moved build authoerization token support code to its own class so that the...

moved build authoerization token support code to its own class so that the logic can be reused both in MavenModuleSet and AbstractProject. git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@1973 71c3de6d-444a-0410-be80-ed276b4c234a

moved build authoerization token support code to its own class so that the...
moved build authoerization token support code to its own class so that the logic can be reused both in MavenModuleSet and AbstractProject. git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@1973 71c3de6d-444a-0410-be80-ed276b4c234a
89f76a65 · kohsuke · d23d37d3 · 89f76a65 · 89f76a65 · 89f76a65
6 changed file
--- a/core/src/main/java/hudson/maven/MavenModuleSet.java
+++ b/core/src/main/java/hudson/maven/MavenModuleSet.java
@@ -18,6 +18,8 @@ import hudson.model.Project;
 import hudson.model.TaskListener;
 import hudson.model.TopLevelItem;
 import hudson.model.TopLevelItemDescriptor;
+import hudson.model.BuildableItem;
+import hudson.model.BuildAuthorizationToken;
 import hudson.remoting.VirtualChannel;
 import hudson.scm.NullSCM;
 import hudson.scm.SCM;
@@ -53,7 +55,7 @@ import java.util.Map;
 *
 * @author Kohsuke Kawaguchi
 */
-public class MavenModuleSet extends AbstractItem implements TopLevelItem, ItemGroup<MavenModule> {
+public class MavenModuleSet extends AbstractItem implements TopLevelItem, BuildableItem, ItemGroup<MavenModule> {
    /**
     * All {@link MavenModule}s, keyed by their {@link MavenModule#getModuleName()} module name}s.
     */
@@ -85,6 +87,8 @@ public class MavenModuleSet extends AbstractItem implements TopLevelItem, ItemGr
     */
    private String assignedNode;

+    private BuildAuthorizationToken authToken;
+
    public MavenModuleSet(String name) {
        super(Hudson.getInstance(),name);
    }
@@ -202,6 +206,15 @@ public class MavenModuleSet extends AbstractItem implements TopLevelItem, ItemGr
        }
    }

+    public BuildAuthorizationToken getAuthToken() {
+        return authToken;
+    }
+
+    public void scheduleBuild() {
+        // TODO
+        throw new UnsupportedOperationException();
+    }
+
    private transient LargeText parsePomBuffer;
    private transient boolean parsePomSucceeded;

@@ -330,6 +343,13 @@ public class MavenModuleSet extends AbstractItem implements TopLevelItem, ItemGr
            parsePomBuffer.doProgressText(req,rsp);
    }

+    /**
+     * Schedules a new build command.
+     */
+    public void doBuild( StaplerRequest req, StaplerResponse rsp ) throws IOException, ServletException {
+        BuildAuthorizationToken.startBuildIfAuthorized(authToken,this,req,rsp);
+    }
+
    public synchronized void doConfigSubmit(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
        if(!Hudson.adminCheck(req,rsp))
            return;
@@ -338,6 +358,7 @@ public class MavenModuleSet extends AbstractItem implements TopLevelItem, ItemGr
            disabled = req.getParameter("disable")!=null;
            jdk = req.getParameter("jdk");
            setScm(SCMS.parseSCM(req));
+            authToken = BuildAuthorizationToken.create(req);

            if(req.getParameter("hasSlaveAffinity")!=null) {
                assignedNode = Util.fixNull(req.getParameter("slave"));

--- a/core/src/main/java/hudson/model/AbstractProject.java
+++ b/core/src/main/java/hudson/model/AbstractProject.java
@@ -35,7 +35,7 @@ import java.util.Vector;
 * @author Kohsuke Kawaguchi
 * @see AbstractBuild
 */
-public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends AbstractBuild<P,R>> extends Job<P,R> {
+public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends AbstractBuild<P,R>> extends Job<P,R> implements BuildableItem {

    private SCM scm = new NullSCM();

@@ -84,9 +84,12 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
     */
    private String jdk;

-    private boolean enableRemoteTrigger = false;
+    /**
+     * @deprecated
+     */
+    private transient boolean enableRemoteTrigger;

-    private String authToken = null;
+    private BuildAuthorizationToken authToken = null;

    /**
     * List of all {@link Trigger}s for this project.
@@ -194,14 +197,8 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
        save();
    }

-    public boolean isEnableRemoteTrigger() {
-        // no need to enable this option if security disabled
-        return (Hudson.getInstance().isUseSecurity())
-                && enableRemoteTrigger;
-    }
-
-    public String getAuthToken() {
-            return authToken;
+    public BuildAuthorizationToken getAuthToken() {
+        return authToken;
    }

    public SortedMap<Integer, ? extends R> _getRuns() {
@@ -411,21 +408,7 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
     * Schedules a new build command.
     */
    public void doBuild( StaplerRequest req, StaplerResponse rsp ) throws IOException, ServletException {
-        if (authorizedToStartBuild(req, rsp)) {
-            scheduleBuild();
-            rsp.forwardToPreviousPage(req);
-        }
-    }
-
-    private boolean authorizedToStartBuild(StaplerRequest req, StaplerResponse rsp) throws IOException {
-        if (isEnableRemoteTrigger()) {
-            String providedToken = req.getParameter("token");
-            if (providedToken != null && providedToken.equals(getAuthToken())) {
-                return true;
-            }
-        }
-
-        return Hudson.adminCheck(req, rsp);
+        BuildAuthorizationToken.startBuildIfAuthorized(authToken,this,req,rsp);
    }

    /**
@@ -464,12 +447,7 @@ public abstract class AbstractProject<P extends AbstractProject<P,R>,R extends A
            assignedNode = null;
        }

-        if (req.getParameter("pseudoRemoteTrigger") != null) {
-            authToken = req.getParameter("authToken");
-            enableRemoteTrigger = true;
-        } else {
-            enableRemoteTrigger = false;
-        }
+        authToken = BuildAuthorizationToken.create(req);

        try {
            setScm(SCMS.parseSCM(req));

--- a/core/src/main/java/hudson/model/BuildAuthorizationToken.java
+++ b/core/src/main/java/hudson/model/BuildAuthorizationToken.java
+package hudson.model;
+
+import com.thoughtworks.xstream.converters.basic.AbstractBasicConverter;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
+
+import javax.servlet.ServletException;
+import java.io.IOException;
+
+/**
+ * Authorization token to allow projects to trigger themselves under the secured environment.
+ *
+ * @author Kohsuke Kawaguchi
+ * @see BuildableItem
+ */
+public final class BuildAuthorizationToken {
+    private final String token;
+
+    public BuildAuthorizationToken(String token) {
+        this.token = token;
+    }
+
+    public static BuildAuthorizationToken create(StaplerRequest req) {
+        if (req.getParameter("pseudoRemoteTrigger") != null)
+            return new BuildAuthorizationToken(req.getParameter("authToken"));
+        else
+            return null;
+    }
+
+    public static void startBuildIfAuthorized(BuildAuthorizationToken token, BuildableItem job, StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
+        if(token==null || token.authorizedToStartBuild(req,rsp)) {
+            job.scheduleBuild();
+            rsp.forwardToPreviousPage(req);
+        }
+    }
+
+    public boolean authorizedToStartBuild(StaplerRequest req, StaplerResponse rsp) throws IOException {
+        if (!Hudson.getInstance().isUseSecurity())
+            // everyone is authorized
+            return true;
+
+        if(token != null) {
+            //check the provided token
+            String providedToken = req.getParameter("token");
+            if (providedToken != null && providedToken.equals(token))
+                return true;
+        }
+
+        // otherwise it must be an admin
+        return Hudson.adminCheck(req, rsp);
+    }
+
+    public String getToken() {
+        return token;
+    }
+
+    public static final class ConverterImpl extends AbstractBasicConverter {
+        public boolean canConvert(Class type) {
+            return type== BuildAuthorizationToken.class;
+        }
+
+        protected Object fromString(String str) {
+            return new BuildAuthorizationToken(str);
+        }
+
+        protected String toString(Object obj) {
+            return ((BuildAuthorizationToken)obj).token;
+        }
+    }
+}
--- a/core/src/main/java/hudson/model/BuildableItem.java
+++ b/core/src/main/java/hudson/model/BuildableItem.java
+package hudson.model;
+
+/**
+ * {@link Item} that can be "built", for
+ * whatever meaning of "build".
+ *
+ * <p>
+ * This interface is used by utility code.
+ *
+ * @author Kohsuke Kawaguchi
+ * @see BuildAuthorizationToken
+ */
+public interface BuildableItem extends Item {
+    void scheduleBuild();
+}
--- a/core/src/main/resources/hudson/model/BuildAuthorizationToken/config.jelly
+++ b/core/src/main/resources/hudson/model/BuildAuthorizationToken/config.jelly
+<!--
+  Pseudo trigger configuration.
+  Note that it is the object that owns BuildAuthorizationToken
+-->
+<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+  <j:if test="${!app.useSecurity}">
+    <f:optionalBlock name="pseudoRemoteTrigger"
+        help="/help/project-config/triggerRemotely.html"
+        title="Trigger builds remotely (e.g., from scripts)"
+        checked="${it.authToken!=null}">
+      <f:entry title="Authentication Token">
+        <f:textbox name="authToken" value="${it.authToken.token}" />
+        Use the following URL to trigger build remotely:
+        <tt>HUDSON_URL</tt>/${it.url}build?token=<tt>TOKEN_NAME</tt>
+      </f:entry>
+  </f:optionalBlock>
+  </j:if>
+</j:jelly>
\ No newline at end of file
--- a/core/src/main/resources/hudson/model/Project/configure-entries.jelly
+++ b/core/src/main/resources/hudson/model/Project/configure-entries.jelly
@@ -25,18 +25,7 @@
      </f:entry>
    </f:optionalBlock>
    <!-- pseudo-trigger to configure URL to trigger builds remotely. -->
-    <j:if test="${app.useSecurity}">
-      <f:optionalBlock name="pseudoRemoteTrigger"
-          help="/help/project-config/triggerRemotely.html"
-          title="Trigger builds remotely (e.g., from scripts)"
-          checked="${it.enableRemoteTrigger}">
-        <f:entry title="Authentication Token">
-          <f:textbox class="setting-input" name="authToken" value="${it.authToken}" />
-          Use the following URL to trigger build remotely:
-          <tt>HUDSON_URL</tt>/${it.url}build?token=<tt>TOKEN_NAME</tt>
-        </f:entry>
-    </f:optionalBlock>
-    </j:if>
+    <st:include page="../BuildAuthorizationToken/config.jelly" />
  </f:descriptorList>