Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-58571

It's possible to use renameTo for AbstractItem that has name NOT editable.

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • core
    • None
    • 2.190

      The “isNameEditable” value is not checked before doing the real rename action on the renameTo method:

      https://github.com/jenkinsci/jenkins/blob/38e94d197e65af66da67afdc5ebb5d8c0fcf3377/core/src/main/java/hudson/model/AbstractItem.java#L353

      The rename method can lead to very bad issues if it’s used with item that must not be renamed, the “isNameEditable” must be check before doing any rename action.

      I did a PR with code changes and unit tests:  https://github.com/jenkinsci/jenkins/pull/4122

          [JENKINS-58571] It's possible to use renameTo for AbstractItem that has name NOT editable.

          A. Jard created issue -
          A. Jard made changes -
          Description Original: The “isNameEditable” value is not checked before doing the real rename action on the renameTo method:

          https://github.com/jenkinsci/jenkins/blob/38e94d197e65af66da67afdc5ebb5d8c0fcf3377/core/src/main/java/hudson/model/AbstractItem.java#L353

          The rename method can lead to very bad issues if it’s used with item that must not be renamed, the “isNameEditable” must be check before doing any rename action.

          I am doing a PR with a unit test and a code change, I will update this JIRA just after.
          New: The “isNameEditable” value is not checked before doing the real rename action on the renameTo method:

          [https://github.com/jenkinsci/jenkins/blob/38e94d197e65af66da67afdc5ebb5d8c0fcf3377/core/src/main/java/hudson/model/AbstractItem.java#L353]

          The rename method can lead to very bad issues if it’s used with item that must not be renamed, the “isNameEditable” must be check before doing any rename action.

          I did a PR with code changes and unit tests:  https://github.com/jenkinsci/jenkins/pull/4122
          Daniel Beck made changes -
          Released As New: 2.190
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]

          Daniel Beck added a comment -

          Needs followup Javadoc fix as I commented in the PR.

          Daniel Beck added a comment - Needs followup Javadoc fix as I commented in the PR.

            Unassigned Unassigned
            ajard A. Jard
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: