That should be a very good feature. Is it planned for Blue Ocean 1.2? Em 17/07/2017 14:17:40, Daniel Beck escreveu: > > On 11. Jul 2017, at 19:24, Jason LeMauk > wrote: > > As far as using a project-based matrix authorization strategy, I envision the > permissions working like so: > 1. Global Administrators: > - Access to everything within Jenkins (all projects / jobs, > configuration settings, plugins, etc.). > - Access to all Jenkins Agents / Build Nodes (provide with > virtual machine credentials for login). > - Can configure / modify all project’s Jenkins Agents / Slaves. > 2. Project Administrators: > - Access as an administrator to specific project’s / job’s > configurations. > - Access to team’s / project’s specific Jenkins Agents / Build > Nodes (provide with virtual machine credentials for login). > - Can configure / modify project specific Jenkins Agents / > Slaves. > 3. Jenkins Users > - Low level users added by project level administrators. > - Project level administrators have the ability to add users > to their project / job and grant permissions to those users as they see fit. > - Cannot directly configure / modify Jenkins Agents / Slaves > (Jenkins Agent / Slave credentials for login are not provided to low level > users). > - Could possibly modify job configurations for their project > if granted the right by a project administrator.
Seems reasonable; probably best to group 'projects' (jobs) into folders with permissions applying to all descendants if you have many. I expect you'll have a reasonably good experience with this strategy assuming not too many exceptions to these broad rules. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/E677818B-6B16-4E57-87DF-75B6600DC717%40beckweb.net.> For more options, visit > https://groups.google.com/d/optout.> > @csquaredsystems.com> - "Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco." "This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) -- a government company established under Brazilian law (5.615/70) -- is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you're not the addressee, please send it back, elucidating the failure." -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/c27fe2c982f15411c8f48709b49d58676adf3160%40serpro.gov.br. For more options, visit https://groups.google.com/d/optout.
