
    <permission>hudson.model.Item.Discover:anonymous</permission>
  </authorizationStrategy>

      Yet after restart if you revisit /configureSecurity, in the UI and reality, anonymous is granted Item.READ.

      Seems that the JENKINS-2324 workaround is incorrectly being applied, since Jenkins.isUpgradedFromBefore is broken, since version on config.xml is still 1.0!

      Workaround is to go to /configure and Save.

      Attachments

        Issue Links

          blocks

          Patch - JENKINS-2324 Feature - Set read permission by project for project-based security

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          depends on

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-47139 Initial Access Regression in 2.80?

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-17081 Permission "hudson.model.Item.Read:anonymous" coming from nowhere

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-63868 PlaceholderTask.getOwnerTask vulnerable to AccessDeniedException

          • Major - Major loss of function.
          • Resolved
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-42556 PlaceholderTask.runForDisplay vulnerable to AccessDeniedException

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link https://github.com/jenkinsci/jenkins/pull/3010

          Activity

            People

              liketic Li Ke
              jglick Jesse Glick
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: