![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
bklarson
|
|
Components:
|
prioritysorter |
|
Created:
|
09/Jan/14 4:50 PM
|
|
Description:
|
I am running:
Jenkins 1.545
CAS plugin 1.1.1 for authentication
Role Strategy Plugin 2.1.0 for authorization
Priority Sorter plugin 2.5
(these are the latest available at the time of writing)
The only security granted to anonymous users is "overall - read" and "job - read". However, if an anonymous user views Jenkins, the link to the management function "Job Priorities" remains visible in the top left hand corner of the Jenkins main page, and can be clicked. You can then create / edit / delete job priority groups.
The function should only be available to administrations. I suspect that the Priority Sorter plugin simply does not check for authorisation.
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Major]() Major
|
|
Reporter:
|
mwebber
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected].
For more options, visit
https://groups.google.com/groups/opt_out.
