diff --git a/core/pom.xml b/core/pom.xml
index ebea16ca4d880f699f8ee336d113281b2be2c673..ad177499f0f67ae24a7e186eb0867f4cddf6e08e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -231,7 +231,7 @@
org.kohsuke.stapler
stapler
- 1.89
+ 1.90
org.jvnet.localizer
diff --git a/core/src/main/java/hudson/tasks/BuildTrigger.java b/core/src/main/java/hudson/tasks/BuildTrigger.java
index e178a1a6795f8c7064c1b250c19a02571cfa693e..f5291816b876e90f5bd503faac575d85e7ea7212 100644
--- a/core/src/main/java/hudson/tasks/BuildTrigger.java
+++ b/core/src/main/java/hudson/tasks/BuildTrigger.java
@@ -274,7 +274,7 @@ public class BuildTrigger extends Publisher implements DependecyDeclarer, Matrix
*/
public void doCheck( StaplerRequest req, StaplerResponse rsp ) throws IOException, ServletException {
// Require CONFIGURE permission on this project
- AccessControlled anc = (AccessControlled) req.findAncestor(AccessControlled.class).getObject();
+ AccessControlled anc = req.findAncestorObject(AccessControlled.class);
new FormFieldValidator(req,rsp,anc,Item.CONFIGURE) {
protected void check() throws IOException, ServletException {
String list = request.getParameter("value");
diff --git a/core/src/main/java/hudson/tasks/test/AggregatedTestResultPublisher.java b/core/src/main/java/hudson/tasks/test/AggregatedTestResultPublisher.java
index 1ab00108c45630951a2f3f3a784b9eeda23220d0..764bc7dd6b1740eb5771555269cd994316cb7aa0 100644
--- a/core/src/main/java/hudson/tasks/test/AggregatedTestResultPublisher.java
+++ b/core/src/main/java/hudson/tasks/test/AggregatedTestResultPublisher.java
@@ -228,7 +228,7 @@ public class AggregatedTestResultPublisher extends Publisher {
public void doCheck(StaplerRequest req, StaplerResponse rsp, @QueryParameter final String value) throws IOException, ServletException {
// Require CONFIGURE permission on this project
- AbstractProject project = (AbstractProject) req.findAncestor(AbstractProject.class).getObject();
+ AbstractProject project = req.findAncestorObject(AbstractProject.class);
new FormFieldValidator(req,rsp,project,Item.CONFIGURE) {
protected void check() throws IOException, ServletException {
diff --git a/core/src/main/java/hudson/util/FormFieldValidator.java b/core/src/main/java/hudson/util/FormFieldValidator.java
index 0792f5d11b64d4ed62ccbbfaab0edd0f9bbf55ae..1af1b7f4756e0b17f31e3a71b1c934d7ac74bf1e 100644
--- a/core/src/main/java/hudson/util/FormFieldValidator.java
+++ b/core/src/main/java/hudson/util/FormFieldValidator.java
@@ -7,7 +7,6 @@ import hudson.Util;
import hudson.model.AbstractProject;
import hudson.model.Hudson;
import hudson.model.Item;
-import hudson.model.Job;
import hudson.security.Permission;
import hudson.security.AccessControlled;
@@ -77,6 +76,8 @@ public abstract class FormFieldValidator {
public final void process() throws IOException, ServletException {
if(permission!=null)
try {
+ if(subject==null)
+ throw new AccessDeniedException("No subject");
subject.checkPermission(permission);
} catch (AccessDeniedException e) {
// if the user has hudson-wisde admin permission, all checks are allowed
@@ -283,7 +284,7 @@ public abstract class FormFieldValidator {
public WorkspaceFileMask(StaplerRequest request, StaplerResponse response, boolean errorIfNotExist) {
// Require CONFIGURE permission on the job
- super(request, response, (AbstractProject) request.findAncestor(AbstractProject.class).getObject(), Item.CONFIGURE);
+ super(request, response, request.findAncestorObject(AbstractProject.class), Item.CONFIGURE);
this.errorIfNotExist = errorIfNotExist;
}
@@ -346,7 +347,7 @@ public abstract class FormFieldValidator {
public WorkspaceFilePath(StaplerRequest request, StaplerResponse response, boolean errorIfNotExist, boolean expectingFile) {
// Require CONFIGURE permission on this job
- super(request, response, (AbstractProject) request.findAncestor(AbstractProject.class).getObject(), Item.CONFIGURE);
+ super(request, response, request.findAncestorObject(AbstractProject.class), Item.CONFIGURE);
this.errorIfNotExist = errorIfNotExist;
this.expectingFile = expectingFile;
}
diff --git a/test/pom.xml b/test/pom.xml
index c74a73dd0a70e7848bcc847f27f3adea7f6d6ef0..b5ee747a26005f2f09e85eccf7cca97792fd0e54 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -72,7 +72,7 @@
org.jvnet.hudson
htmlunit
- 2.2-hudson-5
+ 2.2-hudson-7
diff --git a/test/src/test/java/hudson/util/FormFieldValidatorTest.java b/test/src/test/java/hudson/util/FormFieldValidatorTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..513792fee0f91668d735c5f3313c7b9bdeb9048b
--- /dev/null
+++ b/test/src/test/java/hudson/util/FormFieldValidatorTest.java
@@ -0,0 +1,18 @@
+package hudson.util;
+
+import org.jvnet.hudson.test.HudsonTestCase;
+import org.jvnet.hudson.test.Bug;
+import org.jvnet.hudson.test.recipes.WithPlugin;
+import hudson.model.FreeStyleProject;
+
+/**
+ * @author Kohsuke Kawaguchi
+ */
+public class FormFieldValidatorTest extends HudsonTestCase {
+ @Bug(2771)
+ @WithPlugin("tasks.hpi")
+ public void test2771() throws Exception {
+ FreeStyleProject p = createFreeStyleProject();
+ new WebClient().getPage(p,"configure");
+ }
+}