You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@continuum.apache.org by "Brent N Atkinson (JIRA)" <ji...@apache.org> on 2015/04/24 19:51:38 UTC

[jira] [Commented] (CONTINUUM-2747) Make build reports only available for registered users

    [ https://issues.apache.org/jira/browse/CONTINUUM-2747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14511423#comment-14511423 ] 

Brent N Atkinson commented on CONTINUUM-2747:
---------------------------------------------

This report was based on continuum-ci.a.o and the reporter (me) assumed that permissions were set to the defaults. However, it turns out that viewing the menu option and running reports is protected by the {{continuum-view-report}} permission. Project User's are granted this by the {{project-user}} template in redback.xml: it grants {{continuum-view-queues}} and {{continuum-view-report}}.

> Make build reports only available for registered users
> ------------------------------------------------------
>
>                 Key: CONTINUUM-2747
>                 URL: https://issues.apache.org/jira/browse/CONTINUUM-2747
>             Project: Continuum
>          Issue Type: Improvement
>            Reporter: Brent N Atkinson
>            Priority: Minor
>              Labels: maybe-1.5
>             Fix For: 1.5.0
>
>
> Made worse by CONTINUUM-2746, running reports should be limited to users that are registered. The intent is that abuse can be managed by locking accounts. Adding a permission is another route, but considering it is open to anonymous it may be unnecessary.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)