Security Inspector

The Jenkins project announced an unresolved security vulnerability affecting the current version of this plugin (why?):
This plugin is up for adoption! We are looking for new maintainers. Visit our Adopt a Plugin initiative for more information.

Build Status Jenkins Plugin Jenkins Plugin Installs Contributors

This project is a Jenkins plugin, which allows checking user permissions for particular jobs and nodes. The plugin can create various reports upon the request by Jenkins administrators.

Usage

In order to use the plugin functionality, you should have the global Jenkins.ADMINISTER permission. Once you get it...

  1. Go to the Manage Jenkins > Security Inspector page. Security Inspector Index
  2. Select the report you want to create and click the hyperlink.
  3. Specify additional parameters (filters, etc.) in the opened page. Filter for one user and any jobs
  4. Click Submit. Report for user1 and any jobs

Available reports

Now this plugin can created 3 reports:

For selected user:

  • Single user, multiple jobs.
  • Display job permissions for the specified user.
  • Items for the report can be selected using regular expressions or additional filters (e.g. JobFilter extension point).
  • Single user, multiple nodes.
  • Display node permissions for the specified user.
  • Nodes for the report can be selected using regular expressions.

For selected job:

  • Multiple users, single job.
  • Display users permissions for the specified item.
  • Users for the report can be selected using regular expressions.

License

MIT License

Reporting issues

Use the main Jenkins bugtracker. All issues should use the security-inspector-plugin component. The issue reporting guide is available here.

Contributing

  • Create pull requests on GitHub
  • New reports can be also created in external plugins. There is a ReportBuilder extension point for it.