Skip to content

J
jenkins

LinuxSuRen / jenkins
与 Fork 源项目一致

从无法访问的项目Fork

通知 2
Star 0
Fork 0
J
jenkins

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
查找文件 普通视图历史永久链接Permalink
ProjectMatrixAuthorizationStrategy.java 4.5 KB
Newer Older
K
license header clean up  
kohsuke 已提交
1 2 3 
/*
 * The MIT License
 *
D
Fixed copyright attributions. The copyrights belong to my employer, not me.  
dty 已提交
4 
 * Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi, Yahoo! Inc., Seiji Sogabe, Tom Huybrechts
K
license header clean up  
kohsuke 已提交
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 
 * 
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 * 
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 * 
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
24 25 
package hudson.security;
K
inherit from parent, not just the root  
Kohsuke Kawaguchi 已提交
26 
import hudson.model.AbstractItem;
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
27 
import hudson.model.Descriptor;
N
Move hudson.model.Jenkins to be jenkins.model.Jenkins - part II  
Nigel Magnay 已提交
28 
import jenkins.model.Jenkins;
K
inherit from parent, not just the root  
Kohsuke Kawaguchi 已提交
29 30 
import hudson.model.Item;
import hudson.model.ItemGroup;
M
[FIXED HUDSON-2873] Require BUILD permission to post results for an external job.  
mindless 已提交
31 
import hudson.model.Job;
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
32 
import hudson.util.RobustReflectionConverter;
K
converted existing AuthorizationStrategy implementations for auto-discovery  
kohsuke 已提交
33 
import hudson.Extension;
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
34 35 36 37 38 
import com.thoughtworks.xstream.io.HierarchicalStreamReader;
import com.thoughtworks.xstream.converters.UnmarshallingContext;
import com.thoughtworks.xstream.mapper.Mapper;
import com.thoughtworks.xstream.core.JVM;
K
should take SIDs from projects into account  
Kohsuke Kawaguchi 已提交
39 40 41 
import java.util.HashSet;
import java.util.Set;
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
42 43 44 45 46 47 48 49 50 51 
/**
 * {@link GlobalMatrixAuthorizationStrategy} plus per-project ACL.
 *
 * <p>
 * Per-project ACL is stored in {@link AuthorizationMatrixProperty}.
 *
 * @author Kohsuke Kawaguchi
 */
public class ProjectMatrixAuthorizationStrategy extends GlobalMatrixAuthorizationStrategy {
    @Override
M
[FIXED HUDSON-2873] Require BUILD permission to post results for an external job.  
mindless 已提交
52 
    public ACL getACL(Job<?,?> project) {
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
53 
        AuthorizationMatrixProperty amp = project.getProperty(AuthorizationMatrixProperty.class);
K
pointless complexity. if there's no permissions to define, just don't have an instance.  
kohsuke 已提交
54 
        if (amp != null) {
K
inherit from parent, not just the root  
Kohsuke Kawaguchi 已提交
55 
            return amp.getACL().newInheritingACL(getACL(project.getParent()));
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
56 
        } else {
K
inherit from the parent.  
Kohsuke Kawaguchi 已提交
57 
            return getACL(project.getParent());
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
58 59 60 
        }
    }
K
inherit from parent, not just the root  
Kohsuke Kawaguchi 已提交
61 62 63 64 65 66 67 68 69 70 71 72 73 
    public SidACL getACL(ItemGroup g) {
        if (g instanceof Item) {
            Item item = (Item) g;
            return (SidACL)item.getACL();
        }
        return getRootACL();
    }

    @Override
    public SidACL getACL(AbstractItem item) {
        return getACL(item.getParent());
    }
K
should take SIDs from projects into account  
Kohsuke Kawaguchi 已提交
74 75 76 77 
    @Override
    public Set<String> getGroups() {
        Set<String> r = new HashSet<String>();
        r.addAll(super.getGroups());
N
Stage 1 : Create hudson.model.Jenkins, make Hudson derive from Jenkins.  
Nigel Magnay 已提交
78 
        for (Job<?,?> j : Jenkins.getInstance().getItems(Job.class)) {
K
should take SIDs from projects into account  
Kohsuke Kawaguchi 已提交
79 80 81 82 83 84 85 
            AuthorizationMatrixProperty amp = j.getProperty(AuthorizationMatrixProperty.class);
            if (amp != null)
                r.addAll(amp.getGroups());
        }
        return r;
    }
K
converted existing AuthorizationStrategy implementations for auto-discovery  
kohsuke 已提交
86 
    @Extension
K
Descriptor can infer the corresponding Describable most of the time, because...  
kohsuke 已提交
87 
    public static final Descriptor<AuthorizationStrategy> DESCRIPTOR = new DescriptorImpl() {
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 
        @Override
        protected GlobalMatrixAuthorizationStrategy create() {
            return new ProjectMatrixAuthorizationStrategy();
        }

        @Override
        public String getDisplayName() {
            return Messages.ProjectMatrixAuthorizationStrategy_DisplayName();
        }
    };

    public static class ConverterImpl extends GlobalMatrixAuthorizationStrategy.ConverterImpl {
        private RobustReflectionConverter ref;

        public ConverterImpl(Mapper m) {
            ref = new RobustReflectionConverter(m,new JVM().bestReflectionProvider());
        }
M
Add @Override annotations, remove unused imports,  
mindless 已提交
106 
        @Override
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
107 108 109 110 
        protected GlobalMatrixAuthorizationStrategy create() {
            return new ProjectMatrixAuthorizationStrategy();
        }
M
Add @Override annotations, remove unused imports,  
mindless 已提交
111 
        @Override
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
112 113 114 115 116 117 118 119 120 121 
        public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext context) {
            String name = reader.peekNextChild();
            if(name!=null && (name.equals("permission") || name.equals("useProjectSecurity")))
                // the proper serialization form
                return super.unmarshal(reader, context);
            else
                // remain compatible with earlier problem where we used reflection converter
                return ref.unmarshal(reader,context);
        }
M
Add @Override annotations, remove unused imports,  
mindless 已提交
122 
        @Override
M
Add svn:eol-style and svn:keywords properties.  
mindless 已提交
123 124 125 126 127 128 
        public boolean canConvert(Class type) {
            return type==ProjectMatrixAuthorizationStrategy.class;
        }
    }
}