public GoUserPrinciple(String username, String displayName, Set<GrantedAuthority> authorities) { this.username = new Username(username, displayName); this.authorities = authorities; this.displayName = displayName; }
public Username usernameFor(String pluginId) { return new Username(format("plugin-%s", pluginId)); }
public Username agentUsername(String uuId, String ipAddress, String hostNameForDisplay) { return new Username(String.format("agent_%s_%s_%s", uuId, ipAddress, hostNameForDisplay)); }
public Map<CaseInsensitiveString, List<CaseInsensitiveString>> templatesWithPipelinesForUser(CaseInsensitiveString username) { HashMap<CaseInsensitiveString, List<CaseInsensitiveString>> templatesToPipelinesMap = new HashMap<>(); Map<CaseInsensitiveString, Map<CaseInsensitiveString, Authorization>> authMap = goConfigService.getCurrentConfig().templatesWithAssociatedPipelines(); for (CaseInsensitiveString templateName : authMap.keySet()) { if (securityService.isAuthorizedToViewTemplate(templateName, new Username(username))) { templatesToPipelinesMap.put(templateName, new ArrayList<>()); Map<CaseInsensitiveString, Authorization> authorizationMap = authMap.get(templateName); for (CaseInsensitiveString pipelineName : authorizationMap.keySet()) { templatesToPipelinesMap.get(templateName).add(pipelineName); } } } return templatesToPipelinesMap; }
private void checkAndAddTemplateViewUser(String userName, Set<GrantedAuthority> authorities) { if (securityService.isAuthorizedToViewTemplates(new Username(userName))) { authorities.add(GoAuthority.ROLE_TEMPLATE_VIEW_USER.asAuthority()); } }
public static Username valueOf(String username) { return new Username(new CaseInsensitiveString(username)); } }
private void checkAndAddSuperAdmin(String username, Set<GrantedAuthority> authorities) { if (securityService.isUserAdmin(new Username(new CaseInsensitiveString(username)))) { authorities.add(GoAuthority.ROLE_SUPERVISOR.asAuthority()); } } }
private boolean userNameListContainsAdmin(List<String> enabledUserNames) { for (String enabledUserName : enabledUserNames) { if (securityService.isUserAdmin(new Username(new CaseInsensitiveString(enabledUserName)))) { return true; } } return false; }
private void checkAndAddGroupAdmin(String username, Set<GrantedAuthority> authorities) { if (securityService.isUserGroupAdmin(new Username(new CaseInsensitiveString(username)))) { authorities.add(GoAuthority.ROLE_GROUP_SUPERVISOR.asAuthority()); } }
private void checkAndAddTemplateAdmin(String username, Set<GrantedAuthority> authorities) { if (securityService.isAuthorizedToViewAndEditTemplates(new Username(new CaseInsensitiveString(username)))) { authorities.add(GoAuthority.ROLE_TEMPLATE_SUPERVISOR.asAuthority()); } }
private List<UserModel> allUsersForDisplay() { Collection<User> users = allUsers(); ArrayList<UserModel> userModels = new ArrayList<>(); for (User user : users) { String userName = user.getName(); ArrayList<String> roles = new ArrayList<>(); for (Role role : goConfigService.rolesForUser(new CaseInsensitiveString(userName))) { roles.add(CaseInsensitiveString.str(role.getName())); } userModels.add(new UserModel(user, roles, securityService.isUserAdmin(new Username(new CaseInsensitiveString(userName))))); } return userModels; }
public boolean isUserAdminOfGroup(final CaseInsensitiveString userName, String groupName) { if (!isSecurityEnabled()) { return true; } PipelineConfigs group = null; if (groupName != null) { group = getCurrentConfig().findGroup(groupName); } return isUserAdmin(new Username(userName)) || isUserAdminOfGroup(userName, group); }
public PipelineInstanceModels load(String pipelineName, Pagination pagination, String username, boolean populateCanRun) { PipelineInstanceModels history = pipelineDao.loadHistory(pipelineName, pagination.getPageSize(), pagination.getOffset()); PipelineConfig pipelineConfig = goConfigService.pipelineConfigNamed(new CaseInsensitiveString(pipelineName)); for (PipelineInstanceModel pipelineInstanceModel : history) { populatePipelineInstanceModel(new Username(new CaseInsensitiveString(username)), populateCanRun, pipelineConfig, pipelineInstanceModel); } addEmptyPipelineInstanceIfNeeded(pipelineName, history, new Username(new CaseInsensitiveString(username)), pipelineConfig, populateCanRun); return history; }
@Test public void shouldIncludeUserWhoForcedBuildInManualBuildCause() { BuildCause cause = BuildCause.createManualForced(null, new Username(new CaseInsensitiveString("Joe Bloggs"))); assertThat(cause.getBuildCauseMessage(), containsString("Forced by Joe Bloggs")); }
public boolean hasOperatePermissionForGroup(final CaseInsensitiveString username, String groupName) { CruiseConfig cruiseConfig = goConfigService.getCurrentConfig(); if (!cruiseConfig.isSecurityEnabled()) { return true; } if (isUserAdmin(new Username(username))) { return true; } PipelineConfigs group = cruiseConfig.getGroups().findGroup(groupName); return isUserAdminOfGroup(username, group) || group.hasOperatePermission(username, new UserRoleMatcherImpl(cruiseConfig.server().security())); }
private String saveUserAndRenderResult(Request req, Response res, HttpLocalizedOperationResult result, User userToOperate, User userFromRequest, String username) throws IOException { userService.save(userToOperate, TriState.from(userFromRequest.isEnabled()), TriState.from(userFromRequest.isEmailMe()), userFromRequest.getEmail(), userFromRequest.getMatcher(), result); boolean isSaved = result.isSuccessful(); if (isSaved) { return writerForTopLevelObject(req, res, writer -> UserRepresenter.toJSON(writer, getUserToRepresent(userService.findUserByName(username), roleConfigService.getRolesForUser(Collections.singletonList(new Username(username)))))); } else { return renderHTTPOperationResult(result, req, res); } }
public boolean hasViewPermissionForGroup(String userName, String pipelineGroupName) { CruiseConfig cruiseConfig = goConfigService.getCurrentConfig(); if (!cruiseConfig.isSecurityEnabled()) { return true; } CaseInsensitiveString username = new CaseInsensitiveString(userName); if (isUserAdmin(new Username(username))) { return true; } PipelineConfigs group = cruiseConfig.getGroups().findGroup(pipelineGroupName); return isUserAdminOfGroup(username, group) || group.hasViewPermission(username, new UserRoleMatcherImpl(cruiseConfig.server().security())); }
private User getUser(HttpServletRequest request) { Long userId = SessionUtils.getUserId(request); if (userId == null) { final GoUserPrinciple currentUser = SessionUtils.getCurrentUser(); Username userName = new Username(currentUser.getUsername()); if (userName.isAnonymous() || userName.isGoAgentUser()) { return new NullUser(); } return userService.findUserByName(CaseInsensitiveString.str(userName.getUsername())); } else { return userService.load(userId); } } }
public PipelineInstanceModels loadWithEmptyAsDefault(String pipelineName, Pagination pagination, String userName) { if (!securityService.hasViewPermissionForPipeline(new Username(new CaseInsensitiveString(userName)), pipelineName)) { return PipelineInstanceModels.createPipelineInstanceModels(); } PipelineInstanceModels pipelineInstanceModels = null; if (triggerMonitor.isAlreadyTriggered(new CaseInsensitiveString(pipelineName))) { StageInstanceModels stageHistory = new StageInstanceModels(); appendFollowingStagesFromConfig(pipelineName, stageHistory); PipelineInstanceModel model = PipelineInstanceModel.createPreparingToSchedule(pipelineName, stageHistory); model.setCanRun(false); pipelineInstanceModels = PipelineInstanceModels.createPipelineInstanceModels(model); } else { pipelineInstanceModels = load(pipelineName, pagination, userName, true); } return pipelineInstanceModels; }
public boolean hasOperatePermissionForStage(String pipelineName, String stageName, String username) { if (!goConfigService.isSecurityEnabled()) { return true; } if (!goConfigService.hasStageConfigNamed(pipelineName, stageName)) { return false; } StageConfig stage = goConfigService.stageConfigNamed(pipelineName, stageName); CaseInsensitiveString userName = new CaseInsensitiveString(username); //TODO - #2517 - stage not exist if (stage.hasOperatePermissionDefined()) { CruiseConfig cruiseConfig = goConfigService.getCurrentConfig(); String groupName = goConfigService.findGroupNameByPipeline(new CaseInsensitiveString(pipelineName)); PipelineConfigs group = goConfigService.getCurrentConfig().findGroup(groupName); if (isUserAdmin(new Username(userName)) || isUserAdminOfGroup(userName, group)) { return true; } return goConfigService.readAclBy(pipelineName, stageName).isGranted(userName); } return hasOperatePermissionForPipeline(new CaseInsensitiveString(username), pipelineName); }