> On 14. Jul 2017, at 17:04, Jason LeMauk <jason.lem...@csquaredsystems.com> > wrote: > > Because you must grant a user the overall global read permission in order to > view any jobs, in the ACL matrix for each project I have checked the option > to ‘Block inheritance of global authorization matrix’ in order to prevent > users from viewing jobs which they have not explicitly been assigned a read > permission on the project level. This seems to work great for limiting what > jobs users are able to see.
Not an answer to your question, but note that Overall/Read is separate from Job/Read; to achieve the same behavior you just need Overall/Read globally, then grant Job/Read per job you wish to grant access to. IOW, remove Job/Read globally, and you won't need 'block inheritance'. Which approach is superior depends on which is the more common case. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/9D4C79E5-40DD-4133-90F5-6155C38A0461%40beckweb.net. For more options, visit https://groups.google.com/d/optout.
