-
Bug
-
Resolution: Not A Defect
-
Minor
-
None
-
Jenkins version: 2.176.1
Matrix-auth plugin version: 2.4.2
Folders plugin version: 6.9
Issue
I created two users (user1 and user2) in Jenkins.
- user1 is Administrator globally.
- Authenticated user has "job:read" globally.
I created a folder and a new "Freestyle project" Inside the folder. In the job configuration I enabled "project-based security" with "Do not inherit permission grants from other ACLs" and I also gave "job:read" permission to "user2". user2 is able to see the job without any problems.
By removing "job:read" for authenticated user globally user2 cannot see his job indeed he is configured to read the job and "Do not inherit permission grants from other ACLs" is set on the job-level.
Note: testing same scenario by creating a job on the root level works completely. Issue occurs only inside Folders.