Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-6801

With "Enable project-based security" on for workspace. non logged in users can view the html

    XMLWordPrintable

Details

    Description

      When project based security is on and only authorised users are able to view the workspace. the html plugin should only display the html link to users who are logged in and have workspace access.

      We use this plugin to display code coverage data (lcov) which contains source code.

      Can security please be intergrated with this plugin?

      Attachments

        Activity

          Ascending order - Click to sort in descending order
          rajpra rajpra created issue -
          mcrooney mcrooney added a comment -

          Hm, I imagined it is a report like Javadoc or JUnit, and I don't think those require security. However I can see where arbitrary html reports have the potential to be more sensitive. I don't actively work on this plugin anymore but I'd welcome a patch which added an option (off by default for compatibility) to require workspace permissions to view!

          mcrooney mcrooney added a comment - Hm, I imagined it is a report like Javadoc or JUnit, and I don't think those require security. However I can see where arbitrary html reports have the potential to be more sensitive. I don't actively work on this plugin anymore but I'd welcome a patch which added an option (off by default for compatibility) to require workspace permissions to view!
          mcrooney mcrooney made changes -
          Field Original Value New Value
          Issue Type Bug [ 1 ] Improvement [ 4 ]
          Priority Critical [ 2 ] Minor [ 4 ]
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 136896 ] JNJira + In-Review [ 174602 ]
          r2b2_nz Richard Bywater made changes -
          Assignee mcrooney [ mcrooney ] Richard Bywater [ r2b2_nz ]

          People

            r2b2_nz Richard Bywater
            rajpra rajpra
            Votes:
            1 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated: