public AutoCompletionCandidates doAutoCompleteUpstreamProjects(@QueryParameter String value) { AutoCompletionCandidates candidates = new AutoCompletionCandidates(); List<Job> jobs = Jenkins.getInstance().getItems(Job.class); for (Job job: jobs) { if (job.getFullName().startsWith(value)) { if (job.hasPermission(Item.READ)) { candidates.add(job.getFullName()); } } } return candidates; }
public FormValidation doCheckUpstreamProjects(@AncestorInPath Job project, @QueryParameter String value) { if (!project.hasPermission(Item.CONFIGURE)) { return FormValidation.ok(); } StringTokenizer tokens = new StringTokenizer(Util.fixNull(value),","); boolean hasProjects = false; while(tokens.hasMoreTokens()) { String projectName = tokens.nextToken().trim(); if (StringUtils.isNotBlank(projectName)) { Job item = Jenkins.getInstance().getItem(projectName, project, Job.class); if (item == null) { Job nearest = Items.findNearest(Job.class, projectName, project.getParent()); String alternative = nearest != null ? nearest.getRelativeNameFrom(project) : "?"; return FormValidation.error(hudson.tasks.Messages.BuildTrigger_NoSuchProject(projectName, alternative)); } hasProjects = true; } } if (!hasProjects) { return FormValidation.error(hudson.tasks.Messages.BuildTrigger_NoProjectSpecified()); } return FormValidation.ok(); }
@Override @Restricted(NoExternalUse.class) public Object getTarget() { if (!SKIP_PERMISSION_CHECK) { // This is a bit weird, but while the Run's PermissionScope does not have READ, delegate to the parent if (!getParent().hasPermission(Item.DISCOVER)) { return null; } getParent().checkPermission(Item.READ); } return this; }
public FormValidation doCheckLabels(@AncestorInPath final Job<?, ?> project, @QueryParameter final String value) { if (!project.hasPermission(Item.CONFIGURE) || containsNoLabel(value)) { return FormValidation.ok(); } try { return checkMatchingLabels(value, getProjectLabels(project)); } catch (GitLabProjectBranchesService.BranchLoadingException e) { return FormValidation.warning(project.hasPermission(Jenkins.ADMINISTER) ? e : null, Messages.GitLabPushTrigger_CannotCheckBranches()); } }
public FormValidation doCheckBranchesSpec(@AncestorInPath final Job<?, ?> project, @QueryParameter final String value) { if (!project.hasPermission(Item.CONFIGURE) || containsNoBranches(value)) { return FormValidation.ok(); } try { return checkMatchingBranches(value, getProjectBranches(project)); } catch (GitLabProjectBranchesService.BranchLoadingException e) { return FormValidation.warning(project.hasPermission(Jenkins.ADMINISTER) ? e : null, Messages.GitLabPushTrigger_CannotCheckBranches()); } }
/** * Use from a {@link Job#makeSearchIndex} override. * @param sib the super value * @return the value to return */ public final SearchIndexBuilder extendSearchIndex(SearchIndexBuilder sib) { if (asJob().isBuildable() && asJob().hasPermission(Item.BUILD)) { sib.add("build", "build"); } return sib; }
continue; if (!downstream.hasPermission(Item.BUILD)) { listener.getLogger().println(Messages.BuildTrigger_you_have_no_permission_to_build_(ModelHyperlinkNote.encodeTo(downstream))); continue;
/** * Checks if the current user has {@link Item#CONFIGURE} or {@link Project#BUILD} permission. * * @return true if so. */ public boolean hasPermission() { return project.hasPermission(Item.CONFIGURE) || project.hasPermission(Project.BUILD); }
public boolean superHasPermission(Permission p) { return super.hasPermission(p); }
@Override public Collection<? extends Action> createFor(Job target) { // TODO probably want an API for FlowExecutionContainer or something if (target.getClass().getName().equals("org.jenkinsci.plugins.workflow.job.WorkflowJob") && target.hasPermission(Item.EXTENDED_READ)) { return Collections.singleton(new LocalAction()); } else { return Collections.emptySet(); } }
/** * Checks if the project is buildable. * The method also takes the security implications from {@link QueueItemAuthenticator} into account. * @param job Job to be checked * @return true if the job can be scheduled from the */ protected boolean canBeScheduled(@Nonnull Job<?, ?> job) { if (!job.isBuildable()) { return false; } return job.hasPermission(Item.BUILD); }
private boolean hasAccessToCredentialsMetadata(Job<?,?> owner) { if (owner == null){ return Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER); } return owner.hasPermission(Item.EXTENDED_READ); } }
private boolean canCancel() { return getRun().getParent().hasPermission(Job.CANCEL); }
@Override public boolean hasPermission(Permission p) { initPython(); if (pexec.isImplemented(91)) { return pexec.execPythonBool("has_permission", p); } else { return super.hasPermission(p); } }
public AutoCompletionCandidates doAutoCompleteUpstreamProjects(@QueryParameter String value) { AutoCompletionCandidates candidates = new AutoCompletionCandidates(); List<Job> jobs = Jenkins.getInstance().getItems(Job.class); for (Job job: jobs) { if (job.getFullName().startsWith(value)) { if (job.hasPermission(Item.READ)) { candidates.add(job.getFullName()); } } } return candidates; }
public AutoCompletionCandidates doAutoCompleteChildProjects(@QueryParameter String value) { AutoCompletionCandidates candidates = new AutoCompletionCandidates(); List<Job> jobs = Hudson.getInstance().getItems(Job.class); for (Job job: jobs) { if (job.getFullName().startsWith(value)) { if (job.hasPermission(Item.READ)) { candidates.add(job.getFullName()); } } } return candidates; }
/** * Use from a {@link Job#makeSearchIndex} override. * @param sib the super value * @return the value to return */ public final SearchIndexBuilder extendSearchIndex(SearchIndexBuilder sib) { if (asJob().isBuildable() && asJob().hasPermission(Item.BUILD)) { sib.add("build", "build"); } return sib; }
/** * {@inheritDoc} */ @Override public Jobs getJobs(Boolean includeAllBuilds) { Jobs jobs = new Jobs(); for (hudson.model.Job<?, ?> item : Hudson.getInstance().getAllItems(hudson.model.Job.class)) { log.fine("Found job with name: " + item.getFullName() + " checking permissions"); if (item.hasPermission(Project.READ)) { jobs.add(mapJob(item, DozerUtils.FULL_MAP_ID, includeAllBuilds)); } } return jobs; }
/** * checks if the current user has permission to build/retrigger the project. * @return true if so. */ private boolean hasPermission() { if (context == null || context.getThisBuild() == null || context.getThisBuild().getProject() == null) { return false; } else { return context.getThisBuild().getProject().hasPermission(PluginImpl.RETRIGGER); } }
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Job<?,?> owner) { if (owner == null || !owner.hasPermission(Item.CONFIGURE)) { return new ListBoxModel(); } List<DomainRequirement> apiEndpoint = URIRequirementBuilder.fromUri(BitbucketApi.OAUTH_ENDPOINT).build(); return new StandardUsernameListBoxModel() .withEmptySelection() .withAll(CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class, owner, null, apiEndpoint)); }