Search in sources :

Example 1 with MatrixRow

use of org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow in project acceptance-test-harness by jenkinsci.

the class SAMLPluginTest method configureAuthorization.

private void configureAuthorization(GlobalSecurityConfig sc) {
    // Authorization
    MatrixAuthorizationStrategy mas = sc.useAuthorizationStrategy(MatrixAuthorizationStrategy.class);
    // groups coming from the SAML IdP
    // admins
    MatrixRow group1 = mas.addUser("group1");
    group1.admin();
    // readers
    MatrixRow group2 = mas.addUser("group2");
    group2.on(OVERALL_READ);
    // after save the user has no login, so automatic redirect to the auth service
    sc.save();
}
Also used : MatrixRow(org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow) MatrixAuthorizationStrategy(org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixAuthorizationStrategy)

Example 2 with MatrixRow

use of org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow in project acceptance-test-harness by jenkinsci.

the class MatrixAuthPluginTest method helloWorld.

/**
 * Test scenario:
 *
 * - we create admin user "alice" and regular limited user "bob"
 * - alice creates a new project
 * - bob shouldn't be able to see it
 */
@Test
public void helloWorld() throws Exception {
    GlobalSecurityConfig sc = new GlobalSecurityConfig(jenkins);
    sc.open();
    {
        MockSecurityRealm ms = sc.useRealm(MockSecurityRealm.class);
        ms.configure("alice", "bob");
        MatrixAuthorizationStrategy mas = sc.useAuthorizationStrategy(MatrixAuthorizationStrategy.class);
        MatrixRow a = mas.addUser("alice");
        a.admin();
        MatrixRow bob = mas.addUser("bob");
        bob.on(OVERALL_READ);
    }
    sc.save();
    jenkins.login().doLogin("alice");
    FreeStyleJob j = jenkins.jobs.create();
    j.save();
    jenkins.logout();
    // if we login as Bob, he shouldn't see the job
    jenkins.login().doLogin("bob");
    // check for job's existence
    assertFalse(j.open().getTitle().contains(j.name));
    jenkins.logout();
    // control assertion: alice should see the link
    jenkins.login().doLogin("alice");
    assertTrue(j.open().getTitle().contains(j.name));
}
Also used : MockSecurityRealm(org.jenkinsci.test.acceptance.plugins.mock_security_realm.MockSecurityRealm) MatrixRow(org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow) FreeStyleJob(org.jenkinsci.test.acceptance.po.FreeStyleJob) GlobalSecurityConfig(org.jenkinsci.test.acceptance.po.GlobalSecurityConfig) MatrixAuthorizationStrategy(org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixAuthorizationStrategy) ProjectBasedMatrixAuthorizationStrategy(org.jenkinsci.test.acceptance.plugins.matrix_auth.ProjectBasedMatrixAuthorizationStrategy) AbstractJUnitTest(org.jenkinsci.test.acceptance.junit.AbstractJUnitTest) Test(org.junit.Test)

Example 3 with MatrixRow

use of org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow in project acceptance-test-harness by jenkinsci.

the class JobDslPluginTest method setUpSecurity.

/**
 * Set up global security. Two users 'admin', with admin permission,
 * and 'user', with permissions necessary to manipulate jobs, will be generated.
 * Script security for Job DSL scripts will be enabled.
 * @return The global security configuration.
 */
private GlobalSecurityConfig setUpSecurity() {
    GlobalSecurityConfig sc = new GlobalSecurityConfig(jenkins);
    sc.configure(() -> {
        MockSecurityRealm ms = sc.useRealm(MockSecurityRealm.class);
        ms.configure(ADMIN, USER);
        MatrixAuthorizationStrategy mas = sc.useAuthorizationStrategy(MatrixAuthorizationStrategy.class);
        MatrixRow a = mas.addUser(ADMIN);
        a.admin();
        MatrixRow b = mas.addUser(USER);
        b.developer();
        sc.setJobDslScriptSecurity(true);
    });
    return sc;
}
Also used : MockSecurityRealm(org.jenkinsci.test.acceptance.plugins.mock_security_realm.MockSecurityRealm) MatrixRow(org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow) GlobalSecurityConfig(org.jenkinsci.test.acceptance.po.GlobalSecurityConfig) MatrixAuthorizationStrategy(org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixAuthorizationStrategy)

Example 4 with MatrixRow

use of org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow in project acceptance-test-harness by jenkinsci.

the class MatrixAuthPluginTest method projectMatrixAuth.

/**
 * Test scenario:
 */
@Test
public void projectMatrixAuth() throws Exception {
    GlobalSecurityConfig sc = new GlobalSecurityConfig(jenkins);
    sc.open();
    {
        MockSecurityRealm ms = sc.useRealm(MockSecurityRealm.class);
        ms.configure("alice", "bob");
        ProjectBasedMatrixAuthorizationStrategy mas = sc.useAuthorizationStrategy(ProjectBasedMatrixAuthorizationStrategy.class);
        MatrixRow a = mas.addUser("alice");
        a.admin();
        MatrixRow bob = mas.addUser("bob");
        bob.on(OVERALL_READ);
    }
    sc.save();
    jenkins.login().doLogin("alice");
    // just create the job without configuring
    FreeStyleJob j = jenkins.jobs.create();
    jenkins.logout();
    // bob shouldn't be able to see it without adding a permission for him
    jenkins.login().doLogin("bob");
    // check for job's existence
    assertFalse(j.open().getTitle().contains(j.name));
    jenkins.logout();
    // alice will expose this job to bob
    jenkins.login().doLogin("alice");
    j.configure();
    {
        ProjectMatrixProperty p = new ProjectMatrixProperty(j);
        p.enable.check();
        MatrixRow bob = p.addUser("bob");
        bob.on(ITEM_READ);
    }
    j.save();
    jenkins.logout();
    // bob should see this job
    jenkins.login().doLogin("bob");
    assertTrue(j.open().getTitle().contains(j.name));
}
Also used : ProjectMatrixProperty(org.jenkinsci.test.acceptance.plugins.matrix_auth.ProjectMatrixProperty) MockSecurityRealm(org.jenkinsci.test.acceptance.plugins.mock_security_realm.MockSecurityRealm) MatrixRow(org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow) FreeStyleJob(org.jenkinsci.test.acceptance.po.FreeStyleJob) GlobalSecurityConfig(org.jenkinsci.test.acceptance.po.GlobalSecurityConfig) ProjectBasedMatrixAuthorizationStrategy(org.jenkinsci.test.acceptance.plugins.matrix_auth.ProjectBasedMatrixAuthorizationStrategy) AbstractJUnitTest(org.jenkinsci.test.acceptance.junit.AbstractJUnitTest) Test(org.junit.Test)

Aggregations

MatrixRow (org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixRow)4 MatrixAuthorizationStrategy (org.jenkinsci.test.acceptance.plugins.matrix_auth.MatrixAuthorizationStrategy)3 MockSecurityRealm (org.jenkinsci.test.acceptance.plugins.mock_security_realm.MockSecurityRealm)3 GlobalSecurityConfig (org.jenkinsci.test.acceptance.po.GlobalSecurityConfig)3 AbstractJUnitTest (org.jenkinsci.test.acceptance.junit.AbstractJUnitTest)2 ProjectBasedMatrixAuthorizationStrategy (org.jenkinsci.test.acceptance.plugins.matrix_auth.ProjectBasedMatrixAuthorizationStrategy)2 FreeStyleJob (org.jenkinsci.test.acceptance.po.FreeStyleJob)2 Test (org.junit.Test)2 ProjectMatrixProperty (org.jenkinsci.test.acceptance.plugins.matrix_auth.ProjectMatrixProperty)1