Background

We are operating Jenkins in an enterprise where we have Slave to Master control in place.

Unfortunately this plugin doesn't allow mapping GitHub users to Agent/* permissions (aside from matrix auth, but that causes us to lose Committer Authorisation Strategy which we love).

So we are currently are forced to make agent users into Jenkins Admins, which undermines Slave to Master controls.

The Feature

We would like to add a new configuration, agentUserNames.

This would behave in the same way as adminUserNames does now (example), however only for Agent/* permission checks.

This means that any usernames declared in agentUserNames will short-circuit the ACL checking function if it is for an Agent/* permission.

A Question

As this is currently blocking us, we are planning to implement the above feature in a fork of this plugin. We wanted to ask early on, whether it sounds like an OK solution and something we could contribute via a PR when we are done?