use of hudson.security.FullControlOnceLoggedInAuthorizationStrategy in project blueocean-plugin by jenkinsci.
the class BlueOceanConfigStatePreloader method getStateJson.
/**
* {@inheritDoc}
*/
@Override
public String getStateJson() {
StringWriter writer = new StringWriter();
Jenkins jenkins = Jenkins.getInstance();
String version = Jenkins.getVersion() != null ? Jenkins.getVersion().toString() : Jenkins.VERSION;
AuthorizationStrategy authorizationStrategy = jenkins.getAuthorizationStrategy();
boolean allowAnonymousRead = true;
if (authorizationStrategy instanceof FullControlOnceLoggedInAuthorizationStrategy) {
allowAnonymousRead = ((FullControlOnceLoggedInAuthorizationStrategy) authorizationStrategy).isAllowAnonymousRead();
}
new JSONBuilder(writer).object().key("version").value(getBlueOceanPluginVersion()).key("jenkinsConfig").object().key("version").value(version).key("security").object().key("enabled").value(jenkins.isUseSecurity()).key("loginUrl").value(jenkins.getSecurityRealm() == SecurityRealm.NO_AUTHENTICATION ? null : jenkins.getSecurityRealm().getLoginUrl()).key("authorizationStrategy").object().key("allowAnonymousRead").value(allowAnonymousRead).endObject().key("enableJWT").value(BlueOceanConfigProperties.BLUEOCEAN_FEATURE_JWT_AUTHENTICATION).endObject().endObject().key("features").object().key("organizations.enabled").value(Boolean.getBoolean("blueocean.features.organizations.enabled")).endObject().endObject();
return writer.toString();
}
use of hudson.security.FullControlOnceLoggedInAuthorizationStrategy in project hudson-2.x by hudson.
the class Hudson method loadTasks.
private synchronized TaskBuilder loadTasks() throws IOException {
File projectsDir = new File(root, "jobs");
if (!projectsDir.isDirectory() && !projectsDir.mkdirs()) {
if (projectsDir.exists()) {
throw new IOException(projectsDir + " is not a directory");
}
throw new IOException("Unable to create " + projectsDir + "\nPermission issue? Please create this directory manually.");
}
File[] subdirs = projectsDir.listFiles(new FileFilter() {
public boolean accept(File child) {
return child.isDirectory() && Items.getConfigFile(child).exists();
}
});
TaskGraphBuilder g = new TaskGraphBuilder();
Handle loadHudson = g.requires(InitMilestone.EXTENSIONS_AUGMENTED).attains(InitMilestone.JOB_LOADED).add("Loading global config", new Executable() {
public void run(Reactor session) throws Exception {
XmlFile cfg = getConfigFile();
if (cfg.exists()) {
// reset some data that may not exist in the disk file
// so that we can take a proper compensation action later.
primaryView = null;
views.clear();
// load from disk
cfg.unmarshal(Hudson.this);
}
// if we are loading old data that doesn't have this field
if (slaves == null) {
slaves = new NodeList();
}
clouds.setOwner(Hudson.this);
items.clear();
}
});
for (final File subdir : subdirs) {
g.requires(loadHudson).attains(InitMilestone.JOB_LOADED).notFatal().add("Loading job " + subdir.getName(), new Executable() {
public void run(Reactor session) throws Exception {
TopLevelItem item = (TopLevelItem) Items.load(Hudson.this, subdir);
items.put(item.getName(), item);
}
});
}
g.requires(InitMilestone.JOB_LOADED).add("Finalizing set up", new Executable() {
public void run(Reactor session) throws Exception {
rebuildDependencyGraph();
{
// recompute label objects - populates the labels mapping.
for (// Note that not all labels are visible until the slaves have connected.
Node slave : // Note that not all labels are visible until the slaves have connected.
slaves) {
slave.getAssignedLabels();
}
getAssignedLabels();
}
// this is both for clean Hudson and for backward compatibility.
if (views.size() == 0 || primaryView == null) {
View v = new AllView(Messages.Hudson_ViewName());
v.owner = Hudson.this;
views.add(0, v);
primaryView = v.getViewName();
}
// read in old data that doesn't have the security field set
if (authorizationStrategy == null) {
if (useSecurity == null || !useSecurity) {
authorizationStrategy = AuthorizationStrategy.UNSECURED;
} else {
authorizationStrategy = new FullControlOnceLoggedInAuthorizationStrategy();
}
}
if (securityRealm == null) {
if (useSecurity == null || !useSecurity) {
setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
} else {
setSecurityRealm(new LegacySecurityRealm());
}
} else {
// force the set to proxy
setSecurityRealm(securityRealm);
}
if (useSecurity != null && !useSecurity) {
// forced reset to the unsecure mode.
// this works as an escape hatch for people who locked themselves out.
authorizationStrategy = AuthorizationStrategy.UNSECURED;
setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
}
// Initialize the filter with the crumb issuer
setCrumbIssuer(crumbIssuer);
// auto register root actions
for (Action a : getExtensionList(RootAction.class)) {
if (!actions.contains(a)) {
actions.add(a);
}
}
}
});
return g;
}
Aggregations