Skip to content

Commit

Permalink
[JENKINS-50204] Ensure user has permission to view credentials.
Browse files Browse the repository at this point in the history
  • Loading branch information
@agentgonzo
agentgonzo committed Apr 13, 2018
1 parent 6a1ad95 commit 7dad737
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions ...cloudbees/jenkins/plugins/kubernetes_credentials_provider/KubernetesCredentialsStore.java
View file
Expand Up @@ -45,9 +45,9 @@ public boolean hasPermission(@NonNull Authentication authentication, @NonNull Pe
@Override
public List<Credentials> getCredentials(@NonNull Domain domain) {
// Only the global domain is supported
return Domain.global().equals(domain)
? provider.getCredentials(Credentials.class, Jenkins.getInstance(), ACL.SYSTEM)
: Collections.emptyList();
if (Domain.global().equals(domain) && Jenkins.getInstance().hasPermission(CredentialsProvider.VIEW))
return provider.getCredentials(Credentials.class, Jenkins.getInstance(), ACL.SYSTEM);
return Collections.emptyList();
}

@Override
Expand Down

0 comments on commit 7dad737

Please sign in to comment.