Examples with Permissions com.thoughtworks.go.config.security.Permissions used on opensource projects

Example 11 with Permissions

use of com.thoughtworks.go.config.security.Permissions in project gocd by gocd.

the class GoDashboardServiceTest method allPipelineGroupsForDashboard_shouldNotListPipelinesExistingInConfigButNotInCache.

@Test
public void allPipelineGroupsForDashboard_shouldNotListPipelinesExistingInConfigButNotInCache() throws Exception {
    PipelineSelections pipelineSelections = mock(PipelineSelections.class);
    configMother.addPipelineWithGroup(config, "group1", "pipeline2", "stage1A", "job1A1");
    configMother.addPipelineWithGroup(config, "group1", "pipeline1", "stage1A", "job1A1");
    GoDashboardPipeline pipeline1 = pipeline("pipeline1", "group1", new Permissions(Everyone.INSTANCE, Everyone.INSTANCE, Everyone.INSTANCE, Everyone.INSTANCE));
    addPipelinesToCache(pipeline1);
    when(pipelineSelections.includesPipeline(any(PipelineConfig.class))).thenReturn(true);
    List<GoDashboardPipelineGroup> pipelineGroups = allPipelineGroupsForDashboard(pipelineSelections, new Username("user1"));
    assertThat(pipelineGroups.size(), is(1));
    assertThat(pipelineGroups.get(0).allPipelineNames(), contains("pipeline1"));
    assertThat(pipelineGroups.get(0).allPipelines(), contains(pipeline1));
}

Example 12 with Permissions

use of com.thoughtworks.go.config.security.Permissions in project gocd by gocd.

the class CcTrayConfigChangeHandlerTest method shouldUpdateCacheWithAppropriateViewersForProjectStatusWhenPipelineConfigChanges.

@Test
public void shouldUpdateCacheWithAppropriateViewersForProjectStatusWhenPipelineConfigChanges() {
    String pipeline1Stage = "pipeline1 :: stage1";
    String pipeline1job = "pipeline1 :: stage1 :: job1";
    ProjectStatus statusOfPipeline1StageInCache = new ProjectStatus(pipeline1Stage, "OldActivity", "OldStatus", "OldLabel", new Date(), "p1-stage-url");
    ProjectStatus statusOfPipeline1JobInCache = new ProjectStatus(pipeline1job, "OldActivity-Job", "OldStatus-Job", "OldLabel-Job", new Date(), "p1-job-url");
    when(cache.get(pipeline1Stage)).thenReturn(statusOfPipeline1StageInCache);
    when(cache.get(pipeline1job)).thenReturn(statusOfPipeline1JobInCache);
    PipelineConfig pipeline1Config = GoConfigMother.pipelineHavingJob("pipeline1", "stage1", "job1", "arts", "dir").pipelineConfigByName(new CaseInsensitiveString("pipeline1"));
    when(pipelinePermissionsAuthority.permissionsForPipeline(pipeline1Config.name())).thenReturn(new Permissions(viewers("user1", "user2"), null, null, null));
    handler.call(pipeline1Config);
    ArgumentCaptor<ArrayList<ProjectStatus>> argumentCaptor = new ArgumentCaptor<>();
    verify(cache).putAll(argumentCaptor.capture());
    List<ProjectStatus> allValues = argumentCaptor.getValue();
    assertThat(allValues.get(0).name(), is(pipeline1Stage));
    assertThat(allValues.get(0).viewers().contains("user1"), is(true));
    assertThat(allValues.get(0).viewers().contains("user2"), is(true));
    assertThat(allValues.get(0).viewers().contains("user3"), is(false));
    assertThat(allValues.get(1).name(), is(pipeline1job));
    assertThat(allValues.get(1).viewers().contains("user1"), is(true));
    assertThat(allValues.get(1).viewers().contains("user2"), is(true));
    assertThat(allValues.get(1).viewers().contains("user3"), is(false));
}

Example 13 with Permissions

use of com.thoughtworks.go.config.security.Permissions in project gocd by gocd.

the class GoDashboardCurrentStateLoaderTest method shouldDefaultToAllowingNoOneToViewAPipelineIfItsPermissionsAreNotFound.

@Test
public void shouldDefaultToAllowingNoOneToViewAPipelineIfItsPermissionsAreNotFound() throws Exception {
    PipelineConfig p1Config = goConfigMother.addPipelineWithGroup(config, "group1", "pipeline1", "stage1", "job1");
    PipelineInstanceModel pimForP1 = pim(p1Config);
    when(pipelineSqlMapDao.loadHistoryForDashboard(CaseInsensitiveString.toStringList(config.getAllPipelineNames()))).thenReturn(createPipelineInstanceModels(pimForP1));
    when(permissionsAuthority.pipelinesAndTheirPermissions()).thenReturn(Collections.emptyMap());
    List<GoDashboardPipeline> models = loader.allPipelines(config);
    Permissions permissions = models.get(0).permissions();
    assertThat(permissions.viewers(), is(NoOne.INSTANCE));
    assertThat(permissions.operators(), is(NoOne.INSTANCE));
    assertThat(permissions.admins(), is(NoOne.INSTANCE));
    assertThat(permissions.pipelineOperators(), is(NoOne.INSTANCE));
}

Example 14 with Permissions

use of com.thoughtworks.go.config.security.Permissions in project gocd by gocd.

the class GoDashboardPipelineTest method shouldKnowWhetherAUserIsPipelineLevelOperator.

@Test
public void shouldKnowWhetherAUserIsPipelineLevelOperator() throws Exception {
    Permissions permissions = new Permissions(NoOne.INSTANCE, NoOne.INSTANCE, NoOne.INSTANCE, new AllowedUsers(s("pipeline_operator"), Collections.emptySet()));
    GoDashboardPipeline pipeline = new GoDashboardPipeline(new PipelineModel("pipeline1", false, false, notPaused()), permissions, "group1", mock(TimeStampBasedCounter.class), new FileConfigOrigin());
    assertTrue(pipeline.isPipelineOperator("pipeline_operator"));
    assertFalse(pipeline.canBeAdministeredBy("viewer1"));
}

Example 15 with Permissions

use of com.thoughtworks.go.config.security.Permissions in project gocd by gocd.

the class CcTrayConfigChangeHandlerTest method shouldUpdateViewPermissionsForEveryProjectBasedOnViewPermissionsOfTheGroup.

@Test
public void shouldUpdateViewPermissionsForEveryProjectBasedOnViewPermissionsOfTheGroup() throws Exception {
    PluginRoleConfig admin = new PluginRoleConfig("admin", "ldap");
    pluginRoleUsersStore.assignRole("user4", admin);
    Permissions pipeline1Permissions = new Permissions(viewers("user1", "user2"), NoOne.INSTANCE, NoOne.INSTANCE, NoOne.INSTANCE);
    Permissions pipeline2Permissions = new Permissions(new AllowedUsers(s("user3"), Collections.singleton(admin)), NoOne.INSTANCE, NoOne.INSTANCE, NoOne.INSTANCE);
    when(pipelinePermissionsAuthority.pipelinesAndTheirPermissions()).thenReturn(m(new CaseInsensitiveString("pipeline1"), pipeline1Permissions, new CaseInsensitiveString("pipeline2"), pipeline2Permissions));
    CruiseConfig config = GoConfigMother.defaultCruiseConfig();
    goConfigMother.addPipelineWithGroup(config, "group2", "pipeline2", "stage2", "job2");
    goConfigMother.addPipelineWithGroup(config, "group1", "pipeline1", "stage1", "job1");
    handler.call(config);
    verify(cache).replaceAllEntriesInCacheWith(statusesCaptor.capture());
    List<ProjectStatus> statuses = statusesCaptor.getValue();
    assertThat(statuses.size(), is(4));
    assertThat(statuses.get(0).name(), is("pipeline1 :: stage1"));
    assertThat(statuses.get(0).canBeViewedBy("user1"), is(true));
    assertThat(statuses.get(0).canBeViewedBy("user2"), is(true));
    assertThat(statuses.get(0).canBeViewedBy("user3"), is(false));
    assertThat(statuses.get(0).canBeViewedBy("user4"), is(false));
    assertThat(statuses.get(1).name(), is("pipeline1 :: stage1 :: job1"));
    assertThat(statuses.get(1).canBeViewedBy("user1"), is(true));
    assertThat(statuses.get(1).canBeViewedBy("user2"), is(true));
    assertThat(statuses.get(1).canBeViewedBy("user3"), is(false));
    assertThat(statuses.get(1).canBeViewedBy("user4"), is(false));
    assertThat(statuses.get(2).name(), is("pipeline2 :: stage2"));
    assertThat(statuses.get(2).canBeViewedBy("user1"), is(false));
    assertThat(statuses.get(2).canBeViewedBy("user2"), is(false));
    assertThat(statuses.get(2).canBeViewedBy("user3"), is(true));
    assertThat(statuses.get(2).canBeViewedBy("user4"), is(true));
    assertThat(statuses.get(3).name(), is("pipeline2 :: stage2 :: job2"));
    assertThat(statuses.get(3).canBeViewedBy("user1"), is(false));
    assertThat(statuses.get(3).canBeViewedBy("user2"), is(false));
    assertThat(statuses.get(3).canBeViewedBy("user3"), is(true));
    assertThat(statuses.get(3).canBeViewedBy("user4"), is(true));
}