public void check(OperationResult result) { HealthStateType id = HealthStateType.general(HealthStateScope.forPipeline(pipelineName)); if (!securityService.hasOperatePermissionForStage(pipelineName, stageName, username)) { String message = String.format("Failed to trigger pipeline [%s]", pipelineName); result.forbidden(message, "User " + username + " does not have permission to schedule " + pipelineName + "/" + stageName, id); } else { result.success(id); } } }
public boolean hasOperatePermissionForFirstStage(String pipelineName, String userName) { StageConfig stage = goConfigService.findFirstStageOfPipeline(new CaseInsensitiveString(pipelineName)); return hasOperatePermissionForStage(pipelineName, CaseInsensitiveString.str(stage.name()), userName); }
if (!securityService.hasOperatePermissionForStage(pipelineName, stageName, name)) { response.sendError(SC_FORBIDDEN); return false;
private void populateStageOperatePermission(PipelineInstanceModel pipelineInstanceModel, Username username) { for (StageInstanceModel stage : pipelineInstanceModel.getStageHistory()) { stage.setOperatePermission(securityService.hasOperatePermissionForStage(pipelineInstanceModel.getName(), stage.getName(), CaseInsensitiveString.str(username.getUsername()))); } }
String user = username == null ? null : username.getUsername().toString(); if (!securityService.hasOperatePermissionForStage(pipelineName, stageName, user)) { opResult.forbidden("Unauthorized to operate stage named " + stageName, HealthStateType.forbidden()); return null;
private Stage lockAndRerunStage(String pipelineName, Integer counter, String stageName, StageInstanceCreator creator, final ErrorConditionHandler errorHandler) { synchronized (mutexForPipeline(pipelineName)) { OperationResult result = new ServerHealthStateOperationResult(); if (!schedulingChecker.canSchedule(result)) { errorHandler.cantSchedule(result.getServerHealthState().getDescription(), pipelineName, stageName); } String username = CaseInsensitiveString.str(SessionUtils.currentUsername().getUsername()); if (!securityService.hasOperatePermissionForStage(pipelineName, stageName, username)) { errorHandler.noOperatePermission(pipelineName, stageName); } Pipeline pipeline = pipelineService.fullPipelineByCounter(pipelineName, counter); if (pipeline == null) { errorHandler.nullPipeline(pipelineName, counter, stageName); } if (!pipeline.hasStageBeenRun(stageName)) { if (goConfigService.hasPreviousStage(pipelineName, stageName)) { CaseInsensitiveString previousStageName = goConfigService.previousStage(pipelineName, stageName).name(); if (!pipeline.hasStageBeenRun(CaseInsensitiveString.str(previousStageName))) { errorHandler.previousStageNotRun(pipeline.getName(), stageName); } } } Stage stage = internalRerun(pipeline, stageName, username, creator, errorHandler); if (stage == null) { errorHandler.nullStage(stageName); } return stage; } }