RELEASED: Public: 2013-10-16
Resolved issues
-
CloudBees Internal Ticket: RM-1566
ExportsAction/action.jelly checking incorrect permissions, eg. Job.VIEW not ExportsAction.VIEW, the side effect of this was that the Exports link would be visible to people with the Job.VIEW permission but clicking on the link would result in a 403 or 330 as the target page correctly checks for ExportsAction.VIEW. In other words, the effective permissions were enforced but users could see that such functionality exists