diff --git a/core/src/main/java/hudson/model/AbstractProject.java b/core/src/main/java/hudson/model/AbstractProject.java index 804b805129cfb3147e4b440a6bf2c53546eb927c..d05ef17d5e4cbd31b0a324d1b32b3cc8e476ee3c 100644 --- a/core/src/main/java/hudson/model/AbstractProject.java +++ b/core/src/main/java/hudson/model/AbstractProject.java @@ -39,7 +39,6 @@ import hudson.Launcher; import hudson.Util; import hudson.cli.declarative.CLIMethod; import hudson.cli.declarative.CLIResolver; -import hudson.matrix.MatrixConfiguration; import hudson.model.Cause.LegacyCodeCause; import hudson.model.Cause.RemoteCause; import hudson.model.Cause.UserIdCause; @@ -90,9 +89,6 @@ import jenkins.model.lazy.AbstractLazyLoadRunMap.Direction; import jenkins.scm.DefaultSCMCheckoutStrategyImpl; import jenkins.scm.SCMCheckoutStrategy; import jenkins.scm.SCMCheckoutStrategyDescriptor; -import jenkins.security.ProjectAuthenticator; -import jenkins.security.ProjectAuthenticatorConfiguration; -import jenkins.security.ProjectAuthenticatorConfiguration; import jenkins.util.TimeDuration; import net.sf.json.JSONObject; import org.acegisecurity.Authentication; @@ -113,6 +109,7 @@ import org.kohsuke.stapler.StaplerResponse; import org.kohsuke.stapler.export.Exported; import org.kohsuke.stapler.interceptor.RequirePOST; +import javax.annotation.Nonnull; import javax.servlet.ServletException; import java.io.File; import java.io.IOException; @@ -1178,13 +1175,10 @@ public abstract class AbstractProject
,R extends A return this; } - /** - * Let the identity determined by {@link ProjectAuthenticator}. - * - * @since 1.520 - */ - public Authentication getIdentity() { - return ProjectAuthenticatorConfiguration.get().authenticate(this); + @Nonnull + public Authentication getDefaultAuthentication() { + // backward compatible behaviour. + return ACL.SYSTEM; } /** diff --git a/core/src/main/java/hudson/model/Executor.java b/core/src/main/java/hudson/model/Executor.java index f2aaf341cde9759d84350669b9fe7e50aac3392f..2aa98d02197bc326b3f98e4bad977ab14ac3b200 100644 --- a/core/src/main/java/hudson/model/Executor.java +++ b/core/src/main/java/hudson/model/Executor.java @@ -239,7 +239,7 @@ public class Executor extends Thread implements ModelObject { } } - final SecurityContext savedContext = ACL.impersonate(Tasks.getIdentityOf(task)); + final SecurityContext savedContext = ACL.impersonate(workUnit.context.item.authenticate()); try { setName(threadName + " : executing " + executable.toString()); if (LOGGER.isLoggable(FINE)) diff --git a/core/src/main/java/hudson/model/Node.java b/core/src/main/java/hudson/model/Node.java index e8f7af4665461aa5d67053683b1206f2937ad8a1..c57d1c188ee721764abc57586f998ecf7c89193e 100644 --- a/core/src/main/java/hudson/model/Node.java +++ b/core/src/main/java/hudson/model/Node.java @@ -327,7 +327,7 @@ public abstract class Node extends AbstractModelObject implements Reconfigurable if(l==null && getMode()== Mode.EXCLUSIVE) return CauseOfBlockage.fromMessage(Messages._Node_BecauseNodeIsReserved(getNodeName())); // this node is reserved for tasks that are tied to it - Authentication identity = item.task.getIdentity(); + Authentication identity = item.authenticate(); if (!getACL().hasPermission(identity,AbstractProject.BUILD)) { // doesn't have a permission // TODO: does it make more sense to define a separate permission? diff --git a/core/src/main/java/hudson/model/Queue.java b/core/src/main/java/hudson/model/Queue.java index a162856f59a4083b31498561e6ce7f55171fece0..03f73f882db9c43d0ab4f5edf684bbe1b425d1e9 100644 --- a/core/src/main/java/hudson/model/Queue.java +++ b/core/src/main/java/hudson/model/Queue.java @@ -62,6 +62,7 @@ import hudson.model.queue.CauseOfBlockage.BecauseNodeIsOffline; import hudson.model.queue.CauseOfBlockage.BecauseLabelIsOffline; import hudson.model.queue.CauseOfBlockage.BecauseNodeIsBusy; import hudson.model.queue.WorkUnitContext; +import hudson.security.ACL; import hudson.triggers.SafeTimerTask; import hudson.triggers.Trigger; import hudson.util.OneShotEvent; @@ -99,10 +100,14 @@ import java.util.concurrent.atomic.AtomicLong; import java.util.logging.Level; import java.util.logging.Logger; +import javax.annotation.Nonnull; import javax.servlet.ServletException; import jenkins.model.Jenkins; +import jenkins.security.QueueItemAuthenticator; +import jenkins.security.QueueItemAuthenticatorConfiguration; import org.acegisecurity.AccessDeniedException; +import org.acegisecurity.Authentication; import org.kohsuke.stapler.HttpResponse; import org.kohsuke.stapler.HttpResponses; import org.kohsuke.stapler.export.Exported; @@ -1282,6 +1287,28 @@ public class Queue extends ResourceController implements Saveable { * @since 1.377 */ Collection extends SubTask> getSubTasks(); + + /** + * This method allows the task to provide the default fallback authentication object to be used + * when {@link QueueItemAuthenticator} fails to authenticate the build. + * + *
+ * When the task execution touches other objects inside Jenkins, the access control is performed + * based on whether this {@link Authentication} is allowed to use them. Implementers, if you are unsure, + * consider returning the identity of the user who created the task, or + * {@link ACL#SYSTEM} to bypass the access control and run as the super user, which has been + * the traditional behaviour.) + * + *
+ * This method was added to an interface after it was created, so plugins built against + * older versions of Jenkins may not have this method implemented. Called {@link Tasks#_getDefaultAuthenticationOf(Task)} + * to avoid {@link AbstractMethodError}. + * + * @since 1.520 + * @see QueueItemAuthenticator + * @see Tasks#getDefaultAuthenticationOf(Task) + */ + @Nonnull Authentication getDefaultAuthentication(); } /** @@ -1512,6 +1539,27 @@ public class Queue extends ResourceController implements Saveable { return HttpResponses.forwardToPreviousPage(); } + /** + * Returns the identity that this task carries when it runs, for the purpose of access control. + * + * When the task execution touches other objects inside Jenkins, the access control is performed + * based on whether this {@link Authentication} is allowed to use them. Implementers, if you are unsure, + * return the identity of the user who queued the task, or {@link ACL#SYSTEM} to bypass the access control + * and run as the super user. + * + * @since 1.520 + */ + @Nonnull + public Authentication authenticate() { + for (QueueItemAuthenticator auth : QueueItemAuthenticatorConfiguration.get().getAuthenticators()) { + Authentication a = auth.authenticate(this); + if (a!=null) + return a; + } + return Tasks.getDefaultAuthenticationOf(task); + } + + /** * Participates in the cancellation logic to set the {@link #future} accordingly. */ diff --git a/core/src/main/java/hudson/model/queue/AbstractQueueTask.java b/core/src/main/java/hudson/model/queue/AbstractQueueTask.java index 67d5a6229ac436d09376c1d89f7a9c6dd90dea05..6b1ebe1d1545d59d96b5b817764b65567f02ddf2 100644 --- a/core/src/main/java/hudson/model/queue/AbstractQueueTask.java +++ b/core/src/main/java/hudson/model/queue/AbstractQueueTask.java @@ -62,7 +62,7 @@ public abstract class AbstractQueueTask implements Queue.Task { /** * This default implementation is the historical behaviour, but this is no longer desirable. Please override. - * See {@link SubTask#getIdentity()} for the contract. + * See {@link Task#getIdentity()} for the contract. */ public Authentication getIdentity() { return ACL.SYSTEM; diff --git a/core/src/main/java/hudson/model/queue/AbstractSubTask.java b/core/src/main/java/hudson/model/queue/AbstractSubTask.java index d405326d0411bd2a26a433087ee07f274a613467..a031d9ef81f8beaa71dab99f9fa9600ceeaec09a 100644 --- a/core/src/main/java/hudson/model/queue/AbstractSubTask.java +++ b/core/src/main/java/hudson/model/queue/AbstractSubTask.java @@ -26,8 +26,6 @@ package hudson.model.queue; import hudson.model.Label; import hudson.model.Node; import hudson.model.ResourceList; -import hudson.security.ACL; -import org.acegisecurity.Authentication; /** * Partial default implementation of {@link SubTask} to avoid @@ -55,8 +53,4 @@ public abstract class AbstractSubTask implements SubTask { public ResourceList getResourceList() { return new ResourceList(); } - - public Authentication getIdentity() { - return getOwnerTask().getIdentity(); - } } diff --git a/core/src/main/java/hudson/model/queue/MappingWorksheet.java b/core/src/main/java/hudson/model/queue/MappingWorksheet.java index e081f51523cdbe4a00dbc526d2491da8cad76304..c073ee70bda72eaf06dc6195e5cd49bd0d9f29e4 100644 --- a/core/src/main/java/hudson/model/queue/MappingWorksheet.java +++ b/core/src/main/java/hudson/model/queue/MappingWorksheet.java @@ -67,9 +67,6 @@ import static java.lang.Math.*; * See {@link SubTask#getSameNodeConstraint()} *
@@ -137,10 +134,8 @@ public class MappingWorksheet {
if (c.assignedLabel!=null && !c.assignedLabel.contains(node))
return false; // label mismatch
- for (SubTask task : c) {
- if (!nodeAcl.hasPermission(task.getIdentity(), AbstractProject.BUILD))
- return false; // tasks don't have a permission to run on this node
- }
+ if (!nodeAcl.hasPermission(item.authenticate(), AbstractProject.BUILD))
+ return false; // tasks don't have a permission to run on this node
return true;
}
diff --git a/core/src/main/java/hudson/model/queue/QueueTaskFilter.java b/core/src/main/java/hudson/model/queue/QueueTaskFilter.java
index 2399d103f9cd8b20ddd843c64a855bb3708931e0..b8b6e240c85ceb330ccc76c3d9a663936f92be3f 100644
--- a/core/src/main/java/hudson/model/queue/QueueTaskFilter.java
+++ b/core/src/main/java/hudson/model/queue/QueueTaskFilter.java
@@ -30,7 +30,6 @@ import hudson.model.Queue;
import hudson.model.Queue.Executable;
import hudson.model.Queue.Task;
import hudson.model.ResourceList;
-import org.acegisecurity.Authentication;
import java.io.IOException;
import java.util.Collection;
@@ -119,8 +118,4 @@ public abstract class QueueTaskFilter implements Queue.Task {
public Object getSameNodeConstraint() {
return base.getSameNodeConstraint();
}
-
- public Authentication getIdentity() {
- return base.getIdentity();
- }
}
diff --git a/core/src/main/java/hudson/model/queue/SubTask.java b/core/src/main/java/hudson/model/queue/SubTask.java
index 6a31232625f2e31c3aa1b02392c264e74fea8d21..c5dc1391cd75e885dc6aec90a17bfe867145f6f5 100644
--- a/core/src/main/java/hudson/model/queue/SubTask.java
+++ b/core/src/main/java/hudson/model/queue/SubTask.java
@@ -86,17 +86,4 @@ public interface SubTask extends ResourceActivity {
* colocation constraint.
*/
Object getSameNodeConstraint();
-
- /**
- * Returns the identity that this task carries when it runs, for the purpose of access control.
- *
- * When the task execution touches other objects inside Jenkins, the access control is performed
- * based on whether this {@link Authentication} is allowed to use them. Implementers, if you are unsure,
- * return the identity of the user who queued the task, or {@link ACL#SYSTEM} to bypass the access control
- * and run as the super user.
- *
- * @since 1.520
- * @see Tasks#getIdentityOf(SubTask)
- */
- @Nonnull Authentication getIdentity();
}
diff --git a/core/src/main/java/hudson/model/queue/Tasks.java b/core/src/main/java/hudson/model/queue/Tasks.java
index f4a1987782a64c9b7d28f4a7075631a05d2501c3..f53c846da6809553bee668c16b2a1ce270e04ae4 100644
--- a/core/src/main/java/hudson/model/queue/Tasks.java
+++ b/core/src/main/java/hudson/model/queue/Tasks.java
@@ -90,13 +90,13 @@ public class Tasks {
* A pointless function to work around what appears to be a HotSpot problem. See JENKINS-5756 and bug 6933067
* on BugParade for more details.
*/
- private static Authentication _getIdentityOf(SubTask t) {
- return t.getIdentity();
+ private static Authentication _getDefaultAuthenticationOf(Task t) {
+ return t.getDefaultAuthentication();
}
- public static Authentication getIdentityOf(SubTask t) {
+ public static Authentication getDefaultAuthenticationOf(Task t) {
try {
- return _getIdentityOf(t);
+ return _getDefaultAuthenticationOf(t);
} catch (AbstractMethodError e) {
return ACL.SYSTEM;
}
diff --git a/core/src/main/java/jenkins/security/ProjectAuthenticator.java b/core/src/main/java/jenkins/security/ProjectAuthenticator.java
deleted file mode 100644
index 03ca50431967b6752c0bb242121eae3c3101b9e5..0000000000000000000000000000000000000000
--- a/core/src/main/java/jenkins/security/ProjectAuthenticator.java
+++ /dev/null
@@ -1,39 +0,0 @@
-package jenkins.security;
-
-import hudson.ExtensionPoint;
-import hudson.model.AbstractBuild;
-import hudson.model.AbstractDescribableImpl;
-import hudson.model.AbstractProject;
-import hudson.security.ACL;
-import org.acegisecurity.Authentication;
-
-import javax.annotation.CheckForNull;
-
-/**
- * Extension point to run {@link AbstractBuild}s under a specific identity for better access control.
- *
- * @author Kohsuke Kawaguchi
- * @since 1.520
- * @see ProjectAuthenticatorConfiguration
- * @see AbstractProject#getIdentity()
- */
-public abstract class ProjectAuthenticator extends AbstractDescribableImpl