![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
stephenconnolly
|
|
Components:
|
credentials |
|
Created:
|
21/May/14 2:58 PM
|
|
Description:
|
CredentialsProvider.CREATE and the like are now scoped to ITEM, yet they can be (in fact are usually) checked at the global level, and Jenkins is not an Item—it is an ItemGroup. So perhaps the scopes should be both ITEM and ITEM_GROUP.
(Would not matter for Permission.isContainedBy, since these uses scope inheritance, but an AuthorizationStrategy may want to know which permissions are actually checked at various levels.)
In fact it seems like a new scope might be in order, since the actual check is on CredentialsStore. So maybe this should define a custom scope (contained in ITEM).
Also CredentialsStore almost but not quite implements AccessControlled, which seems like an oversight.
|
|
Project:
|
Jenkins
|
|
Labels:
|
permissions
|
|
Priority:
|
![Minor]() Minor
|
|
Reporter:
|
Jesse Glick
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit
https://groups.google.com/d/optout.
