|
|
 |
|
|
|
|
Issue Type:
|
 Improvement
|
|
Assignee:
|
Jesse Glick
|
|
Components:
|
core |
|
Created:
|
11/Oct/12 2:45 PM
|
|
Description:
|
An administrator may want to block access to /me/configure, for example to prevent users from changing their own display names.
Currently this appears to be impossible, as User.doConfigSubmit calls User.checkPermission, not Jenkins.checkPermission, and User.getACL is implemented to give every user permission to configure himself, regardless of authorization strategy.
User.doConfigSubmit should additionally check some newly introduced global permission (such as User.SELF_CONFIGURE) which would be on by default for all (authenticated) users but could be explicitly disabled.
The tricky part is introducing such a permission and granting it by default, since new permissions are rejected by default, and this one should not be implied by any existing permission.
|
|
Project:
|
Jenkins
|
|
Labels:
|
security
user
configuration
permissions
|
|
Priority:
|
 Major
|
|
Reporter:
|
Jesse Glick
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
|
Locked
Introduce permission in core, implied by ADMINISTER, disabled by default, called by User.getACL or User.doConfigSubmit only if enabled; then create a plugin which does nothing but enable the permission. Awkward but may work.