From 757bc8a53956e6fbab267214e6e0896f03c3c262 Mon Sep 17 00:00:00 2001 From: Jesse Glick Date: Mon, 11 Feb 2013 16:47:10 -0500 Subject: [PATCH] [SECURITY-55] This patch makes standard post-build action refuse to let you configure a downstream project you cannot currently build. The one from parameterized-trigger will show an error in the configure screen but still lets you save the configuration; needs an analogous patch to that plugin. Does not yet protect against POSTing config.xml with the trigger. --- core/src/main/java/hudson/model/AbstractProject.java | 7 +++++++ core/src/main/java/hudson/model/Descriptor.java | 10 +++++++--- core/src/main/java/hudson/tasks/BuildTrigger.java | 5 ++++- .../main/resources/hudson/tasks/Messages.properties | 1 + .../project/config-upstream-pseudo-trigger.jelly | 2 +- 5 files changed, 20 insertions(+), 5 deletions(-) diff --git a/core/src/main/java/hudson/model/AbstractProject.java b/core/src/main/java/hudson/model/AbstractProject.java index c581a2e82d..e5512c2cd3 100644 --- a/core/src/main/java/hudson/model/AbstractProject.java +++ b/core/src/main/java/hudson/model/AbstractProject.java @@ -1794,6 +1794,13 @@ public abstract class AbstractProject

,R extends A triggers = buildDescribable(req, Trigger.for_(this)); for (Trigger t : triggers) t.start(this,true); + + for (Publisher _t : Descriptor.newInstancesFromHeteroList(req, json, "publisher", Jenkins.getInstance().getExtensionList(BuildTrigger.DescriptorImpl.class))) { + BuildTrigger t = (BuildTrigger) _t; + for (AbstractProject downstream : t.getChildProjects(this)) { + downstream.checkPermission(BUILD); + } + } } /** diff --git a/core/src/main/java/hudson/model/Descriptor.java b/core/src/main/java/hudson/model/Descriptor.java index 1ba4236b68..7e918abf97 100644 --- a/core/src/main/java/hudson/model/Descriptor.java +++ b/core/src/main/java/hudson/model/Descriptor.java @@ -72,6 +72,7 @@ import java.lang.reflect.Type; import java.lang.reflect.Field; import java.lang.reflect.ParameterizedType; import java.beans.Introspector; +import javax.annotation.CheckForNull; /** * Metadata about a configurable instance. @@ -909,7 +910,10 @@ public abstract class Descriptor> implements Saveable { for (Object o : JSONArray.fromObject(formData)) { JSONObject jo = (JSONObject)o; String kind = jo.getString("kind"); - items.add(find(descriptors,kind).newInstance(req,jo)); + Descriptor d = find(descriptors, kind); + if (d != null) { + items.add(d.newInstance(req, jo)); + } } } @@ -919,7 +923,7 @@ public abstract class Descriptor> implements Saveable { /** * Finds a descriptor from a collection by its class name. */ - public static T find(Collection list, String className) { + public static @CheckForNull T find(Collection list, String className) { for (T d : list) { if(d.getClass().getName().equals(className)) return d; @@ -933,7 +937,7 @@ public abstract class Descriptor> implements Saveable { return null; } - public static Descriptor find(String className) { + public static @CheckForNull Descriptor find(String className) { return find(Jenkins.getInstance().getExtensionList(Descriptor.class),className); } diff --git a/core/src/main/java/hudson/tasks/BuildTrigger.java b/core/src/main/java/hudson/tasks/BuildTrigger.java index 2392086b21..c66592b1f4 100644 --- a/core/src/main/java/hudson/tasks/BuildTrigger.java +++ b/core/src/main/java/hudson/tasks/BuildTrigger.java @@ -318,7 +318,7 @@ public class BuildTrigger extends Recorder implements DependecyDeclarer { /** * Form validation method. */ - public FormValidation doCheck(@AncestorInPath Item project, @QueryParameter String value ) { + public FormValidation doCheck(@AncestorInPath Item project, @QueryParameter String value, @QueryParameter boolean upstream) { // Require CONFIGURE permission on this project if(!project.hasPermission(Item.CONFIGURE)) return FormValidation.ok(); @@ -333,6 +333,9 @@ public class BuildTrigger extends Recorder implements DependecyDeclarer { AbstractProject.findNearest(projectName,project.getParent()).getRelativeNameFrom(project))); if(!(item instanceof AbstractProject)) return FormValidation.error(Messages.BuildTrigger_NotBuildable(projectName)); + if (!upstream && !item.hasPermission(Item.BUILD)) { + return FormValidation.error(Messages.BuildTrigger_you_have_no_permission_to_build_(projectName)); + } hasProjects = true; } } diff --git a/core/src/main/resources/hudson/tasks/Messages.properties b/core/src/main/resources/hudson/tasks/Messages.properties index 3612c00635..0499c27c74 100644 --- a/core/src/main/resources/hudson/tasks/Messages.properties +++ b/core/src/main/resources/hudson/tasks/Messages.properties @@ -47,6 +47,7 @@ BuildTrigger.NoSuchProject=No such project ''{0}''. Did you mean ''{1}''? BuildTrigger.NoProjectSpecified=No project specified BuildTrigger.NotBuildable={0} is not buildable BuildTrigger.Triggering=Triggering a new build of {0} +BuildTrigger.you_have_no_permission_to_build_=You have no permission to build {0} CommandInterpreter.CommandFailed=command execution failed CommandInterpreter.UnableToDelete=Unable to delete script file {0} diff --git a/core/src/main/resources/lib/hudson/project/config-upstream-pseudo-trigger.jelly b/core/src/main/resources/lib/hudson/project/config-upstream-pseudo-trigger.jelly index 1aa57e7588..a4634c724d 100644 --- a/core/src/main/resources/lib/hudson/project/config-upstream-pseudo-trigger.jelly +++ b/core/src/main/resources/lib/hudson/project/config-upstream-pseudo-trigger.jelly @@ -38,7 +38,7 @@ THE SOFTWARE. -- GitLab