You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@continuum.apache.org by "Brent N Atkinson (JIRA)" <ji...@apache.org> on 2015/04/24 19:51:38 UTC
[jira] [Commented] (CONTINUUM-2747) Make build reports only
available for registered users
[ https://issues.apache.org/jira/browse/CONTINUUM-2747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14511423#comment-14511423 ]
Brent N Atkinson commented on CONTINUUM-2747:
---------------------------------------------
This report was based on continuum-ci.a.o and the reporter (me) assumed that permissions were set to the defaults. However, it turns out that viewing the menu option and running reports is protected by the {{continuum-view-report}} permission. Project User's are granted this by the {{project-user}} template in redback.xml: it grants {{continuum-view-queues}} and {{continuum-view-report}}.
> Make build reports only available for registered users
> ------------------------------------------------------
>
> Key: CONTINUUM-2747
> URL: https://issues.apache.org/jira/browse/CONTINUUM-2747
> Project: Continuum
> Issue Type: Improvement
> Reporter: Brent N Atkinson
> Priority: Minor
> Labels: maybe-1.5
> Fix For: 1.5.0
>
>
> Made worse by CONTINUUM-2746, running reports should be limited to users that are registered. The intent is that abuse can be managed by locking accounts. Adding a permission is another route, but considering it is open to anonymous it may be unnecessary.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)