I am using multibranch pipelines in projects with two branches: develop and master. This creates two subprojects, one for each branch:

App_Pipeline
     |---master
     |---develop

I have set up the Role Strategy plugin to control the authorization (visibility) of the jobs/pipelines depending on the assigned role.

Project Roles:

• manager: Uses a regexp App_.*
• developer: Uses a regexp App_.*

With my current roles, both types of users see the superproject (App_Pipeline), and can execute both subprojects.

The point is that I want some users (developers) to be able to see and run the develop subproject and some others (managers) to view and run both subprojects, master and develop.

I haven't found a way of configuring this yet, any idea how it can be achieved?

UPDATE: This is the whole context of the problem.

I'm using multibranch pipeline to scan a whole Bitbucket Project giving me:

ORGANIZATION
   Repo1
     |---master
     |---develop
   Repo2
     |---master
     |---develop
   Poc-repo1
     |---master
     |---develop
   Poc-repo2
     |---master
     |---develop

I need to support these cases:

1. Some users can read and build ONLY projects with the Poc- prefix. The shouldn't see any other project.
2. Other users can read all projects but only build develop branches
3. Finally others can read and build all projects

It's supported with two-level security structure, example:

rol1 ".*holaArtifactoryMultibranch.*" --> read

rol2 ".*holaArtifactoryMultibranch\/master.*" --> build

Now, you can associate a user/group to rol1 and rol2

UPDATE:

I see your point, if you have an intermediate folder:

rol1    "^FOLDER$"   --> read

rol2    "^FOLDER\/holaArtifactoryMultibranch.*$"--> read

You'll see the holaArtifactoryMultibranch folder, but not others.