Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43386

Not sending mail to user with permission to view

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Minor
    • Resolution: Unresolved
    • email-ext-plugin
    • None
    • Jenkins LTS 2.46.1, EmailExtPlugin 2.57.1, role based matrix used

    Description

      After the latest update with the security patch, no mails sended anymore to "requester" of a job.

      The error message in job console looks like this:
      Not sending mail to user user@mail.com with no permission to view currentJob
      When setting the suggested property 

      -Dhudson.tasks.MailSender.SEND_TO_USERS_WITHOUT_READ=true

      it works.

       

      The user has overall read permission (matrix based security setup) and for the conrete job the permission:

      Job: View,Discover,Read,Workspace

      Run: Update

      The user has an account (if I click on the user which started the job .. also belongs to this job (can seen in the user view)) and the mail address is correct.

      What permissions or settings are required to avoid this problem? We do not like to have this system property enabled.

      Thanks for the great plugin and support!

      Regards,

      • Thomas

      Attachments

        Issue Links

          duplicates

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-9016 Git creates usernames based on 'name' not the email.

          • Major - Major loss of function.
          • Open
          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-46292 Issue when sending emails to Developers

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-46292 Issue when sending emails to Developers

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-43268 Can't send email to registered users

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            View 10 older comments
            sgjenkins Steve Graham added a comment -

            Just updated my Gitlab Oauth settings with a Group name for all users. Works as expected, only authorised users who belong to the group set on Gitlab can log in to Jenkins 

            Unfortunately I also now get the messages 

            Not sending mail to user <username@...> with no permission to view <Jenkins Jobname> 

            If I set Global Security->Gitlab OAuth Settings -> Authenticated Users to allow View Read it works ok.

            if I set the same using the Group Name ist does not work.

            I would rate this as a more serious bug - I will try the workaround mentioned above ( SEND_TO_USERS_WIITHOUT_READ ) - it is a workaround.

            ( I also had to set SEND_TO_UNKNOWN_USERS a long time ago... - also a bug, users are known)

            Jenkins Version 2.176 ( just about to go to 2.177)

            Email Extension plugin  - 2.66

            Gitlab OAuth 1.4

             

            sgjenkins Steve Graham added a comment - Just updated my Gitlab Oauth settings with a Group name for all users. Works as expected, only authorised users who belong to the group set on Gitlab can log in to Jenkins  Unfortunately I also now get the messages  Not sending mail to user <username@...> with no permission to view <Jenkins Jobname>  If I set Global Security->Gitlab OAuth Settings -> Authenticated Users to allow View Read it works ok. if I set the same using the Group Name ist does not work. I would rate this as a more serious bug - I will try the workaround mentioned above ( SEND_TO_USERS_WIITHOUT_READ ) - it is a workaround. ( I also had to set SEND_TO_UNKNOWN_USERS a long time ago... - also a bug, users are known) Jenkins Version 2.176 ( just about to go to 2.177) Email Extension plugin  - 2.66 Gitlab OAuth 1.4  
            dadamssg David Adams added a comment -

            Experiencing similar issues as sgjenkins. Using github oauth client for a github organization and can't get email to send. I've tried checking "Allow sending to unregistered users" with no change. I still get: 

            "Not sending mail to user myemail@gmail.com with no permission to view My Project » my-branch#40An attempt to send an e-mail to empty list of recipients, ignored."

            dadamssg David Adams added a comment - Experiencing similar issues as sgjenkins . Using github oauth client for a github organization and can't get email to send. I've tried checking "Allow sending to unregistered users" with no change. I still get:  "Not sending mail to user myemail@gmail.com with no permission to view My Project » my-branch#40An attempt to send an e-mail to empty list of recipients, ignored."
            luckyhorang Hokwang Lee added a comment -

            suffering this problem, one more here.

            luckyhorang Hokwang Lee added a comment - suffering this problem, one more here.
            alexanderstohr Alexander Stohr added a comment -

            in this area i am seeing something like this (with some obfuscation):

            {{}}
            Warning: user1@company.com is not a recognized user, but sending mail anyway
            Not sending mail to user user2@company.com with no permission to view PROJECT_repo » task/master/branch_name #3Warning: user3@company.com is not a recognized user, but sending mail anyway
            Sending email to: user1@company.com user3@company.com
            I feel like there should be a line break between "#3" and "Warning".

            used platform is: Jenkins 2.235.5

            alexanderstohr Alexander Stohr added a comment - in this area i am seeing something like this (with some obfuscation): {{}} Warning: user1@company.com is not a recognized user, but sending mail anyway Not sending mail to user user2@company.com with no permission to view PROJECT_repo » task/master/branch_name #3Warning: user3@company.com is not a recognized user, but sending mail anyway Sending email to: user1@company.com user3@company.com I feel like there should be a line break between "#3" and "Warning". used platform is: Jenkins 2.235.5
            warlord Derek Atkins added a comment -

            For what it's worth, I am seeing this same issue after I turned on the Bitbucket OAuth Plugin and enabling the Authorization Matrix.  So I think it's based on the AuthZ matrix and not necessarily the OAuth plugin in use (as it seems that people are seeing this with Github, Gitlab, and Bitbucket OAuth).

            I do NOT have the 'allow any authenticated user read access' because it appears any user with a valid BB account can authenticate, even if they are not a member of my group.

            I'm on Jenkins 2.319.2

            warlord Derek Atkins added a comment - For what it's worth, I am seeing this same issue after I turned on the Bitbucket OAuth Plugin and enabling the Authorization Matrix.  So I think it's based on the AuthZ matrix and not necessarily the OAuth plugin in use (as it seems that people are seeing this with Github, Gitlab, and Bitbucket OAuth). I do NOT have the 'allow any authenticated user read access' because it appears any user with a valid BB account can authenticate, even if they are not a member of my group. I'm on Jenkins 2.319.2

            People

              Unassigned Unassigned
              waffel Thomas Wabner
              Votes:
              18 Vote for this issue
              Watchers:
              31 Start watching this issue

              Dates

                Created:
                Updated: