-
Bug
-
Resolution: Fixed
-
Minor
-
None
-
-
pipeline-input-step 2.9
Problem statement
Depending on the current SecurityRealm, the input step will refuse or accept submitters depending on the case sensitivity settings.
Despite there is probably some logic to be improved too on various SecurityRealm implementations, I think there is still an improvement to be done on the Pipeline-input side. Bonus point: it's also likely much simpler than addressing all SecurityRealms implems out there.
Example:
input message: "blah", submitter: "SomeUser"
Even if the strategy is the default CASE_INSENSITIVE one, the configuration above will reject a user logged in as someuser.
Expected behavior
The SecurityRealm core class already defines the so-called IdStrategy which contain various methods for comparing and sorting user ids. I think the input step logic around validating the current user against the submitters list should be using this implementation.
References:
- https://github.com/jenkinsci/jenkins/blob/master/core/src/main/java/jenkins/model/IdStrategy.java
- https://github.com/jenkinsci/jenkins/blob/master/core/src/main/java/hudson/security/SecurityRealm.java
- https://github.com/jenkinsci/jenkins/blob/486b1566eef41443a34b7b1ec025524c7fecfd56/core/src/main/java/jenkins/model/IdStrategy.java#L58
- links to