Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-50032

Jobs can be triggered with only Job/Read and Job/Configure

    Details

    • Similar Issues:

      Description

      • Create a job and assign an Authentication Token under Trigger builds remotely (e.g., from scripts)
      • Create a user and only assign Job/Read and Job/Configure permission for this job.
      • Navigate to the job as the newly created user, retrieve the build URL which contains the token.
      • The user cannot build this job via the UI.
      • Retrive the user's API token ($JENKINS_URL/users/$USERNAME)
      • Go to command line and use the following curl command: curl -X POST $JENKINS_URL/job/$JOB_NAME/build?token\=$AUTHENTICATION_TOKEN -u $USER_NAME:$API_TOKEN
      • The job will be now be built.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              joshshinn Joshua Shinn
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: