[JIRA] (JENKINS-58139) User cannot access his job inside the folder when global "authenticated user" does not have read permission
Title: Message Title Daniel Beck closed an issue as Not A Defect The issue description is unclear, but to the best of my understanding the problem here is that user2 does not have Job/Read on the folder containing the job, so the permission granted on the job level is irrelevant. Similar to a file system, you need read permission from the root element all the way to the leaf node to access it. Jenkins / JENKINS-58139 User cannot access his job inside the folder when global "authenticated user" does not have read permission Change By: Daniel Beck Status: Open Closed Resolution: Not A Defect Add Comment This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. To view this discussion on the web visit
[JIRA] (JENKINS-58139) User cannot access his job inside the folder when global "authenticated user" does not have read permission
Title: Message Title parsa vali created an issue Jenkins / JENKINS-58139 User cannot access his job inside the folder when global "authenticated user" does not have read permission Issue Type: Bug Assignee: Daniel Beck Components: matrix-auth-plugin Created: 2019-06-21 10:17 Environment: Jenkins version: 2.176.1 Matrix-auth plugin version: 2.4.2 Folders plugin version: 6.9 Priority: Minor Reporter: parsa vali Issue I created two users (user1 and user2) in Jenkins. user1 is Administrator globally. Authenticated user has "job:read" globally. I created a folder and a new "Freestyle project" Inside the folder. In the job configuration I enabled "project-based security" with "Do not inherit permission grants from other ACLs" and I also gave "job:read" permission to "user2". user2 is able to see the job without any problems. By removing "job:read" for authenticated user globally user2 cannot see his job indeed he is configured to read the job and "Do not inherit permission grants from other ACLs" is set on the job-level. Note: testing same scenario by creating a job on the root level works completely. Issue occurs only inside Folders.