Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
xxadev
jenkins
提交
260a2576
J
jenkins
项目概览
xxadev
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
260a2576
编写于
1月 15, 2018
作者:
O
Oleg Nenashev
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[JENKINS-48946] - Move whitelist ordering test to core to fail fast
上级
ad8fecfb
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
67 addition
and
16 deletion
+67
-16
core/pom.xml
core/pom.xml
+6
-0
core/src/test/java/jenkins/security/ClassFilterImplSanityTest.java
...test/java/jenkins/security/ClassFilterImplSanityTest.java
+61
-0
test/src/test/java/jenkins/security/ClassFilterImplTest.java
test/src/test/java/jenkins/security/ClassFilterImplTest.java
+0
-16
未找到文件。
core/pom.xml
浏览文件 @
260a2576
...
...
@@ -179,6 +179,12 @@ THE SOFTWARE.
<classifier>
tests
</classifier>
<scope>
test
</scope>
</dependency>
<dependency>
<groupId>
org.hamcrest
</groupId>
<artifactId>
hamcrest-library
</artifactId>
<version>
1.3
</version>
<scope>
test
</scope>
</dependency>
<dependency>
<groupId>
com.infradna.tool
</groupId>
...
...
core/src/test/java/jenkins/security/ClassFilterImplSanityTest.java
0 → 100644
浏览文件 @
260a2576
/*
* The MIT License
*
* Copyright 2017-2018 CloudBees, Inc.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package
jenkins.security
;
import
hudson.util.CopyOnWriteMap
;
import
org.apache.commons.io.IOUtils
;
import
org.junit.Test
;
import
java.io.InputStream
;
import
java.nio.charset.StandardCharsets
;
import
java.util.List
;
import
java.util.TreeSet
;
import
java.util.stream.Collectors
;
import
static
org
.
junit
.
Assert
.
assertThat
;
import
static
org
.
hamcrest
.
Matchers
.*;
/**
* Tests for {@link ClassFilterImpl}.
* More tests are available in the "test" module.
*/
public
class
ClassFilterImplSanityTest
{
@Test
public
void
whitelistSanity
()
throws
Exception
{
try
(
InputStream
is
=
ClassFilterImpl
.
class
.
getResourceAsStream
(
"whitelisted-classes.txt"
))
{
List
<
String
>
lines
=
IOUtils
.
readLines
(
is
,
StandardCharsets
.
UTF_8
).
stream
().
filter
(
line
->
!
line
.
matches
(
"#.*|\\s*"
)).
collect
(
Collectors
.
toList
());
TreeSet
<
String
>
set
=
new
TreeSet
<>(
lines
);
assertThat
(
"whitelist is NOT ordered"
,
new
TreeSet
<>(
lines
),
contains
(
lines
.
toArray
(
new
String
[
0
])));
for
(
String
line
:
lines
)
{
try
{
Class
.
forName
(
line
);
}
catch
(
ClassNotFoundException
x
)
{
System
.
err
.
println
(
"skipping checks of unknown class "
+
line
);
}
}
}
}
}
test/src/test/java/jenkins/security/ClassFilterImplTest.java
浏览文件 @
260a2576
...
...
@@ -66,22 +66,6 @@ public class ClassFilterImplTest {
@Rule
public
LoggerRule
logging
=
new
LoggerRule
().
record
(
ClassFilterImpl
.
class
,
Level
.
FINE
);
@WithoutJenkins
@Test
public
void
whitelistSanity
()
throws
Exception
{
try
(
InputStream
is
=
ClassFilterImpl
.
class
.
getResourceAsStream
(
"whitelisted-classes.txt"
))
{
List
<
String
>
lines
=
IOUtils
.
readLines
(
is
,
StandardCharsets
.
UTF_8
).
stream
().
filter
(
line
->
!
line
.
matches
(
"#.*|\\s*"
)).
collect
(
Collectors
.
toList
());
assertThat
(
"whitelist is ordered"
,
new
TreeSet
<>(
lines
),
contains
(
lines
.
toArray
(
new
String
[
0
])));
for
(
String
line
:
lines
)
{
try
{
Class
.
forName
(
line
);
}
catch
(
ClassNotFoundException
x
)
{
System
.
err
.
println
(
"skipping checks of unknown class "
+
line
);
}
}
}
}
@Test
public
void
masterToSlaveBypassesWhitelist
()
throws
Exception
{
assumeThat
(
ClassFilterImpl
.
WHITELISTED_CLASSES
,
not
(
contains
(
LinkedListMultimap
.
class
.
getName
())));
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录