use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.
the class Build method canViewRuntimeData.
public static boolean canViewRuntimeData(@NotNull PermissionChecker permissionChecker, @NotNull BuildPromotion buildPromotion) {
final SBuildType buildType = buildPromotion.getBuildType();
final AuthorityHolder authorityHolder = permissionChecker.getCurrent();
if (buildType == null) {
return authorityHolder.isPermissionGrantedGlobally(Permission.VIEW_BUILD_RUNTIME_DATA);
}
return authorityHolder.isPermissionGrantedForProject(buildType.getProjectId(), Permission.VIEW_BUILD_RUNTIME_DATA);
}
use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.
the class BuildType method createNewBuildTypeFromPosted.
@NotNull
public BuildTypeOrTemplate createNewBuildTypeFromPosted(@NotNull final ServiceLocator serviceLocator) {
SProject project;
SubmitedParameters submittedParams = mySubmitted.get();
if (submittedParams.project == null) {
if (submittedParams.projectId == null) {
throw new BadRequestException("Build type creation request should contain project node.");
}
// noinspection ConstantConditions
project = serviceLocator.findSingletonService(ProjectManager.class).findProjectByExternalId(submittedParams.projectId);
if (project == null) {
throw new BadRequestException("Cannot find project with id '" + submittedParams.projectId + "'.");
}
} else {
// noinspection ConstantConditions
project = submittedParams.project.getProjectFromPosted(serviceLocator.findSingletonService(ProjectFinder.class));
}
if (StringUtil.isEmpty(submittedParams.name)) {
throw new BadRequestException("When creating a build type, non empty name should be provided.");
}
final BuildTypeOrTemplate resultingBuildType = createEmptyBuildTypeOrTemplate(serviceLocator, project, submittedParams.name);
try {
fillBuildTypeOrTemplate(new BuildTypeOrTemplatePatcher() {
@NotNull
public BuildTypeOrTemplate getBuildTypeOrTemplate() {
return resultingBuildType;
}
}, serviceLocator);
} catch (Exception e) {
// error on filling the build type, should not preserve the created empty build type
AuthorityHolder authorityHolder = myBeanContext.getSingletonService(SecurityContext.class).getAuthorityHolder();
resultingBuildType.remove((SUser) authorityHolder.getAssociatedUser(), resultingBuildType.isBuildType() ? "Removing broken build configuration" : "Removing broken template");
throw e;
}
return resultingBuildType;
}
use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.
the class ChangeFinder method getProjectChanges.
@NotNull
private List<SVcsModification> getProjectChanges(@NotNull final SProject project, @Nullable final Long sinceChangeId) {
final List<VcsRootInstance> vcsRoots = project.getVcsRootInstances();
final List<SVcsModification> result = new ArrayList<>();
Set<Long> interestingRootIds = vcsRoots.stream().map(VcsRoot::getId).collect(Collectors.toSet());
VcsModificationsStorage vcsModificationsStorage = myServiceLocator.getSingletonService(VcsModificationsStorage.class);
SecurityContext securityContext = myServiceLocator.getSingletonService(SecurityContext.class);
final AuthorityHolder authorityHolder = securityContext.getAuthorityHolder();
vcsModificationsStorage.processModifications(m -> {
if (sinceChangeId != null && m.getId() < sinceChangeId)
return false;
if (interestingRootIds.contains(m.getVcsRoot().getId()) && AuthUtil.hasReadAccessTo(authorityHolder, m)) {
result.add(m);
}
return true;
});
return result;
}
use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.
the class AbstractAgentPoolResolver method permissions.
@NotNull
public AgentPoolPermissions permissions(@NotNull AbstractAgentPool pool, @NotNull DataFetchingEnvironment env) {
jetbrains.buildServer.serverSide.agentPools.AgentPool realPool = pool.getRealPool();
int poolId = realPool.getAgentPoolId();
AuthorityHolder authHolder = mySecurityContext.getAuthorityHolder();
boolean canManagePool = !realPool.isProjectPool() && realPool.getAgentPoolId() != AgentPool.DEFAULT_POOL_ID && authHolder.isPermissionGrantedGlobally(Permission.MANAGE_AGENT_POOLS);
BooleanSupplier canAuthorizeUnauthorizeAgent = () -> AuthUtil.hasPermissionToAuthorizeAgentsInPool(authHolder, realPool);
BooleanSupplier canEnableDisableAgent = () -> AuthUtil.hasPermissionToEnableAgentsInPool(authHolder, realPool);
BooleanSupplier canManageProjectPoolAssociations = () -> myPoolActionsAccessChecker.canManageProjectsInPool(poolId);
BooleanSupplier canManageAgents = () -> myPoolActionsAccessChecker.canManageAgentsInPool(realPool);
return new AgentPoolPermissions(canAuthorizeUnauthorizeAgent, canManageProjectPoolAssociations, canEnableDisableAgent, canManageAgents, canManagePool);
}
use of jetbrains.buildServer.serverSide.auth.AuthorityHolder in project teamcity-rest by JetBrains.
the class AgentPoolResolver method assignableCloudImages.
@NotNull
public AgentPoolCloudImagesConnection assignableCloudImages(@NotNull AgentPool pool, @NotNull DataFetchingEnvironment env) {
AuthorityHolder authHolder = mySecurityContext.getAuthorityHolder();
jetbrains.buildServer.serverSide.agentPools.AgentPool defaultPool = myPoolManager.findAgentPoolById(jetbrains.buildServer.serverSide.agentPools.AgentPool.DEFAULT_POOL_ID);
if (!AuthUtil.hasGlobalOrPoolProjectsPermission(authHolder, defaultPool, Permission.MANAGE_AGENT_POOLS, Permission.MANAGE_AGENT_POOLS_FOR_PROJECT)) {
return AgentPoolCloudImagesConnection.empty();
}
if (!myPoolActionsAccessChecker.canManageAgentsInPool(pool.getRealPool())) {
return AgentPoolCloudImagesConnection.empty();
}
final Set<String> profileIdsInRootProject = myProjectManager.getRootProject().getOwnFeaturesOfType(CloudConstants.CLOUD_PROFILE_FEATURE_TYPE).stream().map(SProjectFeatureDescriptor::getId).collect(Collectors.toSet());
List<Pair<CloudProfile, CloudImage>> images = new ArrayList<>();
profileIdsInRootProject.forEach(profileId -> {
CloudClientEx client = myCloudManager.getClientIfExists(BuildProject.ROOT_PROJECT_ID, profileId);
CloudProfile profile = myCloudManager.findProfileById(BuildProject.ROOT_PROJECT_ID, profileId);
if (client == null || profile == null)
return;
client.getImages().stream().filter(image -> {
AgentTypeKey key = new AgentTypeKey(profile.getCloudCode(), profileId, image.getId());
AgentType type = myAgentTypeManager.findAgentTypeByKey(key);
return type != null && pool.getRealPool().getAgentPoolId() != type.getAgentPoolId();
}).forEach(image -> {
images.add(new Pair<>(profile, image));
});
});
return new AgentPoolCloudImagesConnection(images, PaginationArguments.everything());
}
Aggregations