[JIRA] (JENKINS-59662) Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter

[benjamin.muschko@gmail.com (JIRA)]

Benjamin Muschko created an issue

Jenkins / JENKINS-59662 Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter Issue Type: Improvement Assignee: Unassigned Components: core, pipeline Created: 2019-10-04 16:40 Priority: Minor Reporter: Benjamin Muschko The submitter parameter of the input step controls which user is allowed to submit a manual step. Let's say you have the following definition: ``` input(message: message, submitter: 'john,mary,jack') ``` If I am logged in as ben I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it. In a declarative pipeline, I believe you can work around this by using the following code: ``` when { beforeAgent() } ``` There a two issues with this approach: 1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately. 2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered. Add Comment

This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)

[benjamin.muschko@gmail.com (JIRA)]

Benjamin Muschko updated an issue

Jenkins / JENKINS-59662 Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter

Change By: Benjamin Muschko The {{submitter}} parameter of the [input step|https://jenkins.io/doc/pipeline/steps/pipeline-input-step/] controls which user is allowed to submit a manual step.

Let's say you have the following definition:

``` {{ input(message: message, submitter: 'john,mary,jack') }} ``` If I am logged in as {{ben}} I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it. In a declarative pipeline, I believe you can work around this by using the following code: ``` {{ when {     beforeAgent() } }} ``` There a two issues with this approach: 1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately. 2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered.

Add Comment

[benjamin.muschko@gmail.com (JIRA)]

[benjamin.muschko@gmail.com (JIRA)]

[benjamin.muschko@gmail.com (JIRA)]

[benjamin.muschko@gmail.com (JIRA)]

[benjamin.muschko@gmail.com (JIRA)]

[benjamin.muschko@gmail.com (JIRA)]

Benjamin Muschko updated an issue

Jenkins / JENKINS-59662 Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter Change By: Benjamin Muschko

The {{submitter}} parameter of the [input step|https://jenkins.io/doc/pipeline/steps/pipeline-input-step/] controls which user is allowed to submit a manual step. Let's say you have the following definition:

{{input(message: message 'Do you want to approve?' , submitter: 'john,mary,jack')}}

If I am logged in as {{ben}} I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it. In a declarative pipeline, I believe you can work around this by using the following code: when { beforeAgent() } There a two issues with this approach: 1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately. 2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered.

Add Comment

[benjamin.muschko@gmail.com (JIRA)]

Benjamin Muschko updated an issue

Jenkins / JENKINS-59662 Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter Change By: Benjamin Muschko

The {{submitter}} parameter of the [input step|https://jenkins.io/doc/pipeline/steps/pipeline-input-step/] controls which user is allowed to submit a manual step. Let's say you have the following definition:

{{input(message: 'Do you want to approve?', submitter: 'john,mary,jack')}}

If I am logged in as {{ben}} I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it. In a declarative pipeline, I believe you can work around this by using the following code: when { beforeAgent() } There a two issues with this approach: 1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately.

2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered based on the currently logged-in user .

Add Comment

[benjamin.muschko@gmail.com (JIRA)]

Benjamin Muschko updated an issue

Jenkins / JENKINS-59662 Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter Change By: Benjamin Muschko

The {{submitter}} parameter of the [input step|https://jenkins.io/doc/pipeline/steps/pipeline-input-step/] controls which user is allowed to submit a manual step. Let's say you have the following definition: {{input(message: 'Do you want to approve?', submitter: 'john,mary,jack')}} If I am logged in as {{ben}} I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it. In a declarative pipeline, I believe you can work around this by using the following code: when { beforeAgent() } There a two issues with this approach:

1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately. I opened for [JENKINS-59663|https://issues.jenkins-ci.org/browse/JENKINS-59663] it.

2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered based on the currently logged-in user.

Add Comment

[benjamin.muschko@gmail.com (JIRA)]

Benjamin Muschko updated an issue

Jenkins / JENKINS-59662 Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter Change By: Benjamin Muschko

The {{submitter}} parameter of the [input step|https://jenkins.io/doc/pipeline/steps/pipeline-input-step/] controls which user is allowed to submit a manual step. Let's say you have the following definition:

{ { code}

input(message: 'Do you want to approve?', submitter: 'john,mary,jack')

{code } }

If I am logged in as {{ben}} I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it. In a declarative pipeline, I believe you can work around this by using the following code:

{code} when { beforeAgent() } {code}

There a two issues with this approach: 1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately. I opened for [JENKINS-59663|https://issues.jenkins-ci.org/browse/JENKINS-59663] it. 2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered based on the currently logged-in user.

Add Comment

[benjamin.muschko@gmail.com (JIRA)]

Benjamin Muschko updated an issue

Jenkins / JENKINS-59662 Pipeline input step should not render approval pop-up if logged-in user is not declared as submitter Change By: Benjamin Muschko

The {{submitter}} parameter of the [input step|https://jenkins.io/doc/pipeline/steps/pipeline-input-step/] controls which user is allowed to submit a manual step. Let's say you have the following definition:

{{input(message: 'Do you want to approve?', submitter: 'john,mary,jack')}}

If I am logged in as {{ben}} I can still click the "Proceed" button. The pipeline will then tell me that I am not allowed to approve the operation. From a user's perspective, this is misleading and confusing. The approval pop-up shouldn't even be rendered if I am not allowed to click it. In a declarative pipeline, I believe you can work around this by using the following code:

{code} when { beforeAgent() } {code} There a two issues with this approach: 1. Defining a manual step that uses an agent will cause the executor to be blocked which you likely will never want to do. This is a related issue and should be addressed separately. I opened for [JENKINS-59663|https://issues.jenkins-ci.org/browse/JENKINS-59663] it. 2. How do you achieve this in a scripted pipeline? As far as I can tell, there's no way to prevent the pop-up from being rendered based on the currently logged-in user.

Add Comment