[JIRA] [crowd2] (JENKINS-22136) Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security
Kanstantsin Shautsou resolved JENKINS-22136 as Not A Defect Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security Change By: Kanstantsin Shautsou (18/Aug/14 5:02 PM) Status: Open Resolved Assignee: ThorstenHeit KanstantsinShautsou Resolution: NotADefect This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [crowd2] (JENKINS-22136) Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security
Kanstantsin Shautsou commented on JENKINS-22136 Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security Page not found. Crowd doesn't do anything with authorization. Crowd works perfect with role-based plugin. This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [crowd2] (JENKINS-22136) Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security
Kanstantsin Shautsou edited a comment on JENKINS-22136 Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security Page not found. Crowd doesn't do anything with authorization. It provides groups that belong to user for other jenkins routines. Crowd works perfect with role-based plugin. This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] [crowd2] (JENKINS-22136) Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security
chris vecchione
created JENKINS-22136
Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security
Issue Type:
Bug
Assignee:
Thorsten Heit
Components:
crowd2
Created:
11/Mar/14 8:20 PM
Description:
The Jenkins Crowd2 plugin security plugin functionality NOT working as described (expected) in the 'Project-based Matrix Authorization Strategy':
1) Crowd group (call the group "X_TEST") given read-only permissions for all jobs in the Project-based Matrix Authorization Strategy within the jenkins application's 'Configuration Global Security' link.
2) While configuring a job (project) called "JobX_test" , I checked (true) the 'Enable project-based security' option and added crowd group "X_TEST" to the 'User/group' with all job related permissions (read | discover | build | workspace | configure...etc.). Saved it.
3) Note: No other group is enabled within the job ("JobX_test").
4) User "X" who is part of the "X_TEST" group only logs in and can NOT configure (nor build) the job ("jobX_test").
5) IF I increase the overall group's ("X_TEST") permissions to build and configure in the application's 'Configuration Global Security' link, THEN the user can build or configure the job ("JobX_test")!
So, bottom line, application permissions overrides the individual 'project-based security' permissions! It should be the opposite functionality in which individual 'project' permissions supercedes the applications's security settigns for the group (or user) as described in the following link:
https://wiki.jenkins-ci.org/display/JENKINS/2012/01/03/Allow+access+to+specific+projects+for+Users(Assigning+security+for+projects+in+Jenkins)
Project:
Jenkins
Priority:
Critical
Reporter:
chris vecchione
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
--
You received this message because you are subscribed to the Google Groups Jenkins Issues group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[JIRA] [crowd2] (JENKINS-22136) Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security
chris vecchione updated JENKINS-22136 Jenkins Crowd2 plugin Project-based Matrix Authorization Strategy functionally issue - application permissions override the project-based security Change By: chris vecchione (11/Mar/14 8:22 PM) Description: TheJenkinsCrowd2pluginsecuritypluginfunctionalityNOTworkingasdescribed(expected)intheProject-basedMatrixAuthorizationStrategy:1)Crowdgroup(callthegroupX_TEST)givenread-onlypermissionsforalljobsintheProject-basedMatrixAuthorizationStrategywithinthejenkinsapplicationsConfigurationGlobalSecuritylink.2)Whileconfiguringajob(project)calledJobX_test,Ichecked(true)theEnableproject-basedsecurityoptionandadded thesame crowdgroupX_TESTtotheUser/group security withalljobrelatedpermissions(read|discover|build|workspace|configure...etc.).Savedit.3)Note:Noothergroupisenabledwithinthe job project (JobX_test).4)UserXwhoispartoftheX_TESTgrouponlylogsinandcanNOTconfigure(norbuild)thejob(jobX_test).5)IFIincreasetheoverallgroups(X_TEST)permissionstobuildandconfigureintheapplicationsConfigurationGlobalSecuritylink,THENtheusercanbuildorconfigurethejob(JobX_test)!So,bottomline,applicationpermissionsoverridestheindividualproject-basedsecuritypermissions!Itshouldbetheoppositefunctionalityinwhichindividualprojectpermissionssupercedestheapplicationsssecuritysettignsforthegroup(oruser)asdescribedinthefollowinglink:https://wiki.jenkins-ci.org/display/JENKINS/2012/01/03/Allow+access+to+specific+projects+for+Users(Assigning+security+for+projects+in+Jenkins) This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira -- You received this message because you are subscribed to the Google Groups Jenkins Issues group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
