-
-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-69869] Categorize the user properties #7268
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Wadeck are you interested in finishing this off?
It's definitely a great idea and a needed feature
Get "approval" about the direction
Looks good
Add a system property to keep the previous approach in place
Why?
(not sure about the process) After merge, updating the ATH to pass with the new approach
All ATH tests need to be passing pre-merge, tbh I'm not aware (as-in had to touch any, not searched) of any tests specifically that touch user config there may not be many to fix.
+1 on this - I think it's a great idea. Apologies for not seeing it sooner. |
👋 Interested yes for sure, having time "soon", less sure :)
I really like the experience I have with some applications that proposes a way to "rollback" UI changes. If you think it's an overkill (in general or in this particular case), please tell me ;-) |
I've:
I'm happy with this UX and code wise now. TODO:
|
Clicking the 'Configure' button on the Users (http://localhost:8080/jenkins/manage/securityRealm/) page results in a 404 |
core/src/main/java/hudson/model/userproperty/UserPropertyCategory.java
Outdated
Show resolved
Hide resolved
@jenkinsci/core-security-review possible to get a review please? |
Yeah, we're aware of this PR and are planning to review it soonish |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested this PR locally, and reviewed code, I don't see any security concern!
core/src/main/java/hudson/model/userproperty/UserPropertyCategoryAccountAction.java
Show resolved
Hide resolved
core/src/main/java/hudson/model/userproperty/UserPropertyCategoryAppearanceAction.java
Show resolved
Hide resolved
core/src/main/java/hudson/model/userproperty/UserPropertyCategoryExperimentalAction.java
Show resolved
Hide resolved
core/src/main/java/hudson/model/userproperty/UserPropertyCategoryPreferencesAction.java
Show resolved
Hide resolved
core/src/main/java/hudson/model/userproperty/UserPropertyCategorySecurityAction.java
Show resolved
Hide resolved
Thanks! Addressed and retested with an admin and read only user, read only user can now see their own everything and the basic ones that they were allowed to before of admins, and admin can see everything. /label ready-for-merge This PR is now ready for merge, after ~24 hours, we will merge it if there's no negative feedback. Thanks! |
Thanks @timja to have worked on this one <3 |
Thanks @timja! This is creating conflicts on the |
Done |
Thanks @timja! We're back up-to-date again. 🙌 |
Hi @timja, unfortunately this is causing a new ATH failure in
|
There is a PR that was waiting for release of this change for that, I think it will work now as well that its merged and not need to wait till Tuesday: jenkinsci/acceptance-test-harness#1584 because of where the change was forward compat was awkward and its doing version detection. |
Broke |
See JENKINS-69869.
This PR is a proposal to categorize the user properties. It follows the same idea as with the Global configuration pages.
Originally I was working on JENKINS-69853 but I wanted to put them in a separate page and end up creating this instead. That's also why you can see the
UserPropertyCategory.Experimental
as a WIP stuff.If you test this PR live, you can look at the Experimental category to see the behavior in the case there is no enabled properties in a given category.
The category system is meant to be used by plugins without requiring to have the most recent version of core, with the String based method.
Screenshots
Before
After
If there is no enabled properties
For reviewers
This PR is structured to ease your review. You can review commit by commit to ease the understanding of the intent.
Structure of this PR in terms of commit:
Testing done
Proposed changelog entries
Proposed upgrade guidelines
N/A
Submitter checklist
@Restricted
or have@since TODO
Javadocs, as appropriate.@Deprecated(since = "TODO")
or@Deprecated(forRemoval = true, since = "TODO")
, if applicable.eval
to ease future introduction of Content Security Policy (CSP) directives (see documentation).Desired reviewers
@daniel-beck @basil As we were quickly discussing about the feature flag topic, this could be a first step in that direction. But not required, as the flags could be a simple UserProperty.
Maintainer checklist
Before the changes are marked as
ready-for-merge
:upgrade-guide-needed
label is set and there is a Proposed upgrade guidelines section in the pull request title (see example).lts-candidate
to be considered (see query).