Reputation: 8670
How to restrict in Jenkins users from viewing users information like: id, name etc
I have configured Jenkins on centos 7.
Being administrator, I have created few users and gave them permissions to their projects like: build, read etc. I have used a Project-based Matrix Authorization Strategy. Its working but I'm facing the following problem:
If any user clicks on people information (button on left is dashboard) then any user can view all the other users ids, name etc. I want to block this from happening and I can't find a solution to this problem.
Can it be a configuration problem?
Upvotes: 1
Views: 396
Answers (1)
Reputation: 10382
Here is one solution using the Role Strategy plugin.
I'm using this plugin for our Jenkins server and it's really useful to define permissions.
On my staging Jenkins, I've create 2 users:
- A full admin
- A viewer
I've created 2 roles with the plugin:
Next, I assign the roles to the relevant users:
The viewer role only have a global read access + build on the jobs.
If I open a session with the admin one, I can see all the people:
With the viewer user, I don't see anything:
UPDATE:
If you want to assign some permissions on a specific project, you can create project roles (in the Manage Roles section):
You can filter the projects with a regular expression:
job(.*)postcommit
Next, in the Assign Roles section, you just have to assign the relevant project role to the relevant user.
I hope it helps :)
Upvotes: 2
Related Questions
- Restricting visibility of Jenkins jobs to specific users
- Nginx 403 forbidden for all files
- Configuring Jenkins with GitHub (Authorization)
- Jenkins: Hide job from anonymous users
- How do you restore old users, jobs, and configuration in Jenkins?
- How to set permission to LDAP users in Jenkins?
- Configure default permissions for newly registered Jenkins users