Jenkins role based authentication - user is missing overall/read permissions

Question

I have created a role called JC role and given access to global role => Overall read & couple of more.

Also created some project level roles Developer & Tester. For Developer, given every access, for Tester only few accesses I have given.

Now, from assign roles, I have assigned Dev1 user to Global JC role & Developer project role. Also assigned Test1 user to global JC role & Developer, Tester project roles.

restarted the jenkins after this.

when tried to login with Dev1, I am able to see corresponding pattern matched jobs only.

When I tried to login through Test1, I am getting "user is missing the Overall/Read permission". Why is that so, I am not able to view anything as tester.

Any pointers or how to resolve this issue?

PS, I am using role bases authorization strategy plugin.

Answer 1

I faced the same problem and this is how I solved it.

1. Create a global role with only "Overall Read Permission"
2. Add the user under global role and assign this read permission.

Detailed steps: 1. Create a global role called "Read" or anything you wish and give only Overall Read permission. You can do this by /role-strategy/manage-roles or got to Manage Jenkins --> Manage and Assign Roles --> Manage Roles

2. Then, go to Manage Jenkins --> Manage and Assign Roles --> Assign Roles Under Global Roles, you will see "Read" column. Add your user "Test1" to global role and select only "Read" column.

Make sure to save/apply before you leave the page.