Merge branch 'SECURITY-144' into SECURITY-144-rc

core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java

@@ -155,7 +155,7 @@ public class AdminWhitelistRule implements StaplerProxy {
 
     @RequirePOST
     public HttpResponse doSubmit(StaplerRequest req) throws IOException {
-        jenkins.checkPermission(Jenkins.ADMINISTER);
+        jenkins.checkPermission(Jenkins.RUN_SCRIPTS);
 
         String whitelist = Util.fixNull(req.getParameter("whitelist"));
         if (!whitelist.endsWith("\n"))
@@ -207,7 +207,7 @@ public class AdminWhitelistRule implements StaplerProxy {
 
     public void setMasterKillSwitch(boolean state) {
         try {
-            jenkins.checkPermission(Jenkins.ADMINISTER);
+            jenkins.checkPermission(Jenkins.RUN_SCRIPTS);
             FileUtils.writeStringToFile(getMasterKillSwitchFile(),Boolean.toString(state));
             // treat the file as the canonical source of information in case write fails
             masterKillSwitch = loadMasterKillSwitchFile();
@@ -221,7 +221,7 @@ public class AdminWhitelistRule implements StaplerProxy {
      */
     @Override
     public Object getTarget() {
-        jenkins.checkPermission(Jenkins.ADMINISTER);
+        jenkins.checkPermission(Jenkins.RUN_SCRIPTS);
         return this;
     }
 

core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index.jelly

@@ -23,7 +23,7 @@ THE SOFTWARE.
 -->
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
-<l:layout title="${%Whitelist}" permission="${app.ADMINISTER}">
+<l:layout title="${%Whitelist}" permission="${app.RUN_SCRIPTS}">
   <st:include page="sidepanel.jelly" it="${app}"/>
   <l:main-panel>
     <h1>${%Slave &#8594; Master Access Control}</h1>