security for configuration only

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

security for configuration only

Tom Huybrechts
hi all,

is it possible to enable security such that you need to be logged in
to make configuration changes, but that everyone can still start a
build ?

I don't mind making minor source changes if needed.

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: security for configuration only

Kohsuke Kawaguchi
Administrator
Tom Albrecht's wrote:
> hi all,
>
> is it possible to enable security such that you need to be logged in
> to make configuration changes, but that everyone can still start a
> build ?
>
> I don't mind making minor source changes if needed.

If you see abstract project/side panel.jelly, you'll see the following
lines:

>       <l:isAdmin>
>         <j:if test="${it.configurable}">
>           <j:if test="${!it.disabled}">
>             <l:task icon="images/24x24/clock.gif" href="${url}/build" title="Build Now" />
>           </j:if>
>           <l:task icon="images/24x24/edit-delete.gif" href="${url}/delete" title="Delete ${it.pronoun}" />
>           <l:task icon="images/24x24/setting.gif" href="${url}/configure" title="Configure" />
>         </j:if>
>       </l:isAdmin>

which basically disables the build link if the user is not admin. If you
move this task block outside <l:isAdmin> tag, you should be able to
achieve what you are asking for.


--
Kohsuke Kawaguchi
Sun Microsystems                   [hidden email]

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: security for configuration only

Tom Huybrechts
I was just trying this out. Then it dawned on me that there really is
no security for triggering the build The link is hidden but if you
know the URL you can trigger the build even if security is enabled...


On 6/28/07, Kohsuke Kawaguchi <[hidden email]> wrote:

> Tom Albrecht's wrote:
> > hi all,
> >
> > is it possible to enable security such that you need to be logged in
> > to make configuration changes, but that everyone can still start a
> > build ?
> >
> > I don't mind making minor source changes if needed.
>
> If you see abstract project/side panel.jelly, you'll see the following
> lines:
>
> >       <l:isAdmin>
> >         <j:if test="${it.configurable}">
> >           <j:if test="${!it.disabled}">
> >             <l:task icon="images/24x24/clock.gif" href="${url}/build" title="Build Now" />
> >           </j:if>
> >           <l:task icon="images/24x24/edit-delete.gif" href="${url}/delete" title="Delete ${it.pronoun}" />
> >           <l:task icon="images/24x24/setting.gif" href="${url}/configure" title="Configure" />
> >         </j:if>
> >       </l:isAdmin>
>
> which basically disables the build link if the user is not admin. If you
> move this task block outside <l:isAdmin> tag, you should be able to
> achieve what you are asking for.
>
>
> --
> Kohsuke Kawaguchi
> Sun Microsystems                   [hidden email]
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: security for configuration only

Kohsuke Kawaguchi
Administrator
Tom Huybrechts wrote:
> I was just trying this out. Then it dawned on me that there really is
> no security for triggering the build The link is hidden but if you
> know the URL you can trigger the build even if security is enabled...

For most other places, there's then corresponding "Hudson.isAdmin(..)"
check in the implementation, so Hudson doesn't just hide the links but
actually protect all the URLs (so even if the attacker know what URL to
request, it still won't work.)

"Trigger build" link is a complicated exception because of the
compatibility requirements and other things historical. It can be still
protected by using the keyword.

--
Kohsuke Kawaguchi
Sun Microsystems                   [hidden email]

smime.p7s (4K) Download Attachment