hudson.model.DependencyGraph uses Hudson.getAllItems to find the projects to use in building the graph.. this method filters the results by Item.READ permission, so if it is run by a non-admin it may not actually look at all projects to build the dependency graph! Thus if a Hudson uses per-project read permissions and someone who can't see all jobs saves a job config, the graph is rebuilt with projects missing. If those missing projects now get built then the downstream jobs are not triggered. The job pages for those projects also don't show the upstream/downstream job links until the dependency graph is rebuilt correctly (a job config saved by an admin user).