Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-66065

Cannot access currentBuild with TriggeringUsersAuthorizationStrategy but correct user permissions

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Labels:
      None
    • Environment:
      Jenkins 2.289.2 LTS
      Role-based Authorization Strategy (role-strategy) 3.1.1
      Authorize Project (authorize-project) 1.4.0

    • Similar Issues:

      Description

      When TriggeringUsersAuthorizationStrategy is used for a build all read or write access to properties of currentBuild, like e.g. currentBuild.result throw AbortExceptions causing the complete build to abort.

      This happens although the triggering user has full access to the folder/project using an item role with all permissions enabled. Everything in the buildjob works, only currentBuild access doesn't.

      The only way to fix the problem is to grant global read access to the affected user, but this makes all item roles useless, because the user is then allowed to access anything.

      Another simple fix is to build the job as SYSTEM which is also insecure.

      The root cause of the problem is that the access to currentBuild properties should be allowed, but it isn't.

       

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            Assignee:
            oleg_nenashev Oleg Nenashev
            Reporter:
            bytemaster Boris Folgmann
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: