private boolean authorizedToViewPipeline(Username username, String pipelineName) { return securityService.hasViewPermissionForPipeline(username, pipelineName); }
public boolean hasViewOrOperatePermissionForPipeline(Username username, String pipelineName) { return hasViewPermissionForPipeline(username, pipelineName) || hasOperatePermissionForPipeline(username.getUsername(), pipelineName); }
private boolean canView(Username username, PipelineConfig pipeline) { return securityService.hasViewPermissionForPipeline(username, CaseInsensitiveString.str(pipeline.name())); }
private PipelineInstanceModels filterPermissions(PipelineInstanceModels pipelineInstanceModels, Username username) { PipelineInstanceModels newModels = PipelineInstanceModels.createPipelineInstanceModels(); for (PipelineInstanceModel pipelineInstanceModel : pipelineInstanceModels) { if (securityService.hasViewPermissionForPipeline(username, pipelineInstanceModel.getName())) { newModels.add(pipelineInstanceModel); } } return newModels; }
private void removePipelinesThatAreNotInConfig(final Username username, PipelineDependencyGraphOld graph) { graph.filterDependencies(pipelineName -> goConfigService.hasPipelineNamed(new CaseInsensitiveString(pipelineName)) && securityService.hasViewPermissionForPipeline(username, pipelineName)); }
public List<EnvironmentPipelineModel> getAllRemotePipelinesForUserInEnvironment(Username user, EnvironmentConfig environment) { List<EnvironmentPipelineModel> pipelines = new ArrayList<>(); for (EnvironmentPipelineConfig pipelineConfig : environment.getRemotePipelines()) { String pipelineName = CaseInsensitiveString.str(pipelineConfig.getName()); if (securityService.hasViewPermissionForPipeline(user, pipelineName)) { pipelines.add(new EnvironmentPipelineModel(pipelineName, CaseInsensitiveString.str(environment.name()))); } } Collections.sort(pipelines); return pipelines; }
private boolean userDoesNotHaveViewPermission(Username user, LocalizedOperationResult operationResult) { if (!securityService.hasViewPermissionForPipeline(user, pipelineName)) { operationResult.forbidden("User '" + CaseInsensitiveString.str(user.getUsername()) + "' does not have view permission on pipeline '" + pipelineName + "'", forbiddenForPipeline(pipelineName)); return true; } return false; } }
private boolean hasViewPermissionWorkaroundForNonExistantPipelineBug_4477(CaseInsensitiveString pipelineName, Username username) { if (!goConfigService.hasPipelineNamed(pipelineName)) { throw new RecordNotFoundException(); } if (securityService.isUserAdmin(username)) { return true; } // we check if pipeline exists because this method returns true in case the group or pipeline does not exist! return securityService.hasViewPermissionForPipeline(username, pipelineName.toString()); }
public boolean validate(String pipelineName, Username username, OperationResult result) { if (!goConfigService.hasPipelineNamed(new CaseInsensitiveString(pipelineName))) { String pipelineNotKnown = String.format("Pipeline named [%s] is not known.", pipelineName); result.notFound(pipelineNotKnown, pipelineNotKnown, HealthStateType.general(HealthStateScope.GLOBAL)); return false; } if (!securityService.hasViewPermissionForPipeline(username, pipelineName)) { result.forbidden(NOT_AUTHORIZED_TO_VIEW_PIPELINE, NOT_AUTHORIZED_TO_VIEW_PIPELINE, HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return false; } return true; }
public List<MatchedRevision> searchRevisions(String pipelineName, String fingerprint, String searchString, Username username, LocalizedOperationResult result) { if (!securityService.hasViewPermissionForPipeline(username, pipelineName)) { result.forbidden(LocalizedMessage.forbiddenToViewPipeline(pipelineName), HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return new ArrayList<>(); } try { MaterialConfig materialConfig = goConfigService.materialForPipelineWithFingerprint(pipelineName, fingerprint); return materialRepository.findRevisionsMatching(materialConfig, searchString); } catch (RuntimeException e) { result.notFound("Pipeline '" + pipelineName + "' does not contain material with fingerprint '" + fingerprint + "'.", HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return new ArrayList<>(); } }
public Users findValidSubscribers(final StageConfigIdentifier identifier) { Users users = userDao.findNotificationSubscribingUsers(); return users.filter(user -> user.hasSubscribedFor(identifier.getPipelineName(), identifier.getStageName()) && securityService.hasViewPermissionForPipeline(user.getUsername(), identifier.getPipelineName())); }
public PipelineInstanceModels findMatchingPipelineInstances(String pipelineName, String pattern, int limit, Username userName, HttpLocalizedOperationResult result) { pattern = escapeWildCardsAndTrim(pattern.trim()); if (!securityService.hasViewPermissionForPipeline(userName, pipelineName)) { result.forbidden(LocalizedMessage.forbiddenToViewPipeline(pipelineName), HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return PipelineInstanceModels.createPipelineInstanceModels(); } PipelineInstanceModels models = pipelineDao.findMatchingPipelineInstances(pipelineName, pattern, limitForPipeline(pipelineName, limit)); for (PipelineInstanceModel model : models) { populatePlaceHolderStages(model); populateMaterialRevisionsOnBuildCause(model); } return models; }
public ValueStreamMapPresentationModel getValueStreamMap(CaseInsensitiveString pipelineName, int counter, Username username, LocalizedOperationResult result) { try { if (!securityService.hasViewPermissionForPipeline(username, pipelineName.toString())) { result.forbidden(LocalizedMessage.forbiddenToViewPipeline(pipelineName), HealthStateType.general(HealthStateScope.forPipeline(pipelineName.toString()))); return null; } ValueStreamMap valueStreamMap = buildValueStreamMap(pipelineName, counter, username, result); if (valueStreamMap == null) { return null; } return valueStreamMap.presentationModel(); } catch (Exception e) { result.internalServerError("Value Stream Map of pipeline '" + pipelineName + "' with counter '" + counter + "' can not be rendered. Please check the server log for details."); LOGGER.error("[Value Stream Map] Pipeline {} with counter {} could not be rendered.", pipelineName, counter, e); return null; } }
public MingleConfig mingleConfigForPipelineNamed(String pipelineName, Username user, HttpLocalizedOperationResult result) { if (!securityService.hasViewPermissionForPipeline(user, pipelineName)) { result.forbidden(LocalizedMessage.forbiddenToViewPipeline(pipelineName), HealthStateType.forbiddenForPipeline(pipelineName)); return null; } PipelineConfig pipelineConfig = goConfigService.pipelineConfigNamed(new CaseInsensitiveString(pipelineName)); MingleConfig mingleConfig = pipelineConfig.getMingleConfig(); return mingleConfig.equals(new MingleConfig()) ? null : mingleConfig; }
private void removeRevisionsBasedOnPermissionAndCurrentConfig(ValueStreamMap valueStreamMap, Username username) { for (Node node : valueStreamMap.allNodes()) { if (node instanceof PipelineDependencyNode) { String pipelineName = node.getName(); PipelineDependencyNode pipelineDependencyNode = (PipelineDependencyNode) node; if (!goConfigService.hasPipelineNamed(new CaseInsensitiveString(pipelineName))) { pipelineDependencyNode.setDeleted(); } else if (!securityService.hasViewPermissionForPipeline(username, pipelineName)) { pipelineDependencyNode.setNoPermission(); } pipelineDependencyNode.setCanEdit(goConfigService.canEditPipeline(pipelineName, username)); } } }
public StageInstanceModels findDetailedStageHistoryByOffset(String pipelineName, String stageName, Pagination pagination, String username, OperationResult result) { if (!goConfigService.currentCruiseConfig().hasPipelineNamed(new CaseInsensitiveString(pipelineName))) { result.notFound("Not Found", "Pipeline not found", HealthStateType.general(HealthStateScope.GLOBAL)); return null; } if (!securityService.hasViewPermissionForPipeline(Username.valueOf(username), pipelineName)) { result.forbidden("Unauthorized", NOT_AUTHORIZED_TO_VIEW_PIPELINE, HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return null; } return stageDao.findDetailedStageHistoryByOffset(pipelineName, stageName, pagination); }
public JobInstances findJobHistoryPage(String pipelineName, String stageName, String jobConfigName, Pagination pagination, String username, OperationResult result) { if (!goConfigService.currentCruiseConfig().hasPipelineNamed(new CaseInsensitiveString(pipelineName))) { result.notFound("Not Found", "Pipeline not found", HealthStateType.general(HealthStateScope.GLOBAL)); return null; } if (!securityService.hasViewPermissionForPipeline(Username.valueOf(username), pipelineName)) { result.forbidden("Unauthorized", NOT_AUTHORIZED_TO_VIEW_PIPELINE, HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return null; } return jobInstanceDao.findJobHistoryPage(pipelineName, stageName, jobConfigName, pagination.getPageSize(), pagination.getOffset()); }
public PipelineInstanceModels loadWithEmptyAsDefault(String pipelineName, Pagination pagination, String userName) { if (!securityService.hasViewPermissionForPipeline(new Username(new CaseInsensitiveString(userName)), pipelineName)) { return PipelineInstanceModels.createPipelineInstanceModels(); } PipelineInstanceModels pipelineInstanceModels = null; if (triggerMonitor.isAlreadyTriggered(new CaseInsensitiveString(pipelineName))) { StageInstanceModels stageHistory = new StageInstanceModels(); appendFollowingStagesFromConfig(pipelineName, stageHistory); PipelineInstanceModel model = PipelineInstanceModel.createPreparingToSchedule(pipelineName, stageHistory); model.setCanRun(false); pipelineInstanceModels = PipelineInstanceModels.createPipelineInstanceModels(model); } else { pipelineInstanceModels = load(pipelineName, pagination, userName, true); } return pipelineInstanceModels; }
public PipelineInstanceModel load(long id, Username username, OperationResult result) { PipelineInstanceModel pipeline = pipelineDao.loadHistory(id); if (pipeline == null) { result.notFound("Not Found", "Pipeline not found", HealthStateType.general(HealthStateScope.GLOBAL)); return null; } PipelineConfig pipelineConfig = goConfigService.currentCruiseConfig().pipelineConfigByName(new CaseInsensitiveString(pipeline.getName())); if (!securityService.hasViewPermissionForPipeline(username, pipeline.getName())) { result.forbidden("Forbidden", NOT_AUTHORIZED_TO_VIEW_PIPELINE, HealthStateType.general(HealthStateScope.forPipeline(pipeline.getName()))); return null; } populatePipelineInstanceModel(username, false, pipelineConfig, pipeline); return pipeline; }
public PipelineStatusModel getPipelineStatus(String pipelineName, String username, OperationResult result) { PipelineConfig pipelineConfig = goConfigService.currentCruiseConfig().getPipelineConfigByName(new CaseInsensitiveString(pipelineName)); if (pipelineConfig == null) { result.notFound("Not Found", "Pipeline not found", HealthStateType.general(HealthStateScope.GLOBAL)); return null; } if (!securityService.hasViewPermissionForPipeline(Username.valueOf(username), pipelineName)) { result.forbidden("Forbidden", NOT_AUTHORIZED_TO_VIEW_PIPELINE, HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); return null; } PipelinePauseInfo pipelinePauseInfo = pipelinePauseService.pipelinePauseInfo(pipelineName); boolean isCurrentlyLocked = pipelineLockService.isLocked(pipelineName); boolean isSchedulable = schedulingCheckerService.canManuallyTrigger(pipelineConfig, username, new ServerHealthStateOperationResult()); return new PipelineStatusModel(isCurrentlyLocked, isSchedulable, pipelinePauseInfo); }