The submitter parameter of the input step controls which user is allowed to submit a manual step.
Let's say you have the following definition:
input(message: 'Do you want to approve?', submitter: 'john,mary,jack')
If I am logged in as ben I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it.
In a declarative pipeline, I believe you can work around this by using the following code:
when { beforeAgent() }
There a two issues with this approach:
1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately. I opened for JENKINS-59663 it.
2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered based on the currently logged-in user.