github-oauth-plugin icon indicating copy to clipboard operation
github-oauth-plugin copied to clipboard

Published 20 hours ago verified publisher icon jenkinsci

Prioritize Github Repo permissions

Open hughsaunders opened this issue 4 years ago • 2 comments

Previously members of authorised orgs were granted read access to repos before the github permissions of the user were checked, even if useRepositoryPermissions was enabled. This resulted in users having read access to all jobs, even jobs for repos they don't have access to.

This commit moves the github repo permissions check earlier so that read can be denied to users if they don't have permissions on the repo.

Related: conjurinc/ops#658

hughsaunders avatar Aug 05 '20 10:08 hughsaunders

Apologies for the delay. I've been on a bit of a hiatus but I'm going to start ramping up contributions to Jenkins again. I'll start by reviewing pull requests for github-oauth-plugin and try to address them (feedback or merge, etc)

samrocketman avatar Mar 24 '21 12:03 samrocketman

@samrocketman Might there be an opportunity to review this coming up? We'll be having to recompile our local version from this branch shortly to facilitate upgrades. Please let us know if there's anything we can do to help.

garymoon avatar Jun 23 '21 18:06 garymoon