use of hudson.security.Permission in project hudson-2.x by hudson.
the class Job method grantProjectMatrixPermissions.
/**
* Grants project permissions to the user.
*
* @param user user
*/
protected void grantProjectMatrixPermissions(User user) {
if (Hudson.getInstance().getAuthorizationStrategy() instanceof ProjectMatrixAuthorizationStrategy) {
Map<Permission, Set<String>> grantedPermissions = new HashMap<Permission, Set<String>>();
Set<String> users = Sets.newHashSet(user.getId());
grantedPermissions.put(Item.BUILD, users);
grantedPermissions.put(Item.CONFIGURE, users);
grantedPermissions.put(Item.DELETE, users);
grantedPermissions.put(Item.READ, users);
grantedPermissions.put(Item.WORKSPACE, users);
grantedPermissions.put(Run.DELETE, users);
grantedPermissions.put(Run.UPDATE, users);
AuthorizationMatrixProperty amp = new AuthorizationMatrixProperty(grantedPermissions);
amp.setOwner(this);
properties.add(amp);
}
}
use of hudson.security.Permission in project blueocean-plugin by jenkinsci.
the class OrganizationFolderTest method testOrganizationFolderFactoryNoPermissionsFolder.
@Test(expected = ServiceException.ForbiddenException.class)
public void testOrganizationFolderFactoryNoPermissionsFolder() throws Exception {
List<OrganizationFolderPipelineImpl.OrganizationFolderFactory> organizationFolderFactoryList = ExtensionList.lookup(OrganizationFolderPipelineImpl.OrganizationFolderFactory.class);
OrganizationFolderFactoryTestImpl organizationFolderFactoryTest = ((ExtensionList<OrganizationFolderPipelineImpl.OrganizationFolderFactory>) organizationFolderFactoryList).get(OrganizationFolderFactoryTestImpl.class);
assertNotNull(organizationFolderFactoryTest);
OrganizationFolderPipelineImpl folderPipeline = organizationFolderFactoryTest.getFolder(orgFolder, new Reachable() {
@Override
public Link getLink() {
return organization.getLink().rel("/pipelines/");
}
}, mockOrganization());
assertNotNull(folderPipeline);
assertNotNull(folderPipeline.getQueue());
assertNotNull(folderPipeline.getQueue().iterator());
// Make sure the user does not have permissions to that folder
PowerMockito.when(orgFolder.getACL()).thenReturn(new ACL() {
@Override
public boolean hasPermission(Authentication arg0, Permission arg1) {
return false;
}
});
ScmResourceImpl scmResource = new ScmResourceImpl(orgFolder, folderPipeline);
StaplerRequest staplerRequest = PowerMockito.mock(StaplerRequest.class);
assertEquals("hello", scmResource.getContent(staplerRequest));
}
use of hudson.security.Permission in project blueocean-plugin by jenkinsci.
the class OrganizationFolderTest method testOrganizationFolderFactory.
@Test
public void testOrganizationFolderFactory() throws Exception {
List<OrganizationFolderPipelineImpl.OrganizationFolderFactory> organizationFolderFactoryList = ExtensionList.lookup(OrganizationFolderPipelineImpl.OrganizationFolderFactory.class);
OrganizationFolderFactoryTestImpl organizationFolderFactoryTest = ((ExtensionList<OrganizationFolderPipelineImpl.OrganizationFolderFactory>) organizationFolderFactoryList).get(OrganizationFolderFactoryTestImpl.class);
assertNotNull(organizationFolderFactoryTest);
OrganizationFolderPipelineImpl folderPipeline = organizationFolderFactoryTest.getFolder(orgFolder, () -> organization.getLink().rel("/pipelines/"), mockOrganization());
assertNotNull(folderPipeline);
assertNotNull(folderPipeline.getQueue());
assertNotNull(folderPipeline.getQueue().iterator());
// Make sure the user does has permissions to that folder
PowerMockito.when(orgFolder.getACL()).thenReturn(new ACL() {
@Override
public boolean hasPermission(Authentication arg0, Permission arg1) {
return true;
}
});
ScmResourceImpl scmResource = new ScmResourceImpl(orgFolder, folderPipeline);
StaplerRequest staplerRequest = PowerMockito.mock(StaplerRequest.class);
assertEquals("hello", scmResource.getContent(staplerRequest));
}
use of hudson.security.Permission in project blueocean-plugin by jenkinsci.
the class UserImplPermissionTest method useTestAgainstJenkinsRoot.
/**
* Tests against jenkins
*/
@Test
public void useTestAgainstJenkinsRoot() {
try {
// https://github.com/powermock/powermock/issues/428
OrganizationImpl baseOrg = new OrganizationImpl("jenkins", jenkins);
UserImpl userImpl = new UserImpl(baseOrg, user, baseOrg);
checkPermissions(userImpl.getPermission(), false, false);
when(jenkins.getACL()).thenReturn(new ACL() {
public boolean hasPermission(Authentication a, Permission permission) {
return true;
}
});
checkPermissions(userImpl.getPermission(), true, true);
} catch (AssumptionViolatedException x) {
System.err.println(x);
}
}
use of hudson.security.Permission in project blueocean-plugin by jenkinsci.
the class UserImplPermissionTest method setup.
@Before
public void setup() throws IOException {
testOrganization = new TestOrganization("org", "orgDisplayName");
user = mock(User.class);
when(user.getId()).thenReturn("some_user");
authentication = new Authentication() {
public String getName() {
return "some_user";
}
public GrantedAuthority[] getAuthorities() {
return null;
}
public Object getCredentials() {
return null;
}
public Object getDetails() {
return null;
}
public Object getPrincipal() {
return null;
}
public boolean isAuthenticated() {
return false;
}
public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
}
};
jenkins = mock(Jenkins.class);
when(jenkins.getACL()).thenReturn(new ACL() {
public boolean hasPermission(Authentication a, Permission permission) {
return false;
}
});
mockStatic(Jenkins.class);
when(Jenkins.getAuthentication()).thenReturn(authentication);
when(Jenkins.get()).thenReturn(jenkins);
try {
// After Jenkins 2.77 hasPermission is no longer in Node.class and is not final so we need to mock it
// prior to it is called as being final and mocking it will fail for the same reason.
// TODO remove after core base line is >= 2.77
Node.class.getDeclaredMethod("hasPermission", Permission.class);
} catch (NoSuchMethodException e) {
when(jenkins.hasPermission(Mockito.any())).thenAnswer(new Answer<Boolean>() {
public Boolean answer(InvocationOnMock invocation) {
Permission permission = invocation.getArgument(0);
Jenkins j = (Jenkins) invocation.getMock();
ACL acl = j.getACL();
try {
return acl.hasPermission(permission);
} catch (NullPointerException x) {
throw new AssumptionViolatedException("TODO cannot be made to work prior to Spring Security update", x);
}
}
});
}
mockStatic(User.class);
when(User.get("some_user", false, Collections.EMPTY_MAP)).thenReturn(user);
}
Aggregations