How do i remove specific permissions for a user in Jenkins using groovy script?

Hi all,

I am able to provide a user specific permissions in jenkins using the below script
import jenkins.model.Jenkins
import hudson.model.User
def inst = Jenkins.getInstanceOrNull()
def strategy = inst.getAuthorizationStrategy()
strategy.add(Jenkins.ADMINISTER, “user_id”)

Is it possible to do the reverse i.e. remove permissions using groovy script? Can anyone help me with the script?


Could that help in any way?
Taken from StackOverflow:

The Permission class has an attribute called enabled with associated getters and setters. You can add a permission by setting permission.enabled = true and to remove the permission you should explicitly set permission.enabled = false

The default value for permission.enabled may be different depending on what version of Jenkins you are running. It is best to explicitly set this value either way

import hudson.model.*
import Jenkins.*

def userId = "gfarkas"
def userPermissionList = [hudson.model.Item.CONFIGURE]

Hudson instance = Jenkins.get()
GlobalMatrixAuthorizationStrategy authStrategy = Jenkins.instance.getAuthorizationStrategy()

// Removing each permission from list
userPermissionList.each { permission ->
    permission.enabled = false
    authStrategy.add(permission, userId)

This intended to be ran in the Jenkin’s Script Console

Before running the above script the user had the following permission

with permission

And after running this script the user had the following permission

without permission

If I rerun the script with permission.enabled = true the user has the following permission

with permission

Hi Bruno,

Thanks for your reply. I had tried this piece of code. What this piece of code does is remove that entire permission class for all the users in that Jenkins instance. What i am looking for is to remove only one specific permission for one user.

1 Like

I post the newest comment on that post.
use this instead.

Hi Somali,

Isn’t the permission change only linked to the user referenced by userId?