protected Object valid() { CruiseConfig config = configForEditing(); PipelineConfigs group = config.findGroup(groupName); return group.getCopyForEditing(); }
private PipelineConfigs addUserAndRoleToDefaultGroup(CruiseConfig cruiseConfig, final String user, final String role) { PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); addUserAsOperatorToDefaultGroup(cruiseConfig, user); addRoleAsOperatorToDefaultGroup(cruiseConfig, role); return group; }
protected PipelineConfigs findPipelineConfigs(CruiseConfig cruiseConfig, String group) { validateGroupName(group); PipelineConfigs existingPipelineConfigs = cruiseConfig.findGroup(group); if (existingPipelineConfigs == null) { result.notFound(resourceNotFound("Group", group), notFound()); throw new PipelineGroupNotFoundException(); } return existingPipelineConfigs; }
public boolean isUserAdminOfGroup(final CaseInsensitiveString userName, String groupName) { if (!isSecurityEnabled()) { return true; } PipelineConfigs group = null; if (groupName != null) { group = getCurrentConfig().findGroup(groupName); } return isUserAdmin(new Username(userName)) || isUserAdminOfGroup(userName, group); }
public ConfigForEdit<PipelineConfigs> loadGroupForEditing(String groupName, Username username, HttpLocalizedOperationResult result) { GoConfigHolder configForEdit = cloner.deepClone(getConfigHolder()); if (!isValidGroup(groupName, configForEdit.configForEdit, result)) { return null; } if (!isAdminOfGroup(groupName, username, result)) { return null; } PipelineConfigs config = cloner.deepClone(configForEdit.configForEdit.findGroup(groupName)); return new ConfigForEdit<>(config, configForEdit); }
@Test public void shouldReturnRemoteOriginOfTheGroup() { assertThat(cruiseConfig.findGroup("remote_group").getOrigin(), is(createRepoOrigin())); }
@Test public void shouldAddPipelineWithoutValidationInAnExistingGroup() { CruiseConfig cruiseConfig = createCruiseConfig(); PipelineConfig pipeline1 = PipelineConfigMother.pipelineConfig("first"); PipelineConfig pipeline2 = PipelineConfigMother.pipelineConfig("first"); cruiseConfig.addPipelineWithoutValidation("first-group", pipeline1); assertThat(cruiseConfig.getGroups().size(), is(1)); assertThat(cruiseConfig.findGroup("first-group").get(0), is(pipeline1)); cruiseConfig.addPipelineWithoutValidation("first-group", pipeline2); assertThat(cruiseConfig.findGroup("first-group").get(0), is(pipeline1)); assertThat(cruiseConfig.findGroup("first-group").get(1), is(pipeline2)); }
CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.schemaVersion(), is(CONFIG_SCHEMA_VERSION)); assertThat(cruiseConfig.findGroup("first").isUserAnAdmin(new CaseInsensitiveString("foo"), new ArrayList<>()), is(true));
private PipelineConfigs addRoleAsAdminToDefaultGroup(CruiseConfig cruiseConfig, String role) { PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getAdminsConfig().add(new AdminRole(new CaseInsensitiveString(role))); return group; }
private PipelineConfigs addUserAsOperatorToDefaultGroup(CruiseConfig cruiseConfig, String user) { PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString(user))); return group; }
@Test public void shouldSupportEmptyPipelineGroup() throws Exception { PipelineConfigs group = new BasicPipelineConfigs("defaultGroup", new Authorization()); CruiseConfig config = new BasicCruiseConfig(group); ByteArrayOutputStream stream = new ByteArrayOutputStream(); new MagicalGoConfigXmlWriter(configCache, ConfigElementImplementationRegistryMother.withNoPlugins()).write(config, stream, true); GoConfigHolder configHolder = new MagicalGoConfigXmlLoader(new ConfigCache(), ConfigElementImplementationRegistryMother.withNoPlugins()) .loadConfigHolder(stream.toString()); assertThat(configHolder.config.findGroup("defaultGroup"), is(group)); }
private void addRoleAsOperatorToDefaultGroup(CruiseConfig goConfig, String role) { PipelineConfigs group = goConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getOperationConfig().add(new AdminRole(new CaseInsensitiveString(role))); }
CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.schemaVersion(), is(CONFIG_SCHEMA_VERSION)); assertThat(cruiseConfig.findGroup("first").isUserAnAdmin(new CaseInsensitiveString("foo"), asList(new RoleConfig(new CaseInsensitiveString("bar")))), is(true));
public boolean hasOperatePermissionForStage(String pipelineName, String stageName, String username) { if (!goConfigService.isSecurityEnabled()) { return true; } if (!goConfigService.hasStageConfigNamed(pipelineName, stageName)) { return false; } StageConfig stage = goConfigService.stageConfigNamed(pipelineName, stageName); CaseInsensitiveString userName = new CaseInsensitiveString(username); //TODO - #2517 - stage not exist if (stage.hasOperatePermissionDefined()) { CruiseConfig cruiseConfig = goConfigService.getCurrentConfig(); String groupName = goConfigService.findGroupNameByPipeline(new CaseInsensitiveString(pipelineName)); PipelineConfigs group = goConfigService.getCurrentConfig().findGroup(groupName); if (isUserAdmin(new Username(userName)) || isUserAdminOfGroup(userName, group)) { return true; } return goConfigService.readAclBy(pipelineName, stageName).isGranted(userName); } return hasOperatePermissionForPipeline(new CaseInsensitiveString(username), pipelineName); }
@Test public void validate_shouldAllowUserWhenSecurityIsNotDefinedInGroup() throws Exception { CruiseConfig cruiseConfig = cruiseConfigWithSecurity( new RoleConfig(new CaseInsensitiveString("role"), new RoleUser(new CaseInsensitiveString("first")), new RoleUser(new CaseInsensitiveString("second"))), new AdminUser( new CaseInsensitiveString("admin"))); PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); PipelineConfig pipeline = cruiseConfig.find(DEFAULT_GROUP, 0); StageConfig stage = pipeline.get(0); StageConfigMother.addApprovalWithUsers(stage, "user"); Approval approval = stage.getApproval(); approval.validate(ConfigSaveValidationContext.forChain(cruiseConfig, group, pipeline, stage)); assertNoErrors(approval.getAuthConfig().getUsers().get(0)); }