public UpdateConfigCommand mailHostUpdater(final MailHost mailHost) { return cruiseConfig -> { cruiseConfig.server().updateMailHost(mailHost); return cruiseConfig; }; }
public void validate(CruiseConfig cruiseConfig) { ServerConfig server = cruiseConfig.server(); String newTokenGenerationKey = server.getTokenGenerationKey(); if (tokenGenerationKey == null) { tokenGenerationKey = newTokenGenerationKey; } if (tokenGenerationKey == null || tokenGenerationKey.equals(newTokenGenerationKey) || ! systemEnvironment.enforceServerImmutability() ) { return; } throw new RuntimeException("The value of 'tokenGenerationKey' cannot be modified while the server is online. If you really want to make this change, you may do so while the server is offline. Please note: updating 'tokenGenerationKey' will invalidate all registration tokens issued to the agents so far."); }
public void validate(CruiseConfig cruiseConfig) { ServerConfig server = cruiseConfig.server(); String newServerId = server.getServerId(); if (serverId == null) { serverId = newServerId; } if (serverId == null || serverId.equals(newServerId) || ! env.enforceServerImmutability()) { return; } throw new RuntimeException("The value of 'serverId' uniquely identifies a Go server instance. This field cannot be modified."); }
private UpdateConfigCommand securityUpdater(final boolean shouldAllowAutoLogin) { return cruiseConfig -> { SecurityConfig securityConfig = cruiseConfig.server().security(); securityConfig.modifyAllowOnlyKnownUsers(!shouldAllowAutoLogin); return cruiseConfig; }; }
private String getRepositoryDirectory() { ServerConfig serverConfig = goConfigService.currentCruiseConfig().server(); return String.format("%s/%s", systemEnvironment.get(COMMAND_REPOSITORY_DIRECTORY), serverConfig.getCommandRepositoryLocation()); } }
@Before public void setUp() throws Exception { SystemEnvironment systemEnvironment = mock(SystemEnvironment.class); validator = new CommandRepositoryLocationValidator(systemEnvironment); cruiseConfig = mock(BasicCruiseConfig.class); serverConfig = mock(ServerConfig.class); when(cruiseConfig.server()).thenReturn(serverConfig); when(systemEnvironment.get(COMMAND_REPOSITORY_DIRECTORY)).thenReturn("db/task_repository"); repoRootLocation = new File("db/task_repository").getAbsolutePath(); }
public void onConfigChange(CruiseConfig newCruiseConfig) { ServerConfig newServerConfig = newCruiseConfig.server(); ServerSiteUrlConfig newSecureSiteUrl = newServerConfig.getSecureSiteUrl(); ServerSiteUrlConfig newSiteUrl = newServerConfig.getSiteUrl(); if (!(secureSiteUrl.equals(newSecureSiteUrl) && siteUrl.equals(newSiteUrl))) { goCache.remove(URLS_CACHE_KEY); LOGGER.info("[Configuration Changed] Site URL was changed from [{}] to [{}] and Secure Site URL was changed from [{}] to [{}]", siteUrl, newSiteUrl, secureSiteUrl, newSecureSiteUrl); } setUrls(newSiteUrl, newSecureSiteUrl); }
@Override public boolean isValid(CruiseConfig preprocessedConfig) { preprocessedRole = preprocessedConfig.server().security().getRoles().findByNameAndType(role.getName(), role.getClass()); if (!preprocessedRole.validateTree(RolesConfigUpdateValidator.validationContextWithSecurityConfig(preprocessedConfig))) { BasicCruiseConfig.copyErrors(preprocessedRole, role); return false; } return true; }
@Test public void shouldAllowDoublePurgeStartAndPurgeUptoAttributes() { String content = "<cruise schemaVersion='" + CONFIG_SCHEMA_VERSION + "'>\n" + "<server artifactsdir='artifacts' purgeStart='1.2' purgeUpto='3.4'>" + "</server></cruise>"; CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.server().getPurgeStart(), is(1.2)); assertThat(cruiseConfig.server().getPurgeUpto(), is(3.4)); }
@Test public void shouldAllowPurgeStartAndPurgeUptoAttributes() { String content = "<cruise schemaVersion='" + CONFIG_SCHEMA_VERSION + "'>\n" + "<server artifactsdir='artifacts' purgeStart='1' purgeUpto='3'>" + "</server></cruise>"; CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.server().getPurgeStart(), is(1.0)); assertThat(cruiseConfig.server().getPurgeUpto(), is(3.0)); }
private String pluginIdForRole(PluginRoleConfig role) { SecurityAuthConfig authConfig = goConfigService.cruiseConfig().server().security().securityAuthConfigs().find(role.getAuthConfigId()); if (authConfig == null) { return null; } return authConfig.getPluginId(); } }
@Test public void shouldAllowSiteUrlandSecureSiteUrlAttributes() { String content = "<cruise schemaVersion='" + CONFIG_SCHEMA_VERSION + "'>\n" + "<server artifactsdir='artifacts' siteUrl='http://www.someurl.com/go' secureSiteUrl='https://www.someotherurl.com/go' >" + "</server></cruise>"; CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.server().getSiteUrl(), is(new ServerSiteUrlConfig("http://www.someurl.com/go"))); assertThat(cruiseConfig.server().getSecureSiteUrl(), is(new ServerSiteUrlConfig("https://www.someotherurl.com/go"))); }
@Test public void shouldGetTheJobTimeoutFromServerTag_37xsl() { String content = "<cruise schemaVersion='" + CONFIG_SCHEMA_VERSION + "'>\n" + "<server artifactsdir='artifacts' siteUrl='http://www.someurl.com/go' secureSiteUrl='https://www.someotherurl.com/go' jobTimeout='30' >" + "</server></cruise>"; CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.server().getJobTimeout(), is("30")); }
@Test // #3098 public void shouldAlwaysWriteArtifactsDir() throws Exception { CruiseConfig cruiseConfig = ConfigMigrator.load(ConfigFileFixture.DEFAULT_XML_WITH_2_AGENTS); xmlWriter.write(cruiseConfig, output, false); assertThat(xmlWriter.toXmlPartial(cruiseConfig.server()), containsString("<server artifactsdir=\"artifactsDir\" ")); }
private void addRole(Role role) { config.server().security().addRole(role); try { new MagicalGoConfigXmlWriter(new ConfigCache(), ConfigElementImplementationRegistryMother.withNoPlugins()).write(config, new ByteArrayOutputStream(), false); } catch (Exception e) { throw new RuntimeException(e); } }
public boolean hasOperatePermissionForGroup(final CaseInsensitiveString username, String groupName) { CruiseConfig cruiseConfig = goConfigService.getCurrentConfig(); if (!cruiseConfig.isSecurityEnabled()) { return true; } if (isUserAdmin(new Username(username))) { return true; } PipelineConfigs group = cruiseConfig.getGroups().findGroup(groupName); return isUserAdminOfGroup(username, group) || group.hasOperatePermission(username, new UserRoleMatcherImpl(cruiseConfig.server().security())); }
public boolean hasViewPermissionForGroup(String userName, String pipelineGroupName) { CruiseConfig cruiseConfig = goConfigService.getCurrentConfig(); if (!cruiseConfig.isSecurityEnabled()) { return true; } CaseInsensitiveString username = new CaseInsensitiveString(userName); if (isUserAdmin(new Username(username))) { return true; } PipelineConfigs group = cruiseConfig.getGroups().findGroup(pipelineGroupName); return isUserAdminOfGroup(username, group) || group.hasViewPermission(username, new UserRoleMatcherImpl(cruiseConfig.server().security())); }
private CruiseConfig cruiseConfigWithSecurity(Role roleDefinition, Admin admins) { CruiseConfig cruiseConfig = GoConfigMother.configWithPipelines("pipeline"); SecurityConfig securityConfig = cruiseConfig.server().security(); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("file", "cd.go.authentication.passwordfile")); securityConfig.addRole(roleDefinition); securityConfig.adminsConfig().add(admins); return cruiseConfig; }
@Test public void shouldNotThrowExceptionIfRoleNameExistInPipelinesAuthorization() { AdminRole role = new AdminRole(new CaseInsensitiveString("role2")); PipelineConfigs pipelinesConfig = new BasicPipelineConfigs(new Authorization(new ViewConfig(role))); CruiseConfig config = new BasicCruiseConfig(pipelinesConfig); config.server().security().addRole(new RoleConfig(new CaseInsensitiveString("role2"))); role.validate(ConfigSaveValidationContext.forChain(config)); assertThat(role.errors().isEmpty(), is(true)); }
@Test public void shouldNotThrowExceptionIfRoleNameExist() { AdminRole role = new AdminRole(new CaseInsensitiveString("role1")); StageConfig stage = StageConfigMother.custom("ft", new AuthConfig(role)); PipelineConfigs pipelineConfigs = new BasicPipelineConfigs(new PipelineConfig(new CaseInsensitiveString("pipeline"), new MaterialConfigs(), stage)); CruiseConfig config = new BasicCruiseConfig(pipelineConfigs); config.server().security().addRole(new RoleConfig(new CaseInsensitiveString("role1"))); role.validate(ConfigSaveValidationContext.forChain(config)); assertThat(role.errors().isEmpty(), is(true)); }