Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62478

users unable to configure multibranch jobs without global Job/Build permission

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      steps to recreate:

      1. create a folder
      2. enable folder based permissions
      3. add a user and grant all the available permissions
      4. create a multibranch job in the folder
      5. in branch source, choose gitlab.
      6. user gets the following error message between the "projects" section and the "Behaviours" section:
        ------------------------------
        Access Denied
        <username> is missing the Job/Build permission
        --------------------------------

       

       

      workaround:

      granting the user the Job/Build permission in "Configure Global Security " solves the problem, but this is major breach in security.

       

      it appears as if the plugin doesn't take into account the permissions granted to the user at the folder level.

        Attachments

          Issue Links

            Activity

            Hide
            amidar Amit Dar added a comment -

            Mikhail Marchenko, can you provide a link to your PR?

            can you also provide an installable version of your fix so we can test it ourselves? 

            it would be greatly appreciated.

            Show
            amidar Amit Dar added a comment - Mikhail Marchenko , can you provide a link to your PR? can you also provide an installable version of your fix so we can test it ourselves?  it would be greatly appreciated.
            Hide
            mymarche Mikhail Marchenko added a comment -

            Amit Dar, of course

            link PR-156

            And installable version: gitlab-branch-source.hpi

            Show
            mymarche Mikhail Marchenko added a comment - Amit Dar , of course link PR-156 And installable version:  gitlab-branch-source.hpi
            Hide
            amidar Amit Dar added a comment -

            Mikhail Marchenko, your fix is working as expected!

            please file the PR with the plugin maintainer ASAP.

             

            your effort is greatly appreciated!

             

            P.S. I didn't check ALL the plugin capabilities, so I guess anyone who's willing to add more tests is welcome.

            Show
            amidar Amit Dar added a comment - Mikhail Marchenko , your fix is working as expected! please file the PR with the plugin maintainer ASAP.   your effort is greatly appreciated!   P.S. I didn't check ALL the plugin capabilities, so I guess anyone who's willing to add more tests is welcome.
            Hide
            amidar Amit Dar added a comment -

            Rick, is there a way to speed up handling of this issue?

            Show
            amidar Amit Dar added a comment - Rick , is there a way to speed up handling of this issue?
            Hide
            didier_c Didier Crest added a comment -

            Hi,

             

            We tried the PR on our environment too. The bug is no more present.

            Our security have to check the source code. But we hope the PR will be merged and a new version delivered.

            Show
            didier_c Didier Crest added a comment - Hi,   We tried the PR on our environment too. The bug is no more present. Our security have to check the source code. But we hope the PR will be merged and a new version delivered.

              People

              Assignee:
              surenpi Rick
              Reporter:
              amidar Amit Dar
              Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated: