-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Minor
-
Component/s: groovy-postbuild-plugin
-
groovy-postbuild-2.5
Although it uses script security and administrators can whitelist methods and approve scripts, Groovy Postbuild still requires that the user running it must have Overall/Administer permission: https://github.com/jenkinsci/groovy-postbuild-plugin/blob/master/src/main/java/org/jvnet/hudson/plugins/groovypostbuild/GroovyPostbuildRecorder.java#L364
Â
This creates failed builds when using the Authorize Project plugin to run builds as the user that triggered them and most of the users that run builds are regular users.
- relates to
-
JENKINS-15212 More flexible and effective security for Groovy Postbuild
-
- Closed
-
