Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23986

Permissions check in ExtendedEmailPublisher.getProjectActions does not work

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • email-ext-plugin
    • Email-ext 2.37.2.2 on Jenkins 1.554.3

      The permissions check is run in a system context (or not re-run for every page view), so it's ineffective.

      The permission needs to be checked:

      • in the action itself (e.g. the index.jelly) to fail when configure permission is missing (for those clever users navigating to known URLs directly)
      • as well as the action.jelly that needs to be added for this

            slide_o_mix Alex Earl
            danielbeck Daniel Beck
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: