public boolean hasViewOrOperatePermissionForPipeline(Username username, String pipelineName) { return hasViewPermissionForPipeline(username, pipelineName) || hasOperatePermissionForPipeline(username.getUsername(), pipelineName); }
private boolean canPause(PipelineConfig pipelineConfig, String username) { return securityService.hasOperatePermissionForPipeline(new CaseInsensitiveString(username), CaseInsensitiveString.str(pipelineConfig.name())); }
if (!securityService.hasOperatePermissionForPipeline(username.getUsername(), pipelineName)) { response.sendError(SC_FORBIDDEN); return false;
public void updateComment(String pipelineName, int pipelineCounter, String comment, Username username, HttpLocalizedOperationResult result) { if (!Toggles.isToggleOn(Toggles.PIPELINE_COMMENT_FEATURE_TOGGLE_KEY)) { result.notImplemented("'Pipeline Comment' feature is turned off. Please turn it on to use it."); return; } if (securityService.hasOperatePermissionForPipeline(username.getUsername(), pipelineName)) { pipelineDao.updateComment(pipelineName, pipelineCounter, comment); } else { result.forbidden("You do not have operate permissions for pipeline '" + pipelineName + "'.", HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); } }
public boolean canUnlock(String pipelineName, Username username, OperationResult result) { if (!goConfigService.hasPipelineNamed(new CaseInsensitiveString(pipelineName))) { String msg = format("pipeline name %s is incorrect", pipelineName); result.notFound(msg, msg, HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return false; } if (!securityService.hasOperatePermissionForPipeline(username.getUsername(), pipelineName)) { String msg = "user does not have operate permission on the pipeline"; result.forbidden(msg, msg, HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return false; } return isUnlockable(pipelineName, result); }
public PipelineModel latestPipelineModel(Username username, String pipelineName) { PipelineInstanceModel instanceModel = latest(pipelineName, username); if (instanceModel != null) { boolean canForce = schedulingCheckerService.canManuallyTrigger(pipelineName, username); PipelinePauseInfo pauseInfo = pipelinePauseService.pipelinePauseInfo(pipelineName); PipelineModel pipelineModel = new PipelineModel(pipelineName, canForce, securityService.hasOperatePermissionForPipeline( username.getUsername(), pipelineName ), pauseInfo); populateLockStatus(instanceModel.getName(), username, instanceModel); pipelineModel.addPipelineInstance(instanceModel); String groupName = goConfigService.findGroupNameByPipeline(new CaseInsensitiveString(pipelineName)); if (goConfigService.isPipelineEditable(pipelineName)) pipelineModel.updateAdministrability(goConfigService.isUserAdminOfGroup(username.getUsername(), groupName)); else pipelineModel.updateAdministrability(false); return pipelineModel; } return null; }
public boolean hasOperatePermissionForStage(String pipelineName, String stageName, String username) { if (!goConfigService.isSecurityEnabled()) { return true; } if (!goConfigService.hasStageConfigNamed(pipelineName, stageName)) { return false; } StageConfig stage = goConfigService.stageConfigNamed(pipelineName, stageName); CaseInsensitiveString userName = new CaseInsensitiveString(username); //TODO - #2517 - stage not exist if (stage.hasOperatePermissionDefined()) { CruiseConfig cruiseConfig = goConfigService.getCurrentConfig(); String groupName = goConfigService.findGroupNameByPipeline(new CaseInsensitiveString(pipelineName)); PipelineConfigs group = goConfigService.getCurrentConfig().findGroup(groupName); if (isUserAdmin(new Username(userName)) || isUserAdminOfGroup(userName, group)) { return true; } return goConfigService.readAclBy(pipelineName, stageName).isGranted(userName); } return hasOperatePermissionForPipeline(new CaseInsensitiveString(username), pipelineName); }
private PipelineGroupModels allPipelineInstances(Username username) { CruiseConfig currentConfig = goConfigService.currentCruiseConfig(); PipelineGroups groups = currentConfig.getGroups(); PipelineInstanceModels activePipelines = filterPermissions(pipelineDao.loadActivePipelines(), username); PipelineGroupModels groupModels = new PipelineGroupModels(); for (PipelineConfig pipelineConfig : currentConfig.getAllPipelineConfigs()) { CaseInsensitiveString pipelineName = pipelineConfig.name(); for (PipelineInstanceModel activePipeline : activePipelines.findAll(CaseInsensitiveString.str(pipelineName))) { activePipeline.setTrackingTool(pipelineConfig.getTrackingTool()); activePipeline.setMingleConfig(pipelineConfig.getMingleConfig()); populatePlaceHolderStages(activePipeline); String groupName = groups.findGroupNameByPipeline(pipelineName); if (groupName == null) { throw new RuntimeException("Unable to find group find pipeline " + pipelineName); } populatePreviousStageState(activePipeline); populateLockStatus(activePipeline.getName(), username, activePipeline); boolean canForce = schedulingCheckerService.canManuallyTrigger(CaseInsensitiveString.str(pipelineName), username); PipelinePauseInfo pauseInfo = pipelinePauseService.pipelinePauseInfo(CaseInsensitiveString.str(pipelineName)); groupModels.addPipelineInstance(groupName, activePipeline, canForce, securityService.hasOperatePermissionForPipeline( username.getUsername(), CaseInsensitiveString.str(pipelineName) ), pauseInfo); } } for (PipelineConfigs group : groups) { populateMissingPipelines(username, groupModels, group); } return groupModels; }