Search in sources :

Example 6 with AuthorityHolder

use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.

the class Build method canViewRuntimeData.

public static boolean canViewRuntimeData(@NotNull PermissionChecker permissionChecker, @NotNull BuildPromotion buildPromotion) {
    final SBuildType buildType = buildPromotion.getBuildType();
    final AuthorityHolder authorityHolder = permissionChecker.getCurrent();
    if (buildType == null) {
        return authorityHolder.isPermissionGrantedGlobally(Permission.VIEW_BUILD_RUNTIME_DATA);
    }
    return authorityHolder.isPermissionGrantedForProject(buildType.getProjectId(), Permission.VIEW_BUILD_RUNTIME_DATA);
}
Also used : AuthorityHolder(jetbrains.buildServer.serverSide.auth.AuthorityHolder)

Example 7 with AuthorityHolder

use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.

the class BuildType method createNewBuildTypeFromPosted.

@NotNull
public BuildTypeOrTemplate createNewBuildTypeFromPosted(@NotNull final ServiceLocator serviceLocator) {
    SProject project;
    SubmitedParameters submittedParams = mySubmitted.get();
    if (submittedParams.project == null) {
        if (submittedParams.projectId == null) {
            throw new BadRequestException("Build type creation request should contain project node.");
        }
        // noinspection ConstantConditions
        project = serviceLocator.findSingletonService(ProjectManager.class).findProjectByExternalId(submittedParams.projectId);
        if (project == null) {
            throw new BadRequestException("Cannot find project with id '" + submittedParams.projectId + "'.");
        }
    } else {
        // noinspection ConstantConditions
        project = submittedParams.project.getProjectFromPosted(serviceLocator.findSingletonService(ProjectFinder.class));
    }
    if (StringUtil.isEmpty(submittedParams.name)) {
        throw new BadRequestException("When creating a build type, non empty name should be provided.");
    }
    final BuildTypeOrTemplate resultingBuildType = createEmptyBuildTypeOrTemplate(serviceLocator, project, submittedParams.name);
    try {
        fillBuildTypeOrTemplate(new BuildTypeOrTemplatePatcher() {

            @NotNull
            public BuildTypeOrTemplate getBuildTypeOrTemplate() {
                return resultingBuildType;
            }
        }, serviceLocator);
    } catch (Exception e) {
        // error on filling the build type, should not preserve the created empty build type
        AuthorityHolder authorityHolder = myBeanContext.getSingletonService(SecurityContext.class).getAuthorityHolder();
        resultingBuildType.remove((SUser) authorityHolder.getAssociatedUser(), resultingBuildType.isBuildType() ? "Removing broken build configuration" : "Removing broken template");
        throw e;
    }
    return resultingBuildType;
}
Also used : BuildTypeOrTemplate(jetbrains.buildServer.server.rest.util.BuildTypeOrTemplate) SUser(jetbrains.buildServer.users.SUser) BadRequestException(jetbrains.buildServer.server.rest.errors.BadRequestException) NotNull(org.jetbrains.annotations.NotNull) AuthorityHolder(jetbrains.buildServer.serverSide.auth.AuthorityHolder) BadRequestException(jetbrains.buildServer.server.rest.errors.BadRequestException) NotNull(org.jetbrains.annotations.NotNull)

Example 8 with AuthorityHolder

use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.

the class ChangeFinder method getProjectChanges.

@NotNull
private List<SVcsModification> getProjectChanges(@NotNull final SProject project, @Nullable final Long sinceChangeId) {
    final List<VcsRootInstance> vcsRoots = project.getVcsRootInstances();
    final List<SVcsModification> result = new ArrayList<>();
    Set<Long> interestingRootIds = vcsRoots.stream().map(VcsRoot::getId).collect(Collectors.toSet());
    VcsModificationsStorage vcsModificationsStorage = myServiceLocator.getSingletonService(VcsModificationsStorage.class);
    SecurityContext securityContext = myServiceLocator.getSingletonService(SecurityContext.class);
    final AuthorityHolder authorityHolder = securityContext.getAuthorityHolder();
    vcsModificationsStorage.processModifications(m -> {
        if (sinceChangeId != null && m.getId() < sinceChangeId)
            return false;
        if (interestingRootIds.contains(m.getVcsRoot().getId()) && AuthUtil.hasReadAccessTo(authorityHolder, m)) {
            result.add(m);
        }
        return true;
    });
    return result;
}
Also used : SecurityContext(jetbrains.buildServer.serverSide.auth.SecurityContext) AuthorityHolder(jetbrains.buildServer.serverSide.auth.AuthorityHolder) NotNull(org.jetbrains.annotations.NotNull)

Example 9 with AuthorityHolder

use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.

the class AbstractAgentPoolResolver method permissions.

@NotNull
public AgentPoolPermissions permissions(@NotNull AbstractAgentPool pool, @NotNull DataFetchingEnvironment env) {
    jetbrains.buildServer.serverSide.agentPools.AgentPool realPool = pool.getRealPool();
    int poolId = realPool.getAgentPoolId();
    AuthorityHolder authHolder = mySecurityContext.getAuthorityHolder();
    boolean canManagePool = !realPool.isProjectPool() && realPool.getAgentPoolId() != AgentPool.DEFAULT_POOL_ID && authHolder.isPermissionGrantedGlobally(Permission.MANAGE_AGENT_POOLS);
    BooleanSupplier canAuthorizeUnauthorizeAgent = () -> AuthUtil.hasPermissionToAuthorizeAgentsInPool(authHolder, realPool);
    BooleanSupplier canEnableDisableAgent = () -> AuthUtil.hasPermissionToEnableAgentsInPool(authHolder, realPool);
    BooleanSupplier canManageProjectPoolAssociations = () -> myPoolActionsAccessChecker.canManageProjectsInPool(poolId);
    BooleanSupplier canManageAgents = () -> myPoolActionsAccessChecker.canManageAgentsInPool(realPool);
    return new AgentPoolPermissions(canAuthorizeUnauthorizeAgent, canManageProjectPoolAssociations, canEnableDisableAgent, canManageAgents, canManagePool);
}
Also used : AgentPool(jetbrains.buildServer.serverSide.agentPools.AgentPool) AgentPoolPermissions(jetbrains.buildServer.server.graphql.model.agentPool.AgentPoolPermissions) AuthorityHolder(jetbrains.buildServer.serverSide.auth.AuthorityHolder) BooleanSupplier(java.util.function.BooleanSupplier) NotNull(org.jetbrains.annotations.NotNull)

Example 10 with AuthorityHolder

use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.

the class AgentPoolResolver method assignableCloudImages.

@NotNull
public AgentPoolCloudImagesConnection assignableCloudImages(@NotNull AgentPool pool, @NotNull DataFetchingEnvironment env) {
    AuthorityHolder authHolder = mySecurityContext.getAuthorityHolder();
    jetbrains.buildServer.serverSide.agentPools.AgentPool defaultPool = myPoolManager.findAgentPoolById(jetbrains.buildServer.serverSide.agentPools.AgentPool.DEFAULT_POOL_ID);
    if (!AuthUtil.hasGlobalOrPoolProjectsPermission(authHolder, defaultPool, Permission.MANAGE_AGENT_POOLS, Permission.MANAGE_AGENT_POOLS_FOR_PROJECT)) {
        return AgentPoolCloudImagesConnection.empty();
    }
    if (!myPoolActionsAccessChecker.canManageAgentsInPool(pool.getRealPool())) {
        return AgentPoolCloudImagesConnection.empty();
    }
    final Set<String> profileIdsInRootProject = myProjectManager.getRootProject().getOwnFeaturesOfType(CloudConstants.CLOUD_PROFILE_FEATURE_TYPE).stream().map(SProjectFeatureDescriptor::getId).collect(Collectors.toSet());
    List<Pair<CloudProfile, CloudImage>> images = new ArrayList<>();
    profileIdsInRootProject.forEach(profileId -> {
        CloudClientEx client = myCloudManager.getClientIfExists(BuildProject.ROOT_PROJECT_ID, profileId);
        CloudProfile profile = myCloudManager.findProfileById(BuildProject.ROOT_PROJECT_ID, profileId);
        if (client == null || profile == null)
            return;
        client.getImages().stream().filter(image -> {
            AgentTypeKey key = new AgentTypeKey(profile.getCloudCode(), profileId, image.getId());
            AgentType type = myAgentTypeManager.findAgentTypeByKey(key);
            return type != null && pool.getRealPool().getAgentPoolId() != type.getAgentPoolId();
        }).forEach(image -> {
            images.add(new Pair<>(profile, image));
        });
    });
    return new AgentPoolCloudImagesConnection(images, PaginationArguments.everything());
}
Also used : DataFetchingEnvironment(graphql.schema.DataFetchingEnvironment) CloudClientEx(jetbrains.buildServer.clouds.CloudClientEx) AgentTypeManager(jetbrains.buildServer.serverSide.agentTypes.AgentTypeManager) CloudProfile(jetbrains.buildServer.clouds.CloudProfile) AgentPool(jetbrains.buildServer.server.graphql.model.agentPool.AgentPool) AuthorityHolder(jetbrains.buildServer.serverSide.auth.AuthorityHolder) AgentPoolProjectsConnection(jetbrains.buildServer.server.graphql.model.connections.agentPool.AgentPoolProjectsConnection) PaginationArguments(jetbrains.buildServer.server.graphql.model.connections.PaginationArguments) ArrayList(java.util.ArrayList) AgentType(jetbrains.buildServer.serverSide.agentTypes.AgentType) CloudImage(jetbrains.buildServer.clouds.CloudImage) AgentTypeKey(jetbrains.buildServer.serverSide.agentTypes.AgentTypeKey) SecurityContext(jetbrains.buildServer.serverSide.auth.SecurityContext) AgentPoolAgentsConnection(jetbrains.buildServer.server.graphql.model.connections.agentPool.AgentPoolAgentsConnection) ProjectsConnection(jetbrains.buildServer.server.graphql.model.connections.ProjectsConnection) jetbrains.buildServer.serverSide(jetbrains.buildServer.serverSide) Set(java.util.Set) AgentPoolPermissions(jetbrains.buildServer.server.graphql.model.agentPool.AgentPoolPermissions) ModelResolver(jetbrains.buildServer.server.graphql.util.ModelResolver) Collectors(java.util.stream.Collectors) CloudManagerBase(jetbrains.buildServer.clouds.server.CloudManagerBase) Nullable(org.jetbrains.annotations.Nullable) List(java.util.List) Component(org.springframework.stereotype.Component) ProjectsFilter(jetbrains.buildServer.server.graphql.model.filter.ProjectsFilter) Permission(jetbrains.buildServer.serverSide.auth.Permission) jetbrains.buildServer.server.graphql.model.agentPool.actions(jetbrains.buildServer.server.graphql.model.agentPool.actions) AgentPoolCloudImagesConnection(jetbrains.buildServer.server.graphql.model.connections.agentPool.AgentPoolCloudImagesConnection) Pair(com.intellij.openapi.util.Pair) AuthUtil(jetbrains.buildServer.serverSide.auth.AuthUtil) CloudConstants(jetbrains.buildServer.clouds.CloudConstants) AgentPoolManager(jetbrains.buildServer.serverSide.agentPools.AgentPoolManager) NotNull(org.jetbrains.annotations.NotNull) BuildProject(jetbrains.buildServer.BuildProject) CloudProfile(jetbrains.buildServer.clouds.CloudProfile) CloudClientEx(jetbrains.buildServer.clouds.CloudClientEx) AgentTypeKey(jetbrains.buildServer.serverSide.agentTypes.AgentTypeKey) ArrayList(java.util.ArrayList) AgentType(jetbrains.buildServer.serverSide.agentTypes.AgentType) AgentPoolCloudImagesConnection(jetbrains.buildServer.server.graphql.model.connections.agentPool.AgentPoolCloudImagesConnection) AuthorityHolder(jetbrains.buildServer.serverSide.auth.AuthorityHolder) Pair(com.intellij.openapi.util.Pair) NotNull(org.jetbrains.annotations.NotNull)

Aggregations

AuthorityHolder (jetbrains.buildServer.serverSide.auth.AuthorityHolder)10 NotNull (org.jetbrains.annotations.NotNull)8 SecurityContext (jetbrains.buildServer.serverSide.auth.SecurityContext)4 Pair (com.intellij.openapi.util.Pair)3 DataFetchingEnvironment (graphql.schema.DataFetchingEnvironment)3 List (java.util.List)3 Collectors (java.util.stream.Collectors)3 CloudClientEx (jetbrains.buildServer.clouds.CloudClientEx)3 CloudProfile (jetbrains.buildServer.clouds.CloudProfile)3 AgentPoolPermissions (jetbrains.buildServer.server.graphql.model.agentPool.AgentPoolPermissions)3 jetbrains.buildServer.serverSide (jetbrains.buildServer.serverSide)3 AuthUtil (jetbrains.buildServer.serverSide.auth.AuthUtil)3 Permission (jetbrains.buildServer.serverSide.auth.Permission)3 Component (org.springframework.stereotype.Component)3 DataFetcherResult (graphql.execution.DataFetcherResult)2 ArrayList (java.util.ArrayList)2 BooleanSupplier (java.util.function.BooleanSupplier)2 Stream (java.util.stream.Stream)2 Used (jetbrains.buildServer.Used)2 CloudImage (jetbrains.buildServer.clouds.CloudImage)2