Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-65371

User access is wiping out when grant permission to new user by groovy

XMLWordPrintable

      I'm trying to create number of users with specific permissions via projectMatrixAuthorizationStrategy by groovy script. Actually, I'm able to create Users and provide permissions to the user, but when try to create another user with specific permissions, the old user access is automatically wiping out. when try to login with old user i'm getting " Overall/Read permission is missing" . 

       

      I have tried multiple ways but didn't get any solution about this. Here below is my script

       

       

      import jenkins.model.*
      import hudson.security.*
      import hudson.model.*
      import java.util.*
      import com.michelin.cio.hudson.plugins.rolestrategy.*
      import com.cloudbees.plugins.credentials.*
      import com.cloudbees.plugins.credentials.common.*
      import com.cloudbees.plugins.credentials.domains.*
      import com.cloudbees.jenkins.plugins.sshcredentials.impl.*

      def instance = Jenkins.getInstance()

      def hudsonRealm = new HudsonPrivateSecurityRealm(false)

      //def user = ["userInput","userPassword"]

      hudsonRealm.createAccount("admin","admin")
      //hudsonRealm.createAccount(userInput,userPassword)
      hudsonRealm.createAccount("user","User2")

      instance.setSecurityRealm(hudsonRealm)
      instance.save()

      def strategy = new ProjectMatrixAuthorizationStrategy()

      //Overall Permission

      strategy.add(Jenkins.ADMINISTER,'admin')
      strategy.add(Jenkins.READ,user)

      //Credential Level Permission

      strategy.add(com.cloudbees.plugins.credentials.CredentialsProvider.CREATE,user)
      strategy.add(com.cloudbees.plugins.credentials.CredentialsProvider.DELETE,user)
      strategy.add(com.cloudbees.plugins.credentials.CredentialsProvider.UPDATE,user)
      strategy.add(com.cloudbees.plugins.credentials.CredentialsProvider.VIEW,user)

      //Job Level Permission

      strategy.add(hudson.model.Item.BUILD,user)
      strategy.add(hudson.model.Item.CANCEL,user)
      strategy.add(hudson.model.Item.CONFIGURE,user)
      strategy.add(hudson.model.Item.CREATE,user)
      //strategy.add(hudson.model.Item.DELETE,user)
      strategy.add(hudson.model.Item.DISCOVER,user)
      //strategy.add(hudson.model.Item.READ,user)
      strategy.add(hudson.model.Item.WORKSPACE,user)

      //Build Run (Level) Permissions

      //strategy.add(hudson.model.Run.DELETEuser)
      strategy.add(hudson.model.Run.UPDATE,user)
      //strategy.add(hudson.model.Run.REPLAY,user)

      //View Level Permissions

      //strategy.add(hudson.model.View.CONFIGURE,user)
      //strategy.add(hudson.model.View.CREATE,user)
      //strategy.add(hudson.model.View.DELETE,user)
      strategy.add(hudson.model.View.READ,user)

      instance.setAuthorizationStrategy(strategy)
      instance.save()

      }
      }}

       

      could somebody help me to sort out the issue?

       

       

            chiducaf chella
            chiducaf chella
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: