Hi Ian,
Ian Simpson wrote (13.06.2012 17:42):
Ah, the ACL thing does help; I'll have to mess around with that a little.
Glad this helped ;O)
The problem with revoking the create permission is that calling
Hudson.getInstance().createProject() started failing after the upgrade
to Jenkins, whereas it worked with Hudson.
Ah, that's explainable:
Hudson, up to version 1.394, checked for proper permissions when
receiving the HTTP request from the browser (see the "doXXX" methods in
the Hudson class) and then redirected to an internal method that
actually performed the hard work. This internal method did not check for
permissions again. As your plugin called that internal method (here:
Hudson.getInstance().createProject()) directly, this did not require any
permissions at all.
Starting from Hudson 1.395, the permission checking was moved from the
HTTP request receiving method to the internal method. So from this
version, proper permissions are required when calling this internal
method - even when called directly from your plugin.
Cheers,
Simon.
