private boolean isUserAuthorized() { if (!securityService.isAuthorizedToEditTemplate(templateConfig.name(), currentUser)) { result.forbidden(forbiddenToEdit(), forbidden()); return false; } return true; }
private boolean isUserAuthorized() { if (!securityService.isAuthorizedToEditTemplate(templateConfig.name(), currentUser)) { result.forbidden(forbiddenToEdit(), forbidden()); return false; } return true; }
public List<TemplateToPipelines> getTemplatesList(Username username) { List<TemplateToPipelines> templateToPipelinesForUser = new ArrayList<>(); List<Role> roles = goConfigService.rolesForUser(username.getUsername()); Map<CaseInsensitiveString, Map<CaseInsensitiveString, Authorization>> allTemplatesAssociatedWithPipelines = goConfigService.getCurrentConfig().templatesWithAssociatedPipelines(); for (CaseInsensitiveString templateName : allTemplatesAssociatedWithPipelines.keySet()) { if (securityService.isAuthorizedToViewTemplate(templateName, username)) { Map<CaseInsensitiveString, Authorization> pipelinesWithAuthorization = allTemplatesAssociatedWithPipelines.get(templateName); TemplateToPipelines templateToPipelines = new TemplateToPipelines(templateName, securityService.isAuthorizedToEditTemplate(templateName, username), securityService.isUserAdmin(username)); templateToPipelinesForUser.add(templateToPipelines); for (CaseInsensitiveString pipelineName : pipelinesWithAuthorization.keySet()) { templateToPipelines.add(new PipelineEditabilityInfo(pipelineName, canAuthorizedTemplateUserEditPipeline(username, roles, pipelinesWithAuthorization.get(pipelineName)), goConfigService.isPipelineEditable(pipelineName))); } } } return templateToPipelinesForUser; }
public void checkAdminOrTemplateAdminAnd403(Request request, Response response) { if (!securityService.isSecurityEnabled() || securityService.isUserAdmin(currentUsername())) { return; } String templateName = request.params("template_name"); if (StringUtils.isNotBlank(templateName) && !securityService.isAuthorizedToEditTemplate(new CaseInsensitiveString(templateName), currentUsername())) { throw renderForbiddenResponse(); } if (StringUtils.isBlank(templateName) && !securityService.isAuthorizedToViewAndEditTemplates(currentUsername())) { throw renderForbiddenResponse(); } }
public ConfigForEdit<PipelineTemplateConfig> loadForEdit(String templateName, Username username, HttpLocalizedOperationResult result) { if (!securityService.isAuthorizedToEditTemplate(new CaseInsensitiveString(templateName), username)) { result.forbidden("Unauthorized to edit '" + templateName + "' template.", HealthStateType.forbidden()); return null; } GoConfigHolder configHolder = goConfigService.getConfigHolder(); configHolder = cloner.deepClone(configHolder); PipelineTemplateConfig template = findTemplate(templateName, result, configHolder); return template != null ? new ConfigForEdit<>(template, configHolder) : null; }