Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[FIXED JENKINS-13429]
Backward compatibility is preventing the View.READ permission to apply
correctly. It actually overrides the View.READ instead of complementing
it.

This change only applies default READ right if the View.READ is not
available, and the user has View.CONFIGURE + the view is not empty.
  • Loading branch information
Vlatombe authored and kohsuke committed May 23, 2012
1 parent 2128c9d commit d1b2ba7
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
3 changes: 3 additions & 0 deletions changelog.html
Expand Up @@ -57,6 +57,9 @@
<ul class=image>
<li class=bug>
Fixed a possible race condition
<li class=bug>
Fixed nested view not showing up with just read perm for View
(<a href="https://issues.jenkins-ci.org/browse/JENKINS-13429">issue 13429</a>)
<li class=rfe>
Improve the low disk space warning message.
(<a href="https://issues.jenkins-ci.org/browse/JENKINS-13826">issue 13826</a>)
Expand Down
5 changes: 3 additions & 2 deletions core/src/main/java/hudson/security/AuthorizationStrategy.java
Expand Up @@ -99,11 +99,12 @@ public ACL getACL(final View item) {
public boolean hasPermission(Authentication a, Permission permission) {
ACL base = item.getOwner().getACL();

if (permission==View.READ) {
boolean hasPermission = base.hasPermission(a, permission);
if (!hasPermission && permission == View.READ) {
return base.hasPermission(a,View.CONFIGURE) || !item.getItems().isEmpty();
}

return base.hasPermission(a, permission);
return hasPermission;
}
};
}
Expand Down

0 comments on commit d1b2ba7

Please sign in to comment.