/** * Returns all the registered {@link TopLevelItemDescriptor}s that the current security principal is allowed to * create within the specified item group. * * @since 1.607 */ public static List<TopLevelItemDescriptor> all(ItemGroup c) { return all(Jenkins.getAuthentication(), c); }
/** * Gets the {@link User} object representing the currently logged-in user, or null * if the current user is anonymous. * * @since 1.172 */ public static @CheckForNull User current() { return get(Jenkins.getAuthentication()); }
/** * Checks if the current user is anonymous. */ public static boolean isAnonymous() { return ACL.isAnonymous(Jenkins.getAuthentication()); }
/** * Checks if the current security principal has this permission. * * @return false * if the user doesn't have the permission. */ public final boolean hasPermission(@Nonnull Permission p) { Authentication a = Jenkins.getAuthentication(); if (a == SYSTEM) { return true; } return hasPermission(a, p); }
public RestartJenkinsJob(UpdateSite site) { super(site); this.authentication = Jenkins.getAuthentication().getName(); }
/** * Extension point to allow implementations of {@link UpdateSite} to create a custom * {@link UpdateCenter.InstallationJob}. * * @param plugin the plugin to create the {@link UpdateCenter.InstallationJob} for. * @param uc the {@link UpdateCenter}. * @param dynamicLoad {@code true} if the plugin should be attempted to be dynamically loaded. * @return the {@link UpdateCenter.InstallationJob}. * @since 2.9 */ protected UpdateCenter.InstallationJob createInstallationJob(Plugin plugin, UpdateCenter uc, boolean dynamicLoad) { return uc.new InstallationJob(plugin, this, Jenkins.getAuthentication(), dynamicLoad); }
public UserCause() { this.authenticationName = Jenkins.getAuthentication().getName(); }
protected int run() { Authentication a = Jenkins.getAuthentication(); stdout.println("Authenticated as: "+a.getName()); stdout.println("Authorities:"); for (GrantedAuthority ga : a.getAuthorities()) { stdout.println(" "+ga.getAuthority()); } return 0; } }
@Override public void run() { try { ACL.impersonate(ACL.SYSTEM); LOGGER.info(String.format("Shutting down VM as requested by %s from %s", getAuthentication().getName(), req != null ? req.getRemoteAddr() : "???")); cleanUp(); System.exit(0); } catch (Exception e) { LOGGER.log(Level.WARNING, "Failed to shut down Jenkins", e); } } }.start();
@SuppressWarnings("deprecation") @Override protected void main(Channel channel) throws IOException, InterruptedException { // capture the identity given by the transport, since this can be useful for SecurityRealm.createCliAuthenticator() channel.setProperty(CLICommand.TRANSPORT_AUTHENTICATION, Jenkins.getAuthentication()); channel.setProperty(CliEntryPoint.class.getName(), new CliManagerImpl(channel)); } };
/** * Logs out the user. */ public void doLogout( StaplerRequest req, StaplerResponse rsp ) throws IOException, ServletException { String user = getAuthentication().getName(); securityRealm.doLogout(req, rsp); SecurityListener.fireLoggedOut(user); }
/** * Performs hudson downgrade. */ @RequirePOST public void doRestart(StaplerResponse rsp) throws IOException, ServletException { HudsonDowngradeJob job = new HudsonDowngradeJob(getCoreSource(), Jenkins.getAuthentication()); LOGGER.info("Scheduling the core downgrade"); addJob(job); rsp.sendRedirect2("."); }
private void interrupt(Result result, boolean forShutdown) { Authentication a = Jenkins.getAuthentication(); if (a == ACL.SYSTEM) interrupt(result, forShutdown, new CauseOfInterruption[0]); else { // worth recording who did it // avoid using User.get() to avoid deadlock. interrupt(result, forShutdown, new UserInterruption(a.getName())); } }
/** * Performs hudson downgrade. */ @RequirePOST public void doDowngrade(StaplerResponse rsp) throws IOException, ServletException { if(!isDowngradable()) { sendError("Jenkins downgrade is not possible, probably backup does not exist"); return; } HudsonDowngradeJob job = new HudsonDowngradeJob(getCoreSource(), Jenkins.getAuthentication()); LOGGER.info("Scheduling the core downgrade"); addJob(job); rsp.sendRedirect2("."); }
@Override protected int run() throws Exception { Authentication a = Jenkins.getAuthentication(); if (a== Jenkins.ANONYMOUS) throw new CmdLineException("No credentials specified."); // this causes CLI to show the command line options. ClientAuthenticationCache store = new ClientAuthenticationCache(checkChannel()); store.set(a); SecurityListener.fireLoggedIn(a.getName()); return 0; }
/** * With ADMINISTER permission, can delete users with persisted data but can't delete self. */ public boolean canDelete() { final IdStrategy strategy = idStrategy(); return hasPermission(Jenkins.ADMINISTER) && !strategy.equals(id, Jenkins.getAuthentication().getName()) && UserIdMapper.getInstance().isMapped(id); }
/** * Schedules the downgrade of this plugin. */ public Future<UpdateCenterJob> deployBackup() { Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER); UpdateCenter uc = Jenkins.getInstance().getUpdateCenter(); return uc.addJob(uc.new PluginDowngradeJob(this, UpdateSite.this, Jenkins.getAuthentication())); } /**
/** * Schedules a Jenkins upgrade. */ @RequirePOST public void doUpgrade(StaplerResponse rsp) throws IOException, ServletException { HudsonUpgradeJob job = new HudsonUpgradeJob(getCoreSource(), Jenkins.getAuthentication()); if(!Lifecycle.get().canRewriteHudsonWar()) { sendError("Jenkins upgrade not supported in this running mode"); return; } LOGGER.info("Scheduling the core upgrade"); addJob(job); rsp.sendRedirect2("."); }
/** * Deletes this user from Hudson. */ @RequirePOST public void doDoDelete(StaplerRequest req, StaplerResponse rsp) throws IOException { checkPermission(Jenkins.ADMINISTER); if (idStrategy().equals(id, Jenkins.getAuthentication().getName())) { rsp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Cannot delete self"); return; } delete(); rsp.sendRedirect2("../.."); }
@Restricted(NoExternalUse.class) public boolean hasCurrentUserRightToGenerateNewToken(User propertyOwner){ if (ADMIN_CAN_GENERATE_NEW_TOKENS && Jenkins.get().hasPermission(Jenkins.ADMINISTER)) { return true; } User currentUser = User.current(); if (currentUser == null) { // Anonymous return false; } if (Jenkins.getAuthentication() == ACL.SYSTEM) { // SYSTEM user is always eligible to see tokens return true; } return User.idStrategy().equals(propertyOwner.getId(), currentUser.getId()); }