Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-47265

RoleStrategy requires both its and Matrix Auth flags set to show dangerous permissions

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Critical
    • Resolution: Fixed
    • Component/s: role-strategy-plugin
    • Labels:
      None
    • Environment:
      Matri Auth 1.5+
      Role Strategy 2.5.1+
    • Similar Issues:

      Description

      When you upgrade Matrix Auth to a version with Dangerous permissions support, Role Strategy plugin stops showing dangerous permissions when the flag is set only on the Role Strategy side. It happens because Role Strategy inherits Matrix Auth descriptor and then calls the showPermission() code.

      Workaround: Enable Dangerous permissions for Matrix Auth as well

       

       

        Attachments

          Activity

          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Kudos to Daniel Beck for making me to look at it. I had one strange behavior report  in the jenkins_ru chat before, but there was no JIRA issue reported.

          Show
          oleg_nenashev Oleg Nenashev added a comment - Kudos to Daniel Beck for making me to look at it. I had one strange behavior report  in the jenkins_ru chat before, but there was no JIRA issue reported.
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          pom.xml
          http://jenkins-ci.org/commit/role-strategy-plugin/b32e2768f296f268f84492f5005f14d7761d7b2c
          Log:
          JENKINS-47265 - Update Matrix Auth dependency to a version with the SECURITY-410 fix in order to reproduce the issue

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: pom.xml http://jenkins-ci.org/commit/role-strategy-plugin/b32e2768f296f268f84492f5005f14d7761d7b2c Log: JENKINS-47265 - Update Matrix Auth dependency to a version with the SECURITY-410 fix in order to reproduce the issue
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleBasedAuthorizationStrategy.java
          http://jenkins-ci.org/commit/role-strategy-plugin/7205930dc69146263292bc41bfe5c29c0a5743d4
          Log:
          JENKINS-47265 - Stop using permission display logic from Matrix Auth

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleBasedAuthorizationStrategy.java http://jenkins-ci.org/commit/role-strategy-plugin/7205930dc69146263292bc41bfe5c29c0a5743d4 Log: JENKINS-47265 - Stop using permission display logic from Matrix Auth
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          pom.xml
          src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleBasedAuthorizationStrategy.java
          http://jenkins-ci.org/commit/role-strategy-plugin/566fb7369c3c9b383f21ac3d76e33778d91132b5
          Log:
          Merge pull request #34 from oleg-nenashev/bug/JENKINS-47265

          JENKINS-47265 - Stop requiring Matrix Auth flags to show Dangerous permissions

          Compare: https://github.com/jenkinsci/role-strategy-plugin/compare/38e8f3c8391a...566fb7369c3c

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: pom.xml src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleBasedAuthorizationStrategy.java http://jenkins-ci.org/commit/role-strategy-plugin/566fb7369c3c9b383f21ac3d76e33778d91132b5 Log: Merge pull request #34 from oleg-nenashev/bug/ JENKINS-47265 JENKINS-47265 - Stop requiring Matrix Auth flags to show Dangerous permissions Compare: https://github.com/jenkinsci/role-strategy-plugin/compare/38e8f3c8391a...566fb7369c3c
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Fixed in 2.7.1

          Show
          oleg_nenashev Oleg Nenashev added a comment - Fixed in 2.7.1

            People

            • Assignee:
              oleg_nenashev Oleg Nenashev
              Reporter:
              oleg_nenashev Oleg Nenashev
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: