Examples with ACL hudson.security.ACL used on opensource projects

Search in sources :

Example 1 with ACL

use of hudson.security.ACL in project selenium_java by sergueik.

the class AuditReportsAuthorizationStrategy method getRootACL.

@Override
public ACL getRootACL() {
    return new ACL() {

        @Override
        public boolean hasPermission(final Authentication auth, final Permission requestedPermission) {
            final String requestedUser = auth.getName();
            final ACL originalACL = template.getRootACL();
            boolean retval = originalACL.hasPermission(auth, requestedPermission);
            if (retval) {
                if (0 == Permission.ID_COMPARATOR.compare(requestedPermission, AuditReportsAuthorizationStrategy.this.permission)) {
                    retval = retval && requestedUser.equalsIgnoreCase(AuditReportsAuthorizationStrategy.this.user);
                }
            }
            return retval;
        }
    };
}
Also used : Authentication(org.acegisecurity.Authentication) Permission(hudson.security.Permission) ACL(hudson.security.ACL)

Example 2 with ACL

use of hudson.security.ACL in project blueocean-plugin by jenkinsci.

the class ScmResourceImpl method checkPermission.

@Nonnull
private User checkPermission() {
    ACL acl;
    if (item.getParent() != null && item.getParent() instanceof OrganizationFolder) {
        acl = ((OrganizationFolder) item.getParent()).getACL();
    } else {
        acl = item.getACL();
    }
    Authentication a = Jenkins.getAuthentication2();
    User user = User.get2(a);
    if (user == null) {
        throw new ServiceException.UnauthorizedException("No logged in user found");
    }
    if (!acl.hasPermission2(a, Item.CONFIGURE)) {
        throw new ServiceException.ForbiddenException(String.format("User %s must have Job configure permission to access content", a.getName()));
    }
    return user;
}
Also used : OrganizationFolder(jenkins.branch.OrganizationFolder) User(hudson.model.User) Authentication(org.springframework.security.core.Authentication) ACL(hudson.security.ACL) Nonnull(javax.annotation.Nonnull)

Example 3 with ACL

use of hudson.security.ACL in project blueocean-plugin by jenkinsci.

the class OrganizationFolderTest method testOrganizationFolderFactoryNoPermissionsFolder.

@Test(expected = ServiceException.ForbiddenException.class)
public void testOrganizationFolderFactoryNoPermissionsFolder() throws Exception {
    List<OrganizationFolderPipelineImpl.OrganizationFolderFactory> organizationFolderFactoryList = ExtensionList.lookup(OrganizationFolderPipelineImpl.OrganizationFolderFactory.class);
    OrganizationFolderFactoryTestImpl organizationFolderFactoryTest = ((ExtensionList<OrganizationFolderPipelineImpl.OrganizationFolderFactory>) organizationFolderFactoryList).get(OrganizationFolderFactoryTestImpl.class);
    assertNotNull(organizationFolderFactoryTest);
    OrganizationFolderPipelineImpl folderPipeline = organizationFolderFactoryTest.getFolder(orgFolder, new Reachable() {

        @Override
        public Link getLink() {
            return organization.getLink().rel("/pipelines/");
        }
    }, mockOrganization());
    assertNotNull(folderPipeline);
    assertNotNull(folderPipeline.getQueue());
    assertNotNull(folderPipeline.getQueue().iterator());
    // Make sure the user does not have permissions to that folder
    PowerMockito.when(orgFolder.getACL()).thenReturn(new ACL() {

        @Override
        public boolean hasPermission(Authentication arg0, Permission arg1) {
            return false;
        }
    });
    ScmResourceImpl scmResource = new ScmResourceImpl(orgFolder, folderPipeline);
    StaplerRequest staplerRequest = PowerMockito.mock(StaplerRequest.class);
    assertEquals("hello", scmResource.getContent(staplerRequest));
}
Also used : StaplerRequest(org.kohsuke.stapler.StaplerRequest) ACL(hudson.security.ACL) Authentication(org.acegisecurity.Authentication) ExtensionList(hudson.ExtensionList) Reachable(io.jenkins.blueocean.rest.Reachable) Permission(hudson.security.Permission) Link(io.jenkins.blueocean.rest.hal.Link) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 4 with ACL

use of hudson.security.ACL in project blueocean-plugin by jenkinsci.

the class OrganizationFolderTest method testOrganizationFolderFactory.

@Test
public void testOrganizationFolderFactory() throws Exception {
    List<OrganizationFolderPipelineImpl.OrganizationFolderFactory> organizationFolderFactoryList = ExtensionList.lookup(OrganizationFolderPipelineImpl.OrganizationFolderFactory.class);
    OrganizationFolderFactoryTestImpl organizationFolderFactoryTest = ((ExtensionList<OrganizationFolderPipelineImpl.OrganizationFolderFactory>) organizationFolderFactoryList).get(OrganizationFolderFactoryTestImpl.class);
    assertNotNull(organizationFolderFactoryTest);
    OrganizationFolderPipelineImpl folderPipeline = organizationFolderFactoryTest.getFolder(orgFolder, () -> organization.getLink().rel("/pipelines/"), mockOrganization());
    assertNotNull(folderPipeline);
    assertNotNull(folderPipeline.getQueue());
    assertNotNull(folderPipeline.getQueue().iterator());
    // Make sure the user does has permissions to that folder
    PowerMockito.when(orgFolder.getACL()).thenReturn(new ACL() {

        @Override
        public boolean hasPermission(Authentication arg0, Permission arg1) {
            return true;
        }
    });
    ScmResourceImpl scmResource = new ScmResourceImpl(orgFolder, folderPipeline);
    StaplerRequest staplerRequest = PowerMockito.mock(StaplerRequest.class);
    assertEquals("hello", scmResource.getContent(staplerRequest));
}
Also used : Authentication(org.acegisecurity.Authentication) ExtensionList(hudson.ExtensionList) Permission(hudson.security.Permission) StaplerRequest(org.kohsuke.stapler.StaplerRequest) ACL(hudson.security.ACL) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Example 5 with ACL

use of hudson.security.ACL in project blueocean-plugin by jenkinsci.

the class AbstractPipelineCreateRequest method checkUserIsAuthenticatedAndHasItemCreatePermission.

protected User checkUserIsAuthenticatedAndHasItemCreatePermission(BlueOrganization organization) {
    ModifiableTopLevelItemGroup p = getParent(organization);
    User authenticatedUser = User.current();
    if (authenticatedUser == null) {
        throw new ServiceException.UnauthorizedException("Must be logged in to create a pipeline");
    }
    Authentication authentication = Jenkins.getAuthentication2();
    ACL acl = (p instanceof AccessControlled) ? ((AccessControlled) p).getACL() : Jenkins.get().getACL();
    if (!acl.hasPermission2(authentication, Item.CREATE)) {
        throw new ServiceException.ForbiddenException(String.format("User %s doesn't have Job create permission", authenticatedUser.getId()));
    }
    return authenticatedUser;
}
Also used : AccessControlled(hudson.security.AccessControlled) User(hudson.model.User) ModifiableTopLevelItemGroup(jenkins.model.ModifiableTopLevelItemGroup) Authentication(org.springframework.security.core.Authentication) ACL(hudson.security.ACL)

Aggregations

ACL (hudson.security.ACL)11 Authentication (org.acegisecurity.Authentication)8 Permission (hudson.security.Permission)5 User (hudson.model.User)4 Nonnull (javax.annotation.Nonnull)4 ModifiableTopLevelItemGroup (jenkins.model.ModifiableTopLevelItemGroup)3 Test (org.junit.Test)3 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)3 Authentication (org.springframework.security.core.Authentication)3 ExtensionList (hudson.ExtensionList)2 Item (hudson.model.Item)2 TopLevelItemDescriptor (hudson.model.TopLevelItemDescriptor)2 AccessControlled (hudson.security.AccessControlled)2 BlueUserPermission (io.jenkins.blueocean.rest.model.BlueUserPermission)2 OrganizationFolder (jenkins.branch.OrganizationFolder)2 AssumptionViolatedException (org.junit.AssumptionViolatedException)2 StaplerRequest (org.kohsuke.stapler.StaplerRequest)2 Cause (hudson.model.Cause)1 CauseAction (hudson.model.CauseAction)1 ItemGroup (hudson.model.ItemGroup)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial