Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62478

users unable to configure multibranch jobs without global Job/Build permission

XMLWordPrintable

      steps to recreate:

      1. create a folder
      2. enable folder based permissions
      3. add a user and grant all the available permissions
      4. create a multibranch job in the folder
      5. in branch source, choose gitlab.
      6. user gets the following error message between the "projects" section and the "Behaviours" section:
        ------------------------------
        Access Denied
        <username> is missing the Job/Build permission
        --------------------------------

       

       

      workaround:

      granting the user the Job/Build permission in "Configure Global Security " solves the problem, but this is major breach in security.

       

      it appears as if the plugin doesn't take into account the permissions granted to the user at the folder level.

        1. gitlab-branch-source.hpi
          323 kB
          Mikhail Marchenko
        2. jenkins-plugins-installed.txt
          2 kB
          Amit Dar
        3. creating a multibranch pipeline as the user.jpg
          246 kB
          Amit Dar
        4. gitlab server definition.jpg
          169 kB
          Amit Dar
        5. jenkins security definition.jpg
          195 kB
          Amit Dar
        6. some_folder configuration.jpg
          168 kB
          Amit Dar
        7. uesr receive error message when creating gitlab project.jpg
          178 kB
          Amit Dar
        8. jenkins root folder.jpg
          102 kB
          Amit Dar
        9. jenkins user definition.jpg
          101 kB
          Amit Dar
        10. creating the multi branch pipeline as the user.jpg
          122 kB
          Amit Dar

          [JENKINS-62478] users unable to configure multibranch jobs without global Job/Build permission

          Amit Dar added a comment -

          surenpi, please take a look at this issue, it includes simple reconstruction instructions, and is causing us a lot of pain...

          Amit Dar added a comment - surenpi , please take a look at this issue, it includes simple reconstruction instructions, and is causing us a lot of pain...

          MARY Olivier added a comment -

          Hi there,

           

          Same problem for us. Any solution before fix ? I can't "open bar" for all users just for that..........

           

           

          MARY Olivier added a comment - Hi there,   Same problem for us. Any solution before fix ? I can't "open bar" for all users just for that..........    

          Sébastien added a comment -

          Hi,

          Same problem. Does anyone have a solution?

          Thanks.

          Sébastien added a comment - Hi, Same problem. Does anyone have a solution? Thanks.

          Mikhail Marchenko added a comment -

          Hi,

          i tied to fix this issue. But i don't know somebody who can review my PR. 

          Mikhail Marchenko added a comment - Hi, i tied to fix this issue. But i don't know somebody who can review my PR. 

          Amit Dar added a comment -

          mymarche, can you provide a link to your PR?

          can you also provide an installable version of your fix so we can test it ourselves? 

          it would be greatly appreciated.

          Amit Dar added a comment - mymarche , can you provide a link to your PR? can you also provide an installable version of your fix so we can test it ourselves?  it would be greatly appreciated.

          Mikhail Marchenko added a comment -

          amidar, of course

          link PR-156

          And installable version: gitlab-branch-source.hpi

          Mikhail Marchenko added a comment - amidar , of course link PR-156 And installable version:  gitlab-branch-source.hpi

          Amit Dar added a comment -

          mymarche, your fix is working as expected!

          please file the PR with the plugin maintainer ASAP.

           

          your effort is greatly appreciated!

           

          P.S. I didn't check ALL the plugin capabilities, so I guess anyone who's willing to add more tests is welcome.

          Amit Dar added a comment - mymarche , your fix is working as expected! please file the PR with the plugin maintainer ASAP.   your effort is greatly appreciated!   P.S. I didn't check ALL the plugin capabilities, so I guess anyone who's willing to add more tests is welcome.

          Amit Dar added a comment -

          surenpi, is there a way to speed up handling of this issue?

          Amit Dar added a comment - surenpi , is there a way to speed up handling of this issue?

          Didier Crest added a comment -

          Hi,

           

          We tried the PR on our environment too. The bug is no more present.

          Our security have to check the source code. But we hope the PR will be merged and a new version delivered.

          Didier Crest added a comment - Hi,   We tried the PR on our environment too. The bug is no more present. Our security have to check the source code. But we hope the PR will be merged and a new version delivered.

          Mikhail Marchenko added a comment -

          https://github.com/jenkinsci/gitlab-branch-source-plugin/pull/156

          Mikhail Marchenko added a comment - https://github.com/jenkinsci/gitlab-branch-source-plugin/pull/156

            mymarche Mikhail Marchenko
            amidar Amit Dar
            Votes:
            2 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: