Jenkins restrict view of jobs per user

Question

In Jenkins, is there a way to restrict the user to view only certain jobs?

Only through "Project-based Matrix Authorization Strategy" Jenkins allows the restriction of user ability per project. Without the 'Overall' 'Read' setting user cannot access anything this is the issue. 

Any plugin available which allows job restriction?

Answer 1

You can follow these steps to restrict the user to view only certain jobs:

• From the Jenkins dashboard, click on Manage Jenkins.
• Under Manage jenkins->Configure Global Security-> Select Enable security.
• Under the Authorization section, use Jenkins "Project-based Matrix Authorization Strategy"
• Add the particular user you want to authorize and assign the appropriate permissions.

You can check out this Jenkins Tutorial to get started with Jenkins.

Answer 2

Yes, in Jenkins, you would limit users to see only certain jobs via the "Project-based Matrix Authorization Strategy." However, you have pointed out that, as you noted, you still need Overall > Read permission to access the system generally. From there, you have the right to see the Jenkins dashboard, including names of jobs, that you can see without access to details on the job.

This should be answered by proposing a few plugins and techniques which might be used to make further job visibility and access fine-tuning:

Role-Based Authorization Strategy Plugin:

It enables you to have greater control through the definition of roles and linking of users to roles which may be applied to certain jobs or folders. You can create roles that have access only to specific jobs, without needing Overall > Read access for other jobs. Folders Plugin:

By integrating the Folders plugin with the Role-Based Authorization Strategy, you are able to put your jobs into folders and then dictate who can see which of the folders.

This then eliminates a cluttered view, and the user will never be able to view any of the jobs that they cannot access because they do not have access to the folder.

Job Restrictions Plugin:

This is not about visibility. It actually prevents execution, even viewability, of jobs based on certain criteria that are met, which introduces yet another level of management.

Role-Based Authorization Strategy Installation Steps

Install Role-Based Authorization Strategy Plugin

Go to Manage Jenkins > Manage Plugins > Available, and search for "Role-Based Authorization Strategy", then install.

Configure Roles:

Go to Manage Jenkins > Manage and Assign Roles > Manage Roles.

Create roles with limited permissions and assign them to specific jobs or folders.

Assign these roles to users, so that they will have the required permissions for certain jobs or folders.

Organize with Folders (Optional)

Cluster related jobs together and use permissions at the folder level. In this way, visibility into jobs is easy as well.

Fine-grained access control: only those permitted to see the job and who can see the job can do anything with it.