<shameless-plug> It is most likely that the Jenkins Enterprise by CloudBees RBAC plugin would give you what you want... Of course you'd have to pay for that, hence why this is a plug </shameless-plug>
On Thursday, 24 May 2012, Jan Seidel wrote: > Hi Darryl, > > yes I have checked these links before. > The problem is the project level described there allows only one > configuration for all jobs. > As example the role "Hudson configure" grants the users in this role to > configure all jobs in Jenkins. This is no good as the GUI developers should > not be entitled to change the jobs for the source code and vice versa. > Or > testers may spawn jobs which normally are only triggered by cron job or > admins/integrators while continous builds can be triggered by developers > but the developers must only be able to trigger the CB jobs. > I don't see how to split the groups and assign the roles resulting by this > split to single jobs. > > The projects described are addressing Collabnet TeamForge (CTF) projects > and not Jenkins projects/jobs. > It is not possible for us to split the CTF project due to the nature of > the collaboration between us, the suppliers and the customers. This has to > be managed with roles on project level only. > Even if I could split everything in TeamForge to smaller projects to reach > that level of granularity does each CTF project require a fee. And believe > me it is not cheap... > > Take care > Jan > > Am Donnerstag, 24. Mai 2012 16:27:58 UTC+2 schrieb Darryl Bowler: >> >> Have you seen this? >> http://wiki.hudson-ci.org/**display/HUDSON/CollabNet+**Plugin<http://wiki.hudson-ci.org/display/HUDSON/CollabNet+Plugin> >> -> >> Authentication >> or >> http://wiki.hudson-ci.org/**display/HUDSON/Authentication<http://wiki.hudson-ci.org/display/HUDSON/Authentication> >> >> Look at "Authorize users at the project level" >> >> Regards >> >> On May 24, 2012, at 4:20 AM, Jan Seidel wrote: >> >> Hi folks, >> >> I've got a question. >> Is it possible to create and individually assign new roles to Jenkins >> projects? >> I haven't found an project based security matrix for CTF roles but really >> need one. currently is it afaik only possible to assign entire TeamForge >> projects to a Jenkins project. That's a real no go, as our >> customers/suppliers etc.must not peek around especially as we serve >> competitors. >> We have loads of job categories like: >> >> - Tests/code analysis (cron triggered) >> - Nightly build (cron triggered but testers may also spawn them >> manually) >> - Continous builds (SCM polled and manually spawned by developers >> - Release builds (Integrators only) >> - and many more... >> >> I dont want to assign people the permission to >> delete/configure/build/read to projects which are not of their business. >> >> There are many different aspects of security atm that really makes me >> consider to roll back from the collabnet plugin and pickup some old tools >> and LDAP authentication. >> But that's counteracting our approach to consolidate the entire >> infrastructure ... >> Does someone have an advice how to tackle a fine grained permission >> system based on the collabnet plugin? >> >> Cheers >> Jan >> >> >>
