First I would like to say thank you to Oleg and his team. This plugin is so powerfull.
About this/these bug(s), I am sorry if I did not understand everything but here is my aim.
I want a user (let's call him jobCreator) to be able to create jobs only if it respects a pattern otherwiswe it does not create it.
If the user has the global create job he can do whatever he wants (Let's call him globalCreator)
As it was said above, you need the global create job to be able to see the icon 'Create new item'.
So the jobCreator will always have both permisisons (global and job)
The globalCreator needs to have ONLY the global create permissions.
I have modified the code of RoleBasedProjectNamingStrategy to follow my scenario.
I cannot promise anything with it but if you want to check it out and update your code with, I will be glad.
Also, I am not sure the current code is working.
//firstly check global role
SortedMap<Role, Set<String>> gRole = rbas.getGrantedRoles(RoleBasedAuthorizationStrategy.GLOBAL);
for (SortedMap.Entry<Role, Set<String>> entry: gRole.entrySet())
This will always return true because gRole contains all the users with all the global permissions.
It should check the current logged user.
I am gonna patch my code to your github if you are interested and attached it to my message.
Could you please let me know about your intention.