@Override public ProjectMatrixAuthorizationStrategy instance(Mapping mapping, ConfigurationContext context) throws ConfiguratorException { return new ProjectMatrixAuthorizationStrategy(); }
@Test public void doFillCredentialsIdItemsWithoutJobWhenAdmin() throws Exception { r.jenkins.setSecurityRealm(r.createDummySecurityRealm()); ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy(); as.add(Jenkins.ADMINISTER, "alice"); r.jenkins.setAuthorizationStrategy(as); final UsernamePasswordCredentialsImpl c = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, null, "test", "bob", "s3cr3t"); CredentialsProvider.lookupStores(r.jenkins).iterator().next().addCredentials(Domain.global(), c); ACL.impersonate(User.get("alice").impersonate(), new Runnable() { @Override public void run() { ListBoxModel options = r.jenkins.getDescriptorByType(MercurialSCM.DescriptorImpl.class).doFillCredentialsIdItems(null, "http://nowhere.net/"); assertEquals(CredentialsNameProvider.name(c), options.get(1).name); } }); }
@Override public ACL getACL(Job<?, ?> project) { AuthorizationMatrixProperty amp = project.getProperty(AuthorizationMatrixProperty.class); if (amp != null) { return amp.getACL().newInheritingACL(getRootACL()); } else { return getRootACL(); } }
@Issue("SECURITY-158") @Test public void doFillCredentialsIdItems() throws Exception { r.jenkins.setSecurityRealm(r.createDummySecurityRealm()); ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy(); as.add(Jenkins.READ, "alice"); as.add(Jenkins.READ, "bob"); r.jenkins.setAuthorizationStrategy(as); FreeStyleProject p1 = r.createFreeStyleProject("p1"); FreeStyleProject p2 = r.createFreeStyleProject("p2"); p2.addProperty(new AuthorizationMatrixProperty(Collections.singletonMap(Item.CONFIGURE, Collections.singleton("bob")))); UsernamePasswordCredentialsImpl c = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, null, "test", "bob", "s3cr3t"); CredentialsProvider.lookupStores(r.jenkins).iterator().next().addCredentials(Domain.global(), c); assertCredentials("alice", null); assertCredentials("alice", p1); assertCredentials("alice", p2); assertCredentials("bob", null); assertCredentials("bob", p1); assertCredentials("bob", p2, c); } private void assertCredentials(String user, final Job<?,?> owner, Credentials... expected) {
@Override public ACL getACL(Job<?,?> project) { AuthorizationMatrixProperty amp = project.getProperty(AuthorizationMatrixProperty.class); if (amp != null) { return amp.getACL().newInheritingACL(getRootACL()); } else { return getRootACL(); } }
@CheckForNull @Override public CNode describe(ProjectMatrixAuthorizationStrategy instance, ConfigurationContext context) throws Exception { return compare(instance, new ProjectMatrixAuthorizationStrategy(), context); }
@Issue("JENKINS-32487") @Test public void shouldAssignPropertyOwnerOnCreationAndReload() throws Exception { Folder folder = r.jenkins.createProject(Folder.class, "myFolder"); ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy(); // Need to do this to avoid JENKINS-9774 as.add(Jenkins.ADMINISTER, "alice"); r.jenkins.setAuthorizationStrategy(as); // We add a stub property to generate the persisted list // Then we ensure owner is being assigned properly. folder.addProperty(new FolderCredentialsProvider.FolderCredentialsProperty(new DomainCredentials[0])); assertPropertyOwner("After property add", folder, FolderCredentialsProvider.FolderCredentialsProperty.class); // Reload and ensure that the property owner is set r.jenkins.reload(); Folder reloadedFolder = r.jenkins.getItemByFullName("myFolder", Folder.class); assertPropertyOwner("After reload", reloadedFolder, FolderCredentialsProvider.FolderCredentialsProperty.class); }
@Override public ACL getACL(Job<?,?> project) { AuthorizationMatrixProperty amp = project.getProperty(AuthorizationMatrixProperty.class); if (amp != null) { return amp.getACL().newInheritingACL(getRootACL()); } else { return getRootACL(); } }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }
grantedPermissions.put(Jenkins.ADMINISTER, sids); folder = r.jenkins.getItemByFullName("myFolder", Folder.class); ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy(); as.add(Jenkins.ADMINISTER, "alice"); r.jenkins.setAuthorizationStrategy(as); folder.addProperty(new com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty(grantedPermissions));
@Override public ACL getACL(Job<?,?> project) { AuthorizationMatrixProperty amp = project.getProperty(AuthorizationMatrixProperty.class); if (amp != null) { return amp.getACL().newInheritingACL(getRootACL()); } else { return getRootACL(); } }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }
@Override protected GlobalMatrixAuthorizationStrategy create() { return new ProjectMatrixAuthorizationStrategy(); }