Example 6 with AllowedUsers
use of com.thoughtworks.go.config.security.users.AllowedUsers in project gocd by gocd.
the class CcTrayJobStatusChangeHandlerTest method shouldReuseViewersListFromExistingStatusWhenCreatingNewStatus.
@Test
public void shouldReuseViewersListFromExistingStatusWhenCreatingNewStatus() throws Exception {
Users viewers = new AllowedUsers(s("viewer1", "viewer2"), Collections.singleton(new PluginRoleConfig("admin", "ldap")));
ProjectStatus oldStatusInCache = new ProjectStatus(projectNameFor("job1"), "OldActivity", "OldStatus", "OldLabel", new Date(), webUrlFor("job1"));
oldStatusInCache.updateViewers(viewers);
when(cache.get(projectNameFor("job1"))).thenReturn(oldStatusInCache);
CcTrayJobStatusChangeHandler handler = new CcTrayJobStatusChangeHandler(cache);
ProjectStatus newStatus = handler.statusFor(JobInstanceMother.building("job1"), new HashSet<>());
assertThat(newStatus.viewers(), is(viewers));
}
Also used :
ProjectStatus(com.thoughtworks.go.domain.activity.ProjectStatus)
AllowedUsers(com.thoughtworks.go.config.security.users.AllowedUsers)
Users(com.thoughtworks.go.config.security.users.Users)
AllowedUsers(com.thoughtworks.go.config.security.users.AllowedUsers)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
Date(java.util.Date)
Test(org.junit.Test)
Example 7 with AllowedUsers
use of com.thoughtworks.go.config.security.users.AllowedUsers in project gocd by gocd.
the class GoDashboardPipelineTest method shouldKnowWhetherAUserIsPipelineLevelOperator.
@Test
public void shouldKnowWhetherAUserIsPipelineLevelOperator() throws Exception {
Permissions permissions = new Permissions(NoOne.INSTANCE, NoOne.INSTANCE, NoOne.INSTANCE, new AllowedUsers(s("pipeline_operator"), Collections.emptySet()));
GoDashboardPipeline pipeline = new GoDashboardPipeline(new PipelineModel("pipeline1", false, false, notPaused()), permissions, "group1", mock(TimeStampBasedCounter.class), new FileConfigOrigin());
assertTrue(pipeline.isPipelineOperator("pipeline_operator"));
assertFalse(pipeline.canBeAdministeredBy("viewer1"));
}
Also used :
FileConfigOrigin(com.thoughtworks.go.config.remote.FileConfigOrigin)
AllowedUsers(com.thoughtworks.go.config.security.users.AllowedUsers)
Permissions(com.thoughtworks.go.config.security.Permissions)
PipelineModel(com.thoughtworks.go.presentation.pipelinehistory.PipelineModel)
Test(org.junit.Test)
Example 8 with AllowedUsers
use of com.thoughtworks.go.config.security.users.AllowedUsers in project gocd by gocd.
the class ProjectStatusTest method shouldNotBeViewableByAnyoneTillViewersAreUpdated.
@Test
public void shouldNotBeViewableByAnyoneTillViewersAreUpdated() throws Exception {
ProjectStatus status = new ProjectStatus("name", "activity", "web-url");
assertThat(status.canBeViewedBy("abc"), is(false));
assertThat(status.canBeViewedBy("def"), is(false));
status.updateViewers(new AllowedUsers(s("abc", "ghi"), Collections.emptySet()));
assertThat(status.canBeViewedBy("abc"), is(true));
assertThat(status.canBeViewedBy("def"), is(false));
assertThat(status.canBeViewedBy("ghi"), is(true));
}
Also used :
AllowedUsers(com.thoughtworks.go.config.security.users.AllowedUsers)
Test(org.junit.Test)
Example 9 with AllowedUsers
use of com.thoughtworks.go.config.security.users.AllowedUsers in project gocd by gocd.
the class CcTrayConfigChangeHandlerTest method shouldUpdateViewPermissionsForEveryProjectBasedOnViewPermissionsOfTheGroup.
@Test
public void shouldUpdateViewPermissionsForEveryProjectBasedOnViewPermissionsOfTheGroup() throws Exception {
PluginRoleConfig admin = new PluginRoleConfig("admin", "ldap");
pluginRoleUsersStore.assignRole("user4", admin);
Permissions pipeline1Permissions = new Permissions(viewers("user1", "user2"), NoOne.INSTANCE, NoOne.INSTANCE, NoOne.INSTANCE);
Permissions pipeline2Permissions = new Permissions(new AllowedUsers(s("user3"), Collections.singleton(admin)), NoOne.INSTANCE, NoOne.INSTANCE, NoOne.INSTANCE);
when(pipelinePermissionsAuthority.pipelinesAndTheirPermissions()).thenReturn(m(new CaseInsensitiveString("pipeline1"), pipeline1Permissions, new CaseInsensitiveString("pipeline2"), pipeline2Permissions));
CruiseConfig config = GoConfigMother.defaultCruiseConfig();
goConfigMother.addPipelineWithGroup(config, "group2", "pipeline2", "stage2", "job2");
goConfigMother.addPipelineWithGroup(config, "group1", "pipeline1", "stage1", "job1");
handler.call(config);
verify(cache).replaceAllEntriesInCacheWith(statusesCaptor.capture());
List<ProjectStatus> statuses = statusesCaptor.getValue();
assertThat(statuses.size(), is(4));
assertThat(statuses.get(0).name(), is("pipeline1 :: stage1"));
assertThat(statuses.get(0).canBeViewedBy("user1"), is(true));
assertThat(statuses.get(0).canBeViewedBy("user2"), is(true));
assertThat(statuses.get(0).canBeViewedBy("user3"), is(false));
assertThat(statuses.get(0).canBeViewedBy("user4"), is(false));
assertThat(statuses.get(1).name(), is("pipeline1 :: stage1 :: job1"));
assertThat(statuses.get(1).canBeViewedBy("user1"), is(true));
assertThat(statuses.get(1).canBeViewedBy("user2"), is(true));
assertThat(statuses.get(1).canBeViewedBy("user3"), is(false));
assertThat(statuses.get(1).canBeViewedBy("user4"), is(false));
assertThat(statuses.get(2).name(), is("pipeline2 :: stage2"));
assertThat(statuses.get(2).canBeViewedBy("user1"), is(false));
assertThat(statuses.get(2).canBeViewedBy("user2"), is(false));
assertThat(statuses.get(2).canBeViewedBy("user3"), is(true));
assertThat(statuses.get(2).canBeViewedBy("user4"), is(true));
assertThat(statuses.get(3).name(), is("pipeline2 :: stage2 :: job2"));
assertThat(statuses.get(3).canBeViewedBy("user1"), is(false));
assertThat(statuses.get(3).canBeViewedBy("user2"), is(false));
assertThat(statuses.get(3).canBeViewedBy("user3"), is(true));
assertThat(statuses.get(3).canBeViewedBy("user4"), is(true));
}
Also used :
ProjectStatus(com.thoughtworks.go.domain.activity.ProjectStatus)
AllowedUsers(com.thoughtworks.go.config.security.users.AllowedUsers)
Permissions(com.thoughtworks.go.config.security.Permissions)
Test(org.junit.Test)
Example 10 with AllowedUsers
use of com.thoughtworks.go.config.security.users.AllowedUsers in project gocd by gocd.
the class GoConfigPipelinePermissionsAuthority method pipelinesInGroupsAndTheirPermissions.
private Map<CaseInsensitiveString, Permissions> pipelinesInGroupsAndTheirPermissions(PipelineGroups groups) {
final Map<CaseInsensitiveString, Permissions> pipelinesAndTheirPermissions = new HashMap<>();
final SecurityConfig security = goConfigService.security();
final Map<String, Collection<String>> rolesToUsers = rolesToUsers(security);
final Set<String> superAdminUsers = namesOf(security.adminsConfig(), rolesToUsers);
final Set<PluginRoleConfig> superAdminPluginRoles = pluginRolesFor(security.adminsConfig().getRoles());
final boolean hasNoAdminsDefinedAtRootLevel = noSuperAdminsDefined();
groups.accept(new PipelineGroupVisitor() {
@Override
public void visit(PipelineConfigs group) {
Set<String> viewers = new HashSet<>();
Set<String> operators = new HashSet<>();
Set<String> admins = new HashSet<>();
Set<String> pipelineGroupViewers = namesOf(group.getAuthorization().getViewConfig(), rolesToUsers);
Set<String> pipelineGroupOperators = namesOf(group.getAuthorization().getOperationConfig(), rolesToUsers);
Set<String> pipelineGroupAdmins = namesOf(group.getAuthorization().getAdminsConfig(), rolesToUsers);
Set<PluginRoleConfig> pipelineGroupViewerRoles = pluginRolesFor(group.getAuthorization().getViewConfig().getRoles());
Set<PluginRoleConfig> pipelineGroupOperatorRoles = pluginRolesFor(group.getAuthorization().getOperationConfig().getRoles());
Set<PluginRoleConfig> pipelineGroupAdminRoles = pluginRolesFor(group.getAuthorization().getAdminsConfig().getRoles());
pipelineGroupAdminRoles.addAll(superAdminPluginRoles);
pipelineGroupOperatorRoles.addAll(pipelineGroupAdminRoles);
pipelineGroupViewerRoles.addAll(pipelineGroupAdminRoles);
admins.addAll(superAdminUsers);
admins.addAll(pipelineGroupAdmins);
operators.addAll(admins);
operators.addAll(pipelineGroupOperators);
viewers.addAll(admins);
viewers.addAll(pipelineGroupViewers);
boolean hasNoAuthDefinedAtGroupLevel = !group.hasAuthorizationDefined();
for (PipelineConfig pipeline : group) {
if (hasNoAdminsDefinedAtRootLevel) {
pipelinesAndTheirPermissions.put(pipeline.name(), new Permissions(Everyone.INSTANCE, Everyone.INSTANCE, Everyone.INSTANCE, Everyone.INSTANCE));
} else if (hasNoAuthDefinedAtGroupLevel) {
AllowedUsers adminUsers = new AllowedUsers(admins, pipelineGroupAdminRoles);
pipelinesAndTheirPermissions.put(pipeline.name(), new Permissions(Everyone.INSTANCE, Everyone.INSTANCE, adminUsers, Everyone.INSTANCE));
} else {
AllowedUsers pipelineOperators = pipelineOperators(pipeline, admins, new AllowedUsers(operators, pipelineGroupOperatorRoles), rolesToUsers);
Permissions permissions = new Permissions(new AllowedUsers(viewers, pipelineGroupViewerRoles), new AllowedUsers(operators, pipelineGroupOperatorRoles), new AllowedUsers(admins, pipelineGroupAdminRoles), pipelineOperators);
pipelinesAndTheirPermissions.put(pipeline.name(), permissions);
}
}
}
});
return pipelinesAndTheirPermissions;
}
Also used :
AllowedUsers(com.thoughtworks.go.config.security.users.AllowedUsers)
PipelineGroupVisitor(com.thoughtworks.go.domain.PipelineGroupVisitor)
Aggregations
AllowedUsers (com.thoughtworks.go.config.security.users.AllowedUsers)10
Test (org.junit.Test)9
Permissions (com.thoughtworks.go.config.security.Permissions)7
FileConfigOrigin (com.thoughtworks.go.config.remote.FileConfigOrigin)4
PipelineModel (com.thoughtworks.go.presentation.pipelinehistory.PipelineModel)4
ProjectStatus (com.thoughtworks.go.domain.activity.ProjectStatus)2
PipelineConfig (com.thoughtworks.go.config.PipelineConfig)1
PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)1
Users (com.thoughtworks.go.config.security.users.Users)1
PipelineGroupVisitor (com.thoughtworks.go.domain.PipelineGroupVisitor)1
Username (com.thoughtworks.go.server.domain.Username)1
PipelineSelections (com.thoughtworks.go.server.domain.user.PipelineSelections)1
Date (java.util.Date)1
