Skip to content
Browse files
Merge pull request #20 from svanoort/admin-can-approve-JENKINS-48998
Fix [JENKINS-48998] by ensuring admins can always approve
  • Loading branch information
svanoort committed Jan 18, 2018
2 parents 7aea2ab + 1a65110 commit d555bb4c87b7ace5881d91a4880543b5f7e4568f
@@ -16,6 +16,7 @@
import hudson.model.TaskListener;
import hudson.model.User;
import hudson.util.HttpResponses;
import jenkins.model.Jenkins;
import net.sf.json.JSONArray;
@@ -282,7 +283,7 @@ private void postSettlement() {

private boolean canCancel() {
return getRun().getParent().hasPermission(Job.CANCEL);
return !Jenkins.getActiveInstance().isUseSecurity() || getRun().getParent().hasPermission(Job.CANCEL);

private boolean canSubmit() {
@@ -297,6 +298,9 @@ private boolean canSettle(Authentication a) {
String submitter = input.getSubmitter();
if (submitter==null)
return getRun().getParent().hasPermission(Job.BUILD);
if (!Jenkins.getActiveInstance().isUseSecurity() || Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER)) {
return true;
final Set<String> submitters = Sets.newHashSet(submitter.split(","));
if (submitters.contains(a.getName()))
return true;
@@ -207,14 +207,17 @@ public void test_submitters() throws Exception {
// is listed as the submitter.
grant(Jenkins.READ, Job.READ).everywhere().to("bob").
// Give "charlie" basic privs. That's normally not enough to Job.CANCEL, and isn't listed as submiter.
grant(Jenkins.READ, Job.READ).everywhere().to("charlie"));
grant(Jenkins.READ, Job.READ).everywhere().to("charlie").
// Add an admin user that should be able to approve the job regardless)

final WorkflowJob foo = j.jenkins.createProject(WorkflowJob.class, "foo");
foo.setDefinition(new CpsFlowDefinition("input id: 'InputX', message: 'OK?', ok: 'Yes', submitter: 'alice,bob'", true));

runAndAbort(webClient, foo, "alice", true); // alice should work coz she's declared as 'submitter'
runAndAbort(webClient, foo, "bob", true); // bob should work coz he's declared as 'submitter'
runAndAbort(webClient, foo, "charlie", false); // charlie shouldn't work coz he's not declared as 'submitter' and doesn't have Job.CANCEL privs
runAndContinue(webClient, foo, "admin", true); // admin should work because... they can do anything


0 comments on commit d555bb4

Please sign in to comment.