Skip to content
Permalink
Browse files

[FIXED JENKINS-13429]

Backward compatibility is preventing the View.READ permission to apply
correctly. It actually overrides the View.READ instead of complementing
it.

This change only applies default READ right if the View.READ is not
available, and the user has View.CONFIGURE + the view is not empty.
  • Loading branch information...
Vlatombe authored and kohsuke committed May 4, 2012
1 parent 2128c9d commit d1b2ba7e4988d26fbb815b8912efb16273c407d4
Showing with 6 additions and 2 deletions.
  1. +3 −0 changelog.html
  2. +3 −2 core/src/main/java/hudson/security/AuthorizationStrategy.java
@@ -57,6 +57,9 @@
<ul class=image>
<li class=bug>
Fixed a possible race condition
<li class=bug>
Fixed nested view not showing up with just read perm for View
(<a href="https://issues.jenkins-ci.org/browse/JENKINS-13429">issue 13429</a>)
<li class=rfe>
Improve the low disk space warning message.
(<a href="https://issues.jenkins-ci.org/browse/JENKINS-13826">issue 13826</a>)
@@ -99,11 +99,12 @@ public ACL getACL(final View item) {
public boolean hasPermission(Authentication a, Permission permission) {
ACL base = item.getOwner().getACL();

if (permission==View.READ) {
boolean hasPermission = base.hasPermission(a, permission);
if (!hasPermission && permission == View.READ) {
return base.hasPermission(a,View.CONFIGURE) || !item.getItems().isEmpty();
}

return base.hasPermission(a, permission);
return hasPermission;
}
};
}

0 comments on commit d1b2ba7

Please sign in to comment.
You can’t perform that action at this time.