Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-61316

role-strategy-plugin shows all users for all users

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

       I have a role to show only jobs related to pattern. It has permission only to read, build and discover jobs. Nothing else. And it works BUT as I am logged in as user in this role I am able to see all other users. What is it? There is no permission to see users so how is it possible? You can see settings in the picture.

        Attachments

          Issue Links

            Activity

            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Currently Jenkins user listing is tied to the Overall/read permission, so all users with such permission will be able to see users. It is managed by the Jenkins Core, so there is nothing what could be done on the plugin level.

            P.S: FTR you assigned the issue to yourself while creating it, so I have never received a notification

             

            Show
            oleg_nenashev Oleg Nenashev added a comment - Currently Jenkins user listing is tied to the Overall/read permission, so all users with such permission will be able to see users. It is managed by the Jenkins Core, so there is nothing what could be done on the plugin level. P.S: FTR you assigned the issue to yourself while creating it, so I have never received a notification  
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I believe it is a full duplicate of JENKINS-18884 (thanks to Daniel Beck for the link)

            Show
            oleg_nenashev Oleg Nenashev added a comment - I believe it is a full duplicate of  JENKINS-18884 (thanks to Daniel Beck for the link)
            Hide
            vladimir81 Vladimír Čamaj added a comment -

            Yes this seems to be dulicate BUT it was created at 2013-07-23. What is that? Reason to stop using Jenkins?  

            Show
            vladimir81 Vladimír Čamaj added a comment - Yes this seems to be dulicate BUT it was created at 2013-07-23. What is that? Reason to stop using Jenkins?  
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Reason to contribute if you are interested in this issue Vladimír Čamaj. Jenkins is a community-driven project, and everyone is welcome to submit a pull request for changes affecting them. Or to facilitate it otherwise. We do not provide support with SLAs as a community

            Show
            oleg_nenashev Oleg Nenashev added a comment - Reason to contribute if you are interested in this issue Vladimír Čamaj . Jenkins is a community-driven project, and everyone is welcome to submit a pull request for changes affecting them. Or to facilitate it otherwise. We do not provide support with SLAs as a community
            Hide
            vladimir81 Vladimír Čamaj added a comment -

            But this is security issue. Who wrote that code? I am not able to fix random language or project I have ever used....

            Show
            vladimir81 Vladimír Čamaj added a comment - But this is security issue. Who wrote that code? I am not able to fix random language or project I have ever used....

              People

              Assignee:
              vladimir81 Vladimír Čamaj
              Reporter:
              vladimir81 Vladimír Čamaj
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: