Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-42577

Jenkins.version saved only from doConfigSubmit

    XMLWordPrintable

Details

    Description

      2.32.2. Set up Jenkins from the setup wizard. Install matrix-auth and configure admin to have everything but anonymous to have only discover, and Save. You will see config.xml as expected:

        <authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy">
    <permission>hudson.model.Hudson.Administer:admin</permission>
    <permission>hudson.model.Hudson.Read:anonymous</permission>
    <permission>hudson.model.Item.Discover:anonymous</permission>
  </authorizationStrategy>

      Yet after restart if you revisit /configureSecurity, in the UI and reality, anonymous is granted Item.READ.

      Seems that the JENKINS-2324 workaround is incorrectly being applied, since Jenkins.isUpgradedFromBefore is broken, since version on config.xml is still 1.0!

      Workaround is to go to /configure and Save.

      Attachments

        Issue Links

          blocks

          Patch - JENKINS-2324 Feature - Set read permission by project for project-based security

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          depends on

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-47139 Initial Access Regression in 2.80?

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-17081 Permission "hudson.model.Item.Read:anonymous" coming from nowhere

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-63868 PlaceholderTask.getOwnerTask vulnerable to AccessDeniedException

          • Major - Major loss of function.
          • Resolved
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-42556 PlaceholderTask.runForDisplay vulnerable to AccessDeniedException

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link https://github.com/jenkinsci/jenkins/pull/3010

          Activity

            Descending order - Click to sort in ascending order
            jglick Jesse Glick added a comment -

            I presume you never confirmed that the originally reported bug was actually fixed, since the reproduction steps involve going through the setup wizard, which was broken by this as detailed in JENKINS-47139.

            jglick Jesse Glick added a comment - I presume you never confirmed that the originally reported bug was actually fixed, since the reproduction steps involve going through the setup wizard, which was broken by this as detailed in  JENKINS-47139 .
            danielbeck Daniel Beck added a comment -

            Fixed towards 2.80.

            danielbeck Daniel Beck added a comment - Fixed towards 2.80.
            oleg_nenashev Oleg Nenashev added a comment -

            jglick Didn't notice your comment here. The PR is https://github.com/jenkinsci/jenkins/pull/3010 , it has been integrated towards the next weekly. If you have any concerns, please comment in the pull request

            oleg_nenashev Oleg Nenashev added a comment - jglick Didn't notice your comment here. The PR is https://github.com/jenkinsci/jenkins/pull/3010 , it has been integrated towards the next weekly. If you have any concerns, please comment in the pull request
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: kel
            Path:
            core/src/main/java/jenkins/model/Jenkins.java
            test/src/test/java/jenkins/install/InstallUtilTest.java
            test/src/test/java/jenkins/model/JenkinsTest.java
            http://jenkins-ci.org/commit/jenkins/27569a965a80caa1352e67c255065b5a67cb1a27
            Log:
            [Fix JENKINS-42577] Save jenkins version in Jenkins.save() (#3010)

            • [Fix JENKINS-42577] Save jenkins version in Jenkins.save()
            • [Fix JENKINS-42577] Fix unit test failures
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: kel Path: core/src/main/java/jenkins/model/Jenkins.java test/src/test/java/jenkins/install/InstallUtilTest.java test/src/test/java/jenkins/model/JenkinsTest.java http://jenkins-ci.org/commit/jenkins/27569a965a80caa1352e67c255065b5a67cb1a27 Log: [Fix JENKINS-42577] Save jenkins version in Jenkins.save() (#3010) [Fix JENKINS-42577] Save jenkins version in Jenkins.save() [Fix JENKINS-42577] Fix unit test failures
            jglick Jesse Glick added a comment -

            If and when there is a PR for this, Link it here and set to In Review.

            jglick Jesse Glick added a comment - If and when there is a PR for this, Link it here and set to In Review .
            jglick Jesse Glick added a comment -

            Fix should be to move

            version = VERSION;

            into save.

            jglick Jesse Glick added a comment - Fix should be to move version = VERSION; into save .

            People

              liketic Li Ke
              jglick Jesse Glick
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: