Details

    • Similar Issues:

      Description

      CredentialsProvider.CREATE and the like are now scoped to ITEM, yet they can be (in fact are usually) checked at the global level, and Jenkins is not an Item—it is an ItemGroup. So perhaps the scopes should be both ITEM and ITEM_GROUP.

      (Would not matter for Permission.isContainedBy, since these uses scope inheritance, but an AuthorizationStrategy may want to know which permissions are actually checked at various levels.)

      In fact it seems like a new scope might be in order, since the actual check is on CredentialsStore. So maybe this should define a custom scope (contained in ITEM).

      Also CredentialsStore almost but not quite implements AccessControlled, which seems like an oversight.

        Attachments

          Activity

          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Stephen Connolly
          Path:
          src/main/java/com/cloudbees/plugins/credentials/CredentialsStore.java
          src/main/java/com/cloudbees/plugins/credentials/SystemCredentialsProvider.java
          src/main/java/com/cloudbees/plugins/credentials/UserCredentialsProvider.java
          http://jenkins-ci.org/commit/credentials-plugin/445667250c9d8f5e7b55a6f0f4da7d70425c28cc
          Log:
          [FIXED JENKINS-23131] Make CredentialsStore implement AccessControlled

          • a52572825fcbaff9603f2202cb4488b722be7d7d already addressed the scoping issue
          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Stephen Connolly Path: src/main/java/com/cloudbees/plugins/credentials/CredentialsStore.java src/main/java/com/cloudbees/plugins/credentials/SystemCredentialsProvider.java src/main/java/com/cloudbees/plugins/credentials/UserCredentialsProvider.java http://jenkins-ci.org/commit/credentials-plugin/445667250c9d8f5e7b55a6f0f4da7d70425c28cc Log: [FIXED JENKINS-23131] Make CredentialsStore implement AccessControlled a52572825fcbaff9603f2202cb4488b722be7d7d already addressed the scoping issue

            People

            • Assignee:
              stephenconnolly Stephen Connolly
              Reporter:
              jglick Jesse Glick
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: