-
Bug
-
Resolution: Fixed
-
Major
-
Jenkins version: 2.319.1, role-strategy: 3.2.0
-
-
484.v8a_a_e4b_d785fd
After upgrading to 2.319.1, it can't display person icon on Assign Roles page
- is duplicated by
-
-
- Resolved
-
- is related to
-
-
- Closed
-
- relates to
-
-
- Closed
-
-
JENKINS-67425 Remove External API Deprecated Warnings
-
- Resolved
-
-
-
- Closed
-
[JENKINS-67393] Can't display person icon on Assign Roles page after matrix auth 3.0 update
Ori
added a comment - is there any news on this issue? 
Dominik Vorreiter
added a comment - We are holding back the update from 2.6.11 because of this issue.
"This is the expected presentation when matrix auth 3.0 plugin has been installed and the users / groups have not yet been made unambiguous."
markewaite, how do we make users / groups unambiguous? Simply update to 3.x and resave each user?
Dominik Vorreiter
added a comment - We are holding back the update from 2.6.11 because of this issue.
"This is the expected presentation when matrix auth 3.0 plugin has been installed and the users / groups have not yet been made unambiguous."
markewaite , how do we make users / groups unambiguous? Simply update to 3.x and resave each user? 
Alan Sparks
added a comment - Can we increase the urgency on this issue, there's still no workaround I've seen and we can't update due to this issue.
Alan Sparks
added a comment - Can we increase the urgency on this issue, there's still no workaround I've seen and we can't update due to this issue. 
Alexander Stohr
added a comment - i am affected as well.
as a GUI level administrator
i want my user management interface to assist me with meaningful user names and user ids
so that my administration activities can be carried out correctly and efficiently in place.
Alexander Stohr
added a comment - i am affected as well.
as a GUI level administrator
i want my user management interface to assist me with meaningful user names and user ids
so that my administration activities can be carried out correctly and efficiently in place. 
Markus Winter
added a comment - Looking at the code this is only a UI problem and should not have any impact on functionality of the plugin.
The only thing rolestategy uses from matrix auth plugin is the function doCheckName from the descriptor of GlobalMatrixAuthorizationStrategy. This method is used to decide if the user/group exists and which icon to display.
Locally I copied the relevant code from version 2.6.11 of matrix-auth to rolestrategy and the issue is gone and everything still compiles and works as before.
The question is if we want to also have that separation between users and groups in rolestrategy. If yes that would be some bigger work I think and another question would be if we then want to keep the dependency to matrix auth plugin, probably some part of the code could be reused. After a first peek there are some code parts that are useful that are currently restricted with NoExternalUse
Markus Winter
added a comment - Looking at the code this is only a UI problem and should not have any impact on functionality of the plugin.
The only thing rolestategy uses from matrix auth plugin is the function doCheckName from the descriptor of GlobalMatrixAuthorizationStrategy. This method is used to decide if the user/group exists and which icon to display.
Locally I copied the relevant code from version 2.6.11 of matrix-auth to rolestrategy and the issue is gone and everything still compiles and works as before.
The question is if we want to also have that separation between users and groups in rolestrategy. If yes that would be some bigger work I think and another question would be if we then want to keep the dependency to matrix auth plugin, probably some part of the code could be reused. After a first peek there are some code parts that are useful that are currently restricted with NoExternalUse
Alexander Stohr
added a comment - had a look. its not a one-line change, but it looks pretty promising in solving the most pressing aspects.
to my understanding the one thing is "a bug" whilst the other things are "features" with surely some relation. establishing a sound foundation again instantly with fixing the first will allow to freely care (or skip) for the second.
Alexander Stohr
added a comment - had a look. its not a one-line change, but it looks pretty promising in solving the most pressing aspects.
to my understanding the one thing is "a bug" whilst the other things are "features" with surely some relation. establishing a sound foundation again instantly with fixing the first will allow to freely care (or skip) for the second. 
Eric RAIMBAULT
added a comment - Thanks for PR #172: The role-strategy-3.2.1-rc486.1fa_5c858f488.hpi plugin (without its dependency on the matrix-auth plugin) seems to work fine in my various use cases.
Eric RAIMBAULT
added a comment - Thanks for PR #172 : The role-strategy-3.2.1-rc486.1fa_5c858f488.hpi plugin (without its dependency on the matrix-auth plugin) seems to work fine in my various use cases. 
lenain, serious problems can occur. I filed
JENKINS-67422because the incompatibility between Role-Based Authorization and Matrix Authorization caused Jenkins to stop treating me as an administrator. I don't know whether that problem was specific to Azure AD authentication.