@Override public void update(CruiseConfig modifiedConfig) { if (securityService.isUserGroupAdmin(currentUser)) { templateConfig.setAuthorization(new Authorization(new AdminsConfig(new AdminUser(currentUser.getUsername())))); } modifiedConfig.addTemplate(templateConfig); }
@Test public void shouldNotWriteEmptyAuthorizationUnderEachTemplateTagOntoConfigFile() throws Exception { CruiseConfig cruiseConfig = new BasicCruiseConfig(); PipelineTemplateConfig template = com.thoughtworks.go.helper.PipelineTemplateConfigMother.createTemplate("template-name", new Authorization(new AdminsConfig()), com.thoughtworks.go.helper.StageConfigMother.manualStage("stage-name")); cruiseConfig.addTemplate(template); xmlWriter.write(cruiseConfig, output, false); String writtenConfigXml = this.output.toString(); assertThat(writtenConfigXml, not(containsString("<authorization>"))); }
@Test public void shouldNotDisplayTheOptionIfTemplateAllowsGroupAdminsToBeViewers() throws Exception { CruiseConfig cruiseConfig = new BasicCruiseConfig(); PipelineTemplateConfig template = com.thoughtworks.go.helper.PipelineTemplateConfigMother.createTemplate("template-name", new Authorization(new AdminsConfig()), com.thoughtworks.go.helper.StageConfigMother.manualStage("stage-name")); cruiseConfig.addTemplate(template); xmlWriter.write(cruiseConfig, output, false); String writtenConfigXml = this.output.toString(); assertThat(writtenConfigXml, not(containsString("allGroupAdminsAreViewers"))); }
@Test public void shouldDisplayTheFlagInXmlIfTemplateAuthorizationDoesNotAllowGroupAdmins() throws Exception { CruiseConfig cruiseConfig = new BasicCruiseConfig(); PipelineTemplateConfig template = com.thoughtworks.go.helper.PipelineTemplateConfigMother.createTemplate("template-name", new Authorization(new AdminsConfig()), com.thoughtworks.go.helper.StageConfigMother.manualStage("stage-name")); template.getAuthorization().setAllowGroupAdmins(false); cruiseConfig.addTemplate(template); xmlWriter.write(cruiseConfig, output, false); String writtenConfigXml = this.output.toString(); assertThat(writtenConfigXml, containsString("allGroupAdminsAreViewers")); }
@Test public void shouldErrorOutIfWorkingDirectoryIsOutsideTheCurrentWorkingDirectoryForTemplates() { CruiseConfig config = GoConfigMother.configWithPipelines("pipeline-blah"); BuildTask task = new AntTask(); task.setWorkingDirectory("/blah"); StageConfig stageConfig = StageConfigMother.manualStage("manualStage"); stageConfig.getJobs().get(0).addTask(task); PipelineTemplateConfig template = new PipelineTemplateConfig(new CaseInsensitiveString("some-template"), stageConfig); config.addTemplate(template); List<ConfigErrors> errors = config.validateAfterPreprocess(); assertThat(errors.size(), is(1)); String message = "Task of job 'default' in stage 'manualStage' of template 'some-template' has path '/blah' which is outside the working directory."; assertThat(task.errors().on(BuildTask.WORKING_DIRECTORY), is(message)); } }
@Test public void shouldReturnAMapOfAllTemplateNamesWithAssociatedPipelines() { PipelineTemplateConfig template = template("first_template"); PipelineConfig pipelineConfig1 = PipelineConfigMother.pipelineConfig("first"); pipelineConfig1.clear(); pipelineConfig1.setTemplateName(new CaseInsensitiveString("first_template")); pipelineConfig1.usingTemplate(template); PipelineConfig pipelineConfig2 = PipelineConfigMother.pipelineConfig("second"); pipelineConfig2.clear(); pipelineConfig2.setTemplateName(new CaseInsensitiveString("FIRST_template")); pipelineConfig2.usingTemplate(template); PipelineConfig pipelineConfigWithoutTemplate = PipelineConfigMother.pipelineConfig("third"); BasicPipelineConfigs pipelineConfigs = new BasicPipelineConfigs(pipelineConfig1, pipelineConfig2, pipelineConfigWithoutTemplate); pipelineConfigs.setOrigin(new FileConfigOrigin()); CruiseConfig cruiseConfig = createCruiseConfig(pipelineConfigs); cruiseConfig.addTemplate(template); SecurityConfig securityConfig = new SecurityConfig(false); securityConfig.adminsConfig().add(new AdminUser(new CaseInsensitiveString("root"))); cruiseConfig.server().useSecurity(securityConfig); Map<CaseInsensitiveString, Map<CaseInsensitiveString, Authorization>> allTemplatesWithAssociatedPipelines = cruiseConfig.templatesWithAssociatedPipelines(); assertThat(allTemplatesWithAssociatedPipelines.size(), is(1)); HashMap<CaseInsensitiveString, Map<CaseInsensitiveString, Authorization>> expectedTemplatesMap = new HashMap<>(); expectedTemplatesMap.put(new CaseInsensitiveString("first_template"), new HashMap<>()); expectedTemplatesMap.get(new CaseInsensitiveString("first_template")).put(new CaseInsensitiveString("first"), new Authorization()); expectedTemplatesMap.get(new CaseInsensitiveString("first_template")).put(new CaseInsensitiveString("second"), new Authorization()); assertThat(allTemplatesWithAssociatedPipelines, is(expectedTemplatesMap)); }
@Test public void shouldNotAddValidationErrorWhenAssociatedTemplateExists() { PipelineConfig pipelineConfig = new PipelineConfig(new CaseInsensitiveString("wunderbar"), new MaterialConfigs()); config.addPipeline("group", pipelineConfig); config.addTemplate(new PipelineTemplateConfig(new CaseInsensitiveString("t1"))); pipelineConfig.setTemplateName(new CaseInsensitiveString("t1")); pipelineConfig.validateTree(PipelineConfigSaveValidationContext.forChain(true, "group", config, pipelineConfig)); assertThat(pipelineConfig.errors().getAllOn("template"), is(nullValue())); }
@Test public void shouldAllowResourcesWithParamsForJobs() throws Exception { CruiseConfig cruiseConfig = new BasicCruiseConfig(); cruiseConfig.addTemplate(new PipelineTemplateConfig(new CaseInsensitiveString("template"), stageWithJobResource("#{PLATFORM}"))); PipelineConfig pipelineConfig = new PipelineConfig(new CaseInsensitiveString("pipeline"), new MaterialConfigs()); pipelineConfig.setTemplateName(new CaseInsensitiveString("template")); pipelineConfig.addParam(new ParamConfig("PLATFORM", "windows")); cruiseConfig.addPipeline("group", pipelineConfig); List<ConfigErrors> errorses = MagicalGoConfigXmlLoader.validate(cruiseConfig); assertThat(errorses.isEmpty(), is(true)); }
@Test public void shouldErrorOutForTemplates_WhenItHasATaskWithInvalidWorkingDirectory() { CruiseConfig cruiseConfig = GoConfigMother.configWithPipelines("some_pipeline"); StageConfig templateStage = StageConfigMother.stageWithTasks("templateStage"); ExecTask execTask = new ExecTask("ls", "-la", "/"); templateStage.getJobs().first().addTask(execTask); PipelineTemplateConfig template = new PipelineTemplateConfig(new CaseInsensitiveString("template_name"), templateStage); cruiseConfig.addTemplate(template); try { execTask.validateTask(ConfigSaveValidationContext.forChain(cruiseConfig, template, templateStage, templateStage.getJobs().first())); assertThat(execTask.errors().isEmpty(), is(false)); assertThat(execTask.errors().on(ExecTask.WORKING_DIR), is("The path of the working directory for the custom command in job 'job' in stage 'templateStage' of template 'template_name' is outside the agent sandbox.")); } catch (Exception e) { fail("should not have failed. Exception: " + e.getMessage()); } }
public PipelineConfig addPipelineWithTemplate(CruiseConfig cruiseConfig, String pipelineName, String templateName, String stageName, String... buildNames) { PipelineTemplateConfig templateConfig = new PipelineTemplateConfig(new CaseInsensitiveString(templateName), StageConfigMother.custom(stageName, defaultBuildPlans(buildNames))); PipelineConfig pipelineConfig = new PipelineConfig(new CaseInsensitiveString(pipelineName), MaterialConfigsMother.mockMaterialConfigs("file:///tmp/foo")); pipelineConfig.setTemplateName(new CaseInsensitiveString(templateName)); cruiseConfig.addTemplate(templateConfig); cruiseConfig.addPipeline(DEFAULT_GROUP, pipelineConfig); return pipelineConfig; }
@Test public void shouldAllowRoleWithParamsForStageInTemplate() throws Exception { CruiseConfig cruiseConfig = new BasicCruiseConfig(); cruiseConfig.server().security().addRole(new RoleConfig(new CaseInsensitiveString("role"))); cruiseConfig.addTemplate(new PipelineTemplateConfig(new CaseInsensitiveString("template"), stageWithAuth("#{ROLE}"))); PipelineConfig pipelineConfig = new PipelineConfig(new CaseInsensitiveString("pipeline"), new MaterialConfigs()); pipelineConfig.setTemplateName(new CaseInsensitiveString("template")); pipelineConfig.addParam(new ParamConfig("ROLE", "role")); cruiseConfig.addPipeline("group", pipelineConfig); List<ConfigErrors> errorses = MagicalGoConfigXmlLoader.validate(cruiseConfig); assertThat(errorses.isEmpty(), is(true)); }