Example 6 with FileWriteBuilder
use of hudson.plugins.copyartifact.testutils.FileWriteBuilder in project copyartifact-plugin by jenkinsci.
the class CopyArtifactTest method testPermissionWhenParameterized.
/**
* When the source project name is parameterized, cannot check at configure time whether
* the project is accessible. In this case, permission check is done when the build runs.
* Only jobs accessible to all authenticated users are allowed.
*/
@Test
public void testPermissionWhenParameterized() throws Exception {
rule.jenkins.setSecurityRealm(rule.createDummySecurityRealm());
MockAuthorizationStrategy auth = new MockAuthorizationStrategy().grant(Jenkins.READ).onRoot().toEveryone();
rule.jenkins.setAuthorizationStrategy(auth);
FreeStyleProject testJob = rule.createFreeStyleProject("testJob");
auth.grant(Item.READ).onItems(testJob).to("joe");
testJob.getBuildersList().add(new FileWriteBuilder("foo.txt", "bar"));
testJob.getPublishersList().add(new ArtifactArchiver("*.txt"));
rule.assertBuildStatusSuccess(testJob.scheduleBuild2(0));
FreeStyleProject testJob2 = rule.createFreeStyleProject("testJob2");
auth.grant(Item.READ).onItems(testJob2).toAuthenticated();
testJob2.getBuildersList().add(new FileWriteBuilder("foo2.txt", "bar"));
testJob2.getPublishersList().add(new ArtifactArchiver("*.txt"));
rule.assertBuildStatusSuccess(testJob2.scheduleBuild2(0));
FreeStyleProject p = createProject("test$JOB", null, "", "", false, false, false, true);
ParameterDefinition paramDef = new StringParameterDefinition("JOB", "job1");
ParametersDefinitionProperty paramsDef = new ParametersDefinitionProperty(paramDef);
p.addProperty(paramsDef);
// Build step should succeed when this parameter expands to a job accessible
// to authenticated users (even if triggered by anonymous, as in this case):
SecurityContextHolder.clearContext();
FreeStyleBuild b = p.scheduleBuild2(0, new UserCause(), new ParametersAction(new StringParameterValue("JOB", "Job2"))).get();
assertFile(true, "foo2.txt", b);
rule.assertBuildStatusSuccess(b);
// Build step should fail for a job not accessible to all authenticated users,
// even when accessible to the user starting the job, as in this case:
SecurityContext old = ACL.impersonate(new UsernamePasswordAuthenticationToken("joe", "joe"));
try {
b = p.scheduleBuild2(0, new UserCause(), new ParametersAction(new StringParameterValue("JOB", "Job"))).get();
assertFile(false, "foo.txt", b);
rule.assertBuildStatus(Result.FAILURE, b);
} finally {
SecurityContextHolder.setContext(old);
}
}
Also used :
ArtifactArchiver(hudson.tasks.ArtifactArchiver)
UserCause(hudson.model.Cause.UserCause)
UsernamePasswordAuthenticationToken(org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
MockAuthorizationStrategy(org.jvnet.hudson.test.MockAuthorizationStrategy)
FileWriteBuilder(hudson.plugins.copyartifact.testutils.FileWriteBuilder)
SecurityContext(org.acegisecurity.context.SecurityContext)
Test(org.junit.Test)
Example 7 with FileWriteBuilder
use of hudson.plugins.copyartifact.testutils.FileWriteBuilder in project copyartifact-plugin by jenkinsci.
the class CopyArtifactTest method artifactsPermissionAnonymousSuccess.
@Test
public void artifactsPermissionAnonymousSuccess() throws Exception {
System.setProperty("hudson.security.ArtifactsPermission", "true");
rule.jenkins.setSecurityRealm(rule.createDummySecurityRealm());
MockAuthorizationStrategy authStrategy = new MockAuthorizationStrategy();
rule.jenkins.setAuthorizationStrategy(authStrategy);
FreeStyleProject src = rule.createFreeStyleProject();
src.getBuildersList().add(new FileWriteBuilder("artifact.txt", "foobar"));
src.getPublishersList().add(new ArtifactArchiver("artifact.txt"));
authStrategy.grant(Item.READ).onItems(src).toEveryone();
authStrategy.grant(Run.ARTIFACTS).onItems(src).toEveryone();
rule.assertBuildStatusSuccess(src.scheduleBuild2(0));
FreeStyleProject dest = rule.createFreeStyleProject();
dest.getBuildersList().add(CopyArtifactUtil.createCopyArtifact(src.getName(), "", new StatusBuildSelector(), "", "", false, false, true));
rule.assertBuildStatusSuccess(dest.scheduleBuild2(0));
}
Also used :
ArtifactArchiver(hudson.tasks.ArtifactArchiver)
MockAuthorizationStrategy(org.jvnet.hudson.test.MockAuthorizationStrategy)
FileWriteBuilder(hudson.plugins.copyartifact.testutils.FileWriteBuilder)
Test(org.junit.Test)
Example 8 with FileWriteBuilder
use of hudson.plugins.copyartifact.testutils.FileWriteBuilder in project copyartifact-plugin by jenkinsci.
the class CopyArtifactTest method artifactsPermissionWithAuthFailure.
@Test
public void artifactsPermissionWithAuthFailure() throws Exception {
System.setProperty("hudson.security.ArtifactsPermission", "true");
rule.jenkins.setSecurityRealm(rule.createDummySecurityRealm());
MockAuthorizationStrategy authStrategy = new MockAuthorizationStrategy();
rule.jenkins.setAuthorizationStrategy(authStrategy);
authStrategy.grant(Item.BUILD).onRoot().to("joe");
authStrategy.grant(Computer.BUILD).onRoot().to("joe");
FreeStyleProject src = rule.createFreeStyleProject();
src.getBuildersList().add(new FileWriteBuilder("artifact.txt", "foobar"));
src.getPublishersList().add(new ArtifactArchiver("artifact.txt"));
authStrategy.grant(Item.READ).onItems(src).to("joe");
// Watch out: No Run.Artifacts permission.
// authStrategy.grant(Run.ARTIFACTS).onItems(src).to("joe");
rule.assertBuildStatusSuccess(src.scheduleBuild2(0));
FreeStyleProject dest = rule.createFreeStyleProject();
dest.getBuildersList().add(CopyArtifactUtil.createCopyArtifact(src.getName(), "", new StatusBuildSelector(), "", "", false, false, true));
Map<String, Authentication> authMap = new HashMap<>();
authMap.put(dest.getFullName(), User.getById("joe", true).impersonate());
QueueItemAuthenticatorConfiguration.get().getAuthenticators().clear();
QueueItemAuthenticatorConfiguration.get().getAuthenticators().add(new MockQueueItemAuthenticator(authMap));
rule.assertBuildStatus(Result.FAILURE, dest.scheduleBuild2(0));
}
Also used :
MockQueueItemAuthenticator(org.jvnet.hudson.test.MockQueueItemAuthenticator)
ArtifactArchiver(hudson.tasks.ArtifactArchiver)
HashMap(java.util.HashMap)
Authentication(org.acegisecurity.Authentication)
MockAuthorizationStrategy(org.jvnet.hudson.test.MockAuthorizationStrategy)
FileWriteBuilder(hudson.plugins.copyartifact.testutils.FileWriteBuilder)
Test(org.junit.Test)
Example 9 with FileWriteBuilder
use of hudson.plugins.copyartifact.testutils.FileWriteBuilder in project copyartifact-plugin by jenkinsci.
the class LegacyJobConfigMigrationMonitorTest method setupAnonymousJob.
private void setupAnonymousJob() throws Exception {
j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
MockAuthorizationStrategy auth = new MockAuthorizationStrategy();
j.jenkins.setAuthorizationStrategy(auth);
FreeStyleProject toBeCopied = j.createFreeStyleProject("to-be-copied");
auth.grant(Item.READ).onItems(toBeCopied).toEveryone();
toBeCopied.getBuildersList().add(new FileWriteBuilder("test.txt", "test"));
toBeCopied.getPublishersList().add(new ArtifactArchiver("**"));
FreeStyleProject copier = j.createFreeStyleProject("copier");
copier.getBuildersList().add(new CopyArtifact(toBeCopied.getFullName()));
}
Also used :
ArtifactArchiver(hudson.tasks.ArtifactArchiver)
MockAuthorizationStrategy(org.jvnet.hudson.test.MockAuthorizationStrategy)
FileWriteBuilder(hudson.plugins.copyartifact.testutils.FileWriteBuilder)
CopyArtifact(hudson.plugins.copyartifact.CopyArtifact)
FreeStyleProject(hudson.model.FreeStyleProject)
Example 10 with FileWriteBuilder
use of hudson.plugins.copyartifact.testutils.FileWriteBuilder in project copyartifact-plugin by jenkinsci.
the class LegacyJobConfigMigrationMonitorTest method setupWorkflowJob.
private void setupWorkflowJob() throws Exception {
j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
MockAuthorizationStrategy auth = new MockAuthorizationStrategy().grant(Jenkins.ADMINISTER).everywhere().to("admin").grant(Jenkins.READ).onRoot().toEveryone().grant(Computer.BUILD).everywhere().toEveryone();
j.jenkins.setAuthorizationStrategy(auth);
FreeStyleProject toBeCopiedAnonymous = j.createFreeStyleProject("to-be-copied_anonymous");
auth.grant(Item.READ, Item.CONFIGURE).onItems(toBeCopiedAnonymous).toEveryone();
toBeCopiedAnonymous.getBuildersList().add(new FileWriteBuilder("test.txt", "test"));
toBeCopiedAnonymous.getPublishersList().add(new ArtifactArchiver("**"));
// Originally this is configured without AuthorizationMatrixProperty,
// which results inheriting the global configuration,
// in contract to that other jobs doesn't inherit the global configuration
// MockAuthorizationStrategy doesn't provide feature to refuse inheriting
// in a specific job, so this job is configured to grant Item.READ to everyone,
// which was originally configured in the global configuration.
FreeStyleProject toBeCopiedNoauth = j.createFreeStyleProject("to-be-copied_noauth");
auth.grant(Item.READ).onItems(toBeCopiedNoauth).toEveryone();
toBeCopiedNoauth.getBuildersList().add(new FileWriteBuilder("test.txt", "test"));
toBeCopiedNoauth.getPublishersList().add(new ArtifactArchiver("**"));
FreeStyleProject toBeCopiedRestricted = j.createFreeStyleProject("to-be-copied_restricted");
auth.grant(Item.READ).onItems(toBeCopiedRestricted).to("leader", "admin");
toBeCopiedRestricted.getBuildersList().add(new FileWriteBuilder("test.txt", "test"));
toBeCopiedRestricted.getPublishersList().add(new ArtifactArchiver("**"));
WorkflowJob copierAnonymous = j.createWorkflow("copier_anonymous", "copyArtifacts(projectName: 'to-be-copied_anonymous');");
copierAnonymous.addProperty(new ParametersDefinitionProperty(new StringParameterDefinition("sourceProject", "")));
WorkflowJob copierNoauth = j.createWorkflow("copier_noauth", "copyArtifacts(projectName: 'to-be-copied_noauth');");
copierNoauth.addProperty(new ParametersDefinitionProperty(new StringParameterDefinition("sourceProject", "")));
WorkflowJob copierParam = j.createWorkflow("copier_param", "copyArtifacts(projectName: '${sourceProject}');");
copierParam.addProperty(new ParametersDefinitionProperty(new StringParameterDefinition("sourceProject", "")));
WorkflowJob copierRestricted = j.createWorkflow("copier_restricted", "copyArtifacts(projectName: 'to-be-copied_restricted');");
copierRestricted.addProperty(new ParametersDefinitionProperty(new StringParameterDefinition("sourceProject", "")));
}
Also used :
ArtifactArchiver(hudson.tasks.ArtifactArchiver)
StringParameterDefinition(hudson.model.StringParameterDefinition)
ParametersDefinitionProperty(hudson.model.ParametersDefinitionProperty)
MockAuthorizationStrategy(org.jvnet.hudson.test.MockAuthorizationStrategy)
FileWriteBuilder(hudson.plugins.copyartifact.testutils.FileWriteBuilder)
FreeStyleProject(hudson.model.FreeStyleProject)
WorkflowJob(org.jenkinsci.plugins.workflow.job.WorkflowJob)
Aggregations
FileWriteBuilder (hudson.plugins.copyartifact.testutils.FileWriteBuilder)37
ArtifactArchiver (hudson.tasks.ArtifactArchiver)37
Test (org.junit.Test)32
FreeStyleProject (hudson.model.FreeStyleProject)26
FreeStyleBuild (hudson.model.FreeStyleBuild)17
ParametersDefinitionProperty (hudson.model.ParametersDefinitionProperty)15
StringParameterDefinition (hudson.model.StringParameterDefinition)15
ParametersAction (hudson.model.ParametersAction)13
StringParameterValue (hudson.model.StringParameterValue)13
ParameterDefinition (hudson.model.ParameterDefinition)11
BuildTrigger (hudson.tasks.BuildTrigger)11
MockAuthorizationStrategy (org.jvnet.hudson.test.MockAuthorizationStrategy)11
Cause (hudson.model.Cause)10
WorkflowJob (org.jenkinsci.plugins.workflow.job.WorkflowJob)9
CpsFlowDefinition (org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition)6
CopyArtifact (hudson.plugins.copyartifact.CopyArtifact)4
File (java.io.File)4
WorkflowRun (org.jenkinsci.plugins.workflow.job.WorkflowRun)4
Axis (hudson.matrix.Axis)3
AxisList (hudson.matrix.AxisList)3
