Adds a new role-based strategy to manage users' permissions.
This plugin adds a new role-based strategy to ease and fasten users management. This strategy allows:
Using the plugin is fairly simple:
It should be noted that the Global Roles override anything you specify in the Project Roles. That is, when you give a role the right to Job-Read in the Global Roles, then this role is allowed to read all Jobs, no matter what you specify in the Project Roles.
It may therefore be advisable to leave most (all) options unchecked in Job, Run and SCM in the Global Roles section for normal users.
There are two built-in roles:
*Anonymous* — Users who have not logged in
authenticated — Logged in users
Macros allow to extend analysis of user's access rights (see @RoleMacroExtension). If user's sid meets criteria in Roles and Assignments, then analysis will be propagated to extension, which makes decisions according to instance and parameters.
You can get list of available macros and theirs descriptions at the JENKINS_URL/role-strategy/list-macros page. At the current state, plugin has minimal set of available macros, but they can be added by extensions from plugins.
Macros can be used in the following fields:
Macro string examples:
The management interface becomes difficult to use with a large number of users and/or roles. Several Greasemonkey userscripts exist to make the UI easier to use (Jira issue):
Jenkins Role Strategy UI enhancer
Jenkins Role Strategy Role Management Enhancer and Jenkins Role Strategy Role Assignment Enhancer
Skip to end of metadata Go to start of metadata