Skip to content
Browse files
[FIXED JENKINS-8214] Added a DISCOVER permission to allow anonymous u…
…sers to be presented the login screen when accessing job URLs
  • Loading branch information
lacostej committed Apr 24, 2012
1 parent 5f92a03 commit 84f08379e8a06f9cec0765da0ac397950fbad1d3
@@ -58,6 +58,10 @@
<li class=bug>
End up more gracefully if there's some problem when searching for user partipication in the build
(<a href="">issue 13564</a>)
<li class=rfe>
Added a DISCOVER permission to allow anonymous users to be presented the login screen
when accessing job URLs.
(<a href="">issue 8214</a>)

@@ -224,6 +224,7 @@
Permission DELETE = new Permission(PERMISSIONS, "Delete", null, Permission.DELETE, PermissionScope.ITEM);
Permission CONFIGURE = new Permission(PERMISSIONS, "Configure", null, Permission.CONFIGURE, PermissionScope.ITEM);
Permission READ = new Permission(PERMISSIONS, "Read", null, Permission.READ, PermissionScope.ITEM);
Permission DISCOVER = new Permission(PERMISSIONS, "Discover", Messages._AbstractProject_DiscoverPermission_Description(), Permission.READ, PermissionScope.ITEM);
Permission EXTENDED_READ = new Permission(PERMISSIONS,"ExtendedRead", Messages._AbstractProject_ExtendedReadPermission_Description(), CONFIGURE, Boolean.getBoolean(""), new PermissionScope[]{PermissionScope.ITEM});
Permission BUILD = new Permission(PERMISSIONS, "Build", Messages._AbstractProject_BuildPermission_Description(), Permission.UPDATE, PermissionScope.ITEM);
Permission WORKSPACE = new Permission(PERMISSIONS, "Workspace", Messages._AbstractProject_WorkspacePermission_Description(), Permission.READ, PermissionScope.ITEM);
@@ -200,7 +200,6 @@
import org.acegisecurity.Authentication;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.context.SecurityContext;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
import org.acegisecurity.ui.AbstractProcessingFilter;
@@ -2111,8 +2110,14 @@ public void setNumExecutors(int n) throws IOException {
public TopLevelItem getItem(String name) {
if (name==null) return null;
TopLevelItem item = items.get(name);
if (item==null || !item.hasPermission(Item.READ))
if (item==null)
return null;
if (!item.hasPermission(Item.READ)) {
if (item.hasPermission(Item.DISCOVER)) {
throw new AccessDeniedException("Please login to access job " + name);
return null;
return item;

@@ -57,6 +57,10 @@ AbstractProject.ExtendedReadPermission.Description=\
This permission grants read-only access to project configurations. Please be \
aware that sensitive information in your builds, such as passwords, will be \
exposed to a wider audience by granting this permission.
This permission grants discover access to jobs. Lower than read permissions, it allows you to \
redirect anonymous users to the login page when they try to access a job url. \
Without it they would get a 404 error and wouldn't be able to discover project names.
This permission grants the ability to wipe out the contents of a workspace.

0 comments on commit 84f0837

Please sign in to comment.