Examples with Permissions jetbrains.buildServer.serverSide.auth.Permissions used on opensource projects

Search in sources :

Example 1 with Permissions

use of jetbrains.buildServer.serverSide.auth.Permissions in project teamcity-rest by JetBrains.

the class PermissionAssignmentFinder method getPermissions.

@NotNull
private FinderDataBinding.ItemHolder<PermissionAssignmentData> getPermissions(@NotNull final TypedFinderBuilder.DimensionObjects dimensions, @NotNull final AuthorityHolder authorityHolder, @NotNull final ServiceLocator serviceLocator) {
    /* The rest of the code in this method is mostly performance optimization producing the same results (with possibly changed sorting).
    if (true) {
      List<Permission> globalPermissions = authorityHolder.getGlobalPermissions().toList();
      Set<Permission> globalPermissionsSet = new HashSet<>(globalPermissions); //TeamCity API issue: this set is used to exclude global permissions from project-level ones
      return FinderDataBinding.getItemHolder(Stream.concat(
        globalPermissions.stream().map(p -> new PermissionAssignmentData(p)),
        authorityHolder.getProjectsPermissions().entrySet().stream().flatMap(
          entry -> entry.getValue().toList().stream().filter(p -> !globalPermissionsSet.contains(p)).map(p -> new PermissionAssignmentData(p, entry.getKey())))));
    }
    */
    List<Permission> permissions_raw = dimensions.get(PERMISSION);
    List<List<SProject>> projects_raw = dimensions.get(PROJECT);
    if (projects_raw != null && !projects_raw.isEmpty() && projects_raw.size() > 1) {
        throw new BadRequestException("Multiple projects dimensions are not supported");
    }
    @Nullable List<SProject> projects = projects_raw == null || projects_raw.isEmpty() ? null : projects_raw.get(0);
    if (permissions_raw != null && !permissions_raw.isEmpty() && permissions_raw.size() > 1) {
        throw new BadRequestException("Multiple permissions dimensions are not supported");
    }
    // permissions_raw is ANDed, permissions is ORed, but so far it is not supported: todo implement
    List<Permission> permissions = permissions_raw;
    Stream<PermissionAssignmentData> result = Stream.empty();
    List<Boolean> global_raw = dimensions.get(GLOBAL);
    if (global_raw != null && !global_raw.isEmpty() && global_raw.size() > 1) {
        throw new BadRequestException("Multiple global dimensions are not supported");
    }
    Boolean global = global_raw == null ? null : global_raw.get(0);
    if ((permissions == null || permissions.isEmpty())) {
        if (projects == null) {
            if (global == null || global) {
                result = Stream.concat(result, authorityHolder.getGlobalPermissions().toList().stream().map(p -> new PermissionAssignmentData(p)));
            }
            if (global == null || !global) {
                result = Stream.concat(result, authorityHolder.getProjectsPermissions().entrySet().stream().flatMap(entry -> entry.getValue().toList().stream().filter(p -> p.isProjectAssociationSupported()).map(p -> new PermissionAssignmentData(p, entry.getKey()))));
            }
            return FinderDataBinding.getItemHolder(result);
        }
        if (global == null || global) {
            result = Stream.concat(result, authorityHolder.getGlobalPermissions().toList().stream().filter(p -> p.isProjectAssociationSupported()).map(p -> new PermissionAssignmentData(p)));
        }
        if (global == null || !global) {
            result = Stream.concat(result, projects.stream().flatMap(project -> {
                Permissions projectPermissions = authorityHolder.getProjectsPermissions().get(project.getProjectId());
                return projectPermissions == null ? Stream.empty() : projectPermissions.toList().stream().filter(p -> p.isProjectAssociationSupported()).map(p -> new PermissionAssignmentData(p, project.getProjectId()));
            }));
        }
        return FinderDataBinding.getItemHolder(result);
    }
    if (projects == null) {
        if (global == null || global) {
            result = Stream.concat(result, permissions.stream().filter(p -> authorityHolder.isPermissionGrantedGlobally(p)).map(p -> new PermissionAssignmentData(p)));
        }
        if (global == null || !global) {
            List<SProject> allProjects = serviceLocator.getSingletonService(ProjectManager.class).getProjects();
            result = Stream.concat(result, permissions.stream().filter(p -> p.isProjectAssociationSupported()).flatMap(p -> allProjects.stream().filter(project -> {
                Permissions projectPermissions = authorityHolder.getProjectsPermissions().get(project.getProjectId());
                return projectPermissions != null && projectPermissions.contains(p);
            }).map(project -> new PermissionAssignmentData(p, project.getProjectId()))));
        }
        return FinderDataBinding.getItemHolder(result);
    }
    if (global == null || global) {
        result = Stream.concat(result, permissions.stream().filter(p -> p.isProjectAssociationSupported()).filter(p -> authorityHolder.isPermissionGrantedGlobally(p)).map(p -> new PermissionAssignmentData(p)));
    }
    if (global == null || !global) {
        result = Stream.concat(result, projects.stream().flatMap(project -> permissions.stream().filter(p -> p.isProjectAssociationSupported()).filter(p -> {
            Permissions projectPermissions = authorityHolder.getProjectsPermissions().get(project.getProjectId());
            return projectPermissions != null && projectPermissions.contains(p);
        }).map(p -> new PermissionAssignmentData(p, project.getProjectId()))));
    }
    return FinderDataBinding.getItemHolder(result);
}
Also used : Nullable(org.jetbrains.annotations.Nullable) List(java.util.List) Stream(java.util.stream.Stream) ServiceLocator(jetbrains.buildServer.ServiceLocator) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) AuthorityHolder(jetbrains.buildServer.serverSide.auth.AuthorityHolder) Permission(jetbrains.buildServer.serverSide.auth.Permission) SProject(jetbrains.buildServer.serverSide.SProject) ProjectManager(jetbrains.buildServer.serverSide.ProjectManager) NotNull(org.jetbrains.annotations.NotNull) BadRequestException(jetbrains.buildServer.server.rest.errors.BadRequestException) SProject(jetbrains.buildServer.serverSide.SProject) ProjectManager(jetbrains.buildServer.serverSide.ProjectManager) Permission(jetbrains.buildServer.serverSide.auth.Permission) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) BadRequestException(jetbrains.buildServer.server.rest.errors.BadRequestException) List(java.util.List) Nullable(org.jetbrains.annotations.Nullable) NotNull(org.jetbrains.annotations.NotNull)

Example 2 with Permissions

use of jetbrains.buildServer.serverSide.auth.Permissions in project teamcity-rest by JetBrains.

the class ProjectFinderTest method testUserPermissionDimension.

@Test
public void testUserPermissionDimension() throws Exception {
    myFixture.getServerSettings().setPerProjectPermissionsEnabled(true);
    ProjectEx root = myProjectManager.getRootProject();
    final SProject project10 = createProject("p10", "project 10");
    final SProject project10_10 = project10.createProject("p10_10", "p10 child1");
    final SProject project20 = createProject("p20", "project 20");
    final SProject project30 = createProject("p30", "project 30");
    RoleImpl role10 = new RoleImpl("role10", "custom role", new Permissions(Permission.TAG_BUILD), myFixture.getRolesManager());
    myFixture.getRolesManager().addRole(role10);
    RoleImpl role20 = new RoleImpl("role20", "custom role", new Permissions(Permission.CHANGE_SERVER_SETTINGS, Permission.LABEL_BUILD), myFixture.getRolesManager());
    myFixture.getRolesManager().addRole(role20);
    RoleImpl role30 = new RoleImpl("role30", "custom role", new Permissions(Permission.RUN_BUILD), myFixture.getRolesManager());
    myFixture.getRolesManager().addRole(role30);
    role30.addIncludedRole(role10);
    final SUser user10 = createUser("user10");
    final SUser user20 = createUser("user20");
    final SUser user30 = createUser("user30");
    final SUser user40 = createUser("user40");
    final SUserGroup group10 = myFixture.createUserGroup("group1", "group 1", "");
    final SUserGroup group20 = myFixture.createUserGroup("group1.1", "group 1.1", "");
    group10.addSubgroup(group20);
    group20.addUser(user20);
    group10.addRole(RoleScope.projectScope(project10.getProjectId()), role30);
    user10.addRole(RoleScope.projectScope(project10_10.getProjectId()), role10);
    user30.addRole(RoleScope.globalScope(), role30);
    user40.addRole(RoleScope.projectScope(project10_10.getProjectId()), role20);
    check(null, getRootProject(), project10, project10_10, project20, project30);
    check("userPermission:(user:(id:" + user10.getId() + "),permission:tag_build)", project10_10);
    checkExceptionOnItemsSearch(LocatorProcessException.class, "userPermission:(user:(id:" + user10.getId() + "))");
    checkExceptionOnItemsSearch(LocatorProcessException.class, "userPermission:(permission:view_project)");
    check("userPermission:(user:(id:" + user20.getId() + "),permission:tag_build)", project10, project10_10);
    // project permission granted globally
    check("userPermission:(user:(id:" + user30.getId() + "),permission:TAG_BUILD)", getRootProject(), project10, project10_10, project20, project30);
    check("userPermission:(user:(id:" + user30.getId() + "),permission:change_server_settings)");
    // global permission
    check("userPermission:(user:(id:" + user40.getId() + "),permission:change_server_settings)", getRootProject(), project10, project10_10, project20, project30);
    check("userPermission:(user:(id:" + user40.getId() + "),permission:TAG_BUILD)");
    RoleImpl role11 = new RoleImpl("role11", "custom role", new Permissions(Permission.VIEW_PROJECT), myFixture.getRolesManager());
    myFixture.getRolesManager().addRole(role11);
    user10.addRole(RoleScope.projectScope(project10_10.getProjectId()), role11);
    // view project is propagated on top
    check("userPermission:(user:(id:" + user10.getId() + "),permission:view_project)", getRootProject(), project10, project10_10);
}
Also used : ProjectEx(jetbrains.buildServer.serverSide.impl.ProjectEx) RoleImpl(jetbrains.buildServer.serverSide.impl.auth.RoleImpl) SUser(jetbrains.buildServer.users.SUser) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) SUserGroup(jetbrains.buildServer.groups.SUserGroup) SProject(jetbrains.buildServer.serverSide.SProject) Test(org.testng.annotations.Test)

Example 3 with Permissions

use of jetbrains.buildServer.serverSide.auth.Permissions in project teamcity-rest by JetBrains.

the class ServerRequestTest method test_user_needs_view_agent_details_permission_to_access_avaliable_agents.

@Test(description = "TW-68673")
public void test_user_needs_view_agent_details_permission_to_access_avaliable_agents() throws Throwable {
    MockAuthorityHolder mockUser = new MockAuthorityHolder();
    mockUser.globalPerms = new Permissions(Permission.VIEW_AGENT_DETAILS);
    myFixture.getSecurityContext().runAs(mockUser, () -> {
        LicensingData data = myRequest.getLicensingData("maxAgents,serverLicenseType,agentsLeft");
        assertNull(data.maxAgents);
        assertNull(data.serverLicenseType);
        assertNotNull(data.getAgentsLeft());
    });
}
Also used : LicensingData(jetbrains.buildServer.server.rest.model.server.LicensingData) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) MockAuthorityHolder(jetbrains.buildServer.serverSide.impl.MockAuthorityHolder) BaseFinderTest(jetbrains.buildServer.server.rest.data.BaseFinderTest) Test(org.testng.annotations.Test)

Example 4 with Permissions

use of jetbrains.buildServer.serverSide.auth.Permissions in project teamcity-rest by JetBrains.

the class ServerRequestTest method test_user_needs_manage_server_licenses_permission_to_access_licensing_data.

@Test
public void test_user_needs_manage_server_licenses_permission_to_access_licensing_data() throws Throwable {
    MockAuthorityHolder mockUser = new MockAuthorityHolder();
    myFixture.getSecurityContext().runAs(mockUser, () -> {
        LicensingData data = myRequest.getLicensingData("maxAgents,serverLicenseType,agentsLeft");
        assertNull(data.maxAgents);
        assertNull(data.serverLicenseType);
        assertNull(data.getAgentsLeft());
    });
    mockUser.globalPerms = new Permissions(Permission.MANAGE_SERVER_LICENSES);
    myFixture.getSecurityContext().runAs(mockUser, () -> {
        LicensingData data = myRequest.getLicensingData("maxAgents,serverLicenseType,agentsLeft");
        assertNotNull(data.maxAgents);
        assertNotNull(data.serverLicenseType);
        assertNotNull(data.getAgentsLeft());
    });
}
Also used : LicensingData(jetbrains.buildServer.server.rest.model.server.LicensingData) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) MockAuthorityHolder(jetbrains.buildServer.serverSide.impl.MockAuthorityHolder) BaseFinderTest(jetbrains.buildServer.server.rest.data.BaseFinderTest) Test(org.testng.annotations.Test)

Example 5 with Permissions

use of jetbrains.buildServer.serverSide.auth.Permissions in project teamcity-rest by JetBrains.

the class DebugRequest method getRolesStringPresentation.

@NotNull
public static String getRolesStringPresentation(@NotNull final AuthorityHolder authorityHolder, @NotNull final ProjectManager projectManager) {
    StringBuilder result = new StringBuilder();
    final Permission[] globalPermissions = authorityHolder.getGlobalPermissions().toArray();
    if (globalPermissions.length > 0) {
        result.append("Global:\n");
        for (Permission p : globalPermissions) {
            result.append("\t").append(p.getName()).append("\n");
        }
    }
    for (Map.Entry<String, Permissions> permissionsEntry : authorityHolder.getProjectsPermissions().entrySet()) {
        SProject projectById = null;
        try {
            projectById = projectManager.findProjectById(permissionsEntry.getKey());
        } catch (Exception e) {
        // ignore
        }
        if (projectById != null) {
            result.append("Project ").append(projectById.describe(false)).append("\n");
        } else {
            result.append("Project internal id: ").append(permissionsEntry.getKey()).append("\n");
        }
        for (Permission p : permissionsEntry.getValue().toArray()) {
            result.append("\t").append(p.getName()).append("\n");
        }
    }
    return result.toString();
}
Also used : Permission(jetbrains.buildServer.serverSide.auth.Permission) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) BadRequestException(jetbrains.buildServer.server.rest.errors.BadRequestException) OperationException(jetbrains.buildServer.server.rest.errors.OperationException) NotFoundException(jetbrains.buildServer.server.rest.errors.NotFoundException) AuthorizationFailedException(jetbrains.buildServer.server.rest.errors.AuthorizationFailedException) SQLException(java.sql.SQLException) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) NotNull(org.jetbrains.annotations.NotNull)

Aggregations

Permissions (jetbrains.buildServer.serverSide.auth.Permissions)9 Test (org.testng.annotations.Test)6 ProjectEx (jetbrains.buildServer.serverSide.impl.ProjectEx)4 RoleImpl (jetbrains.buildServer.serverSide.impl.auth.RoleImpl)4 SUser (jetbrains.buildServer.users.SUser)4 SUserGroup (jetbrains.buildServer.groups.SUserGroup)3 MockAuthorityHolder (jetbrains.buildServer.serverSide.impl.MockAuthorityHolder)3 BaseFinderTest (jetbrains.buildServer.server.rest.data.BaseFinderTest)2 BadRequestException (jetbrains.buildServer.server.rest.errors.BadRequestException)2 LicensingData (jetbrains.buildServer.server.rest.model.server.LicensingData)2 SProject (jetbrains.buildServer.serverSide.SProject)2 Permission (jetbrains.buildServer.serverSide.auth.Permission)2 NotNull (org.jetbrains.annotations.NotNull)2 IOException (java.io.IOException)1 UnknownHostException (java.net.UnknownHostException)1 SQLException (java.sql.SQLException)1 List (java.util.List)1 Stream (java.util.stream.Stream)1 ServiceLocator (jetbrains.buildServer.ServiceLocator)1 AgentPool (jetbrains.buildServer.server.graphql.model.agentPool.AgentPool)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial