Refine search
@Override public String getShortDescription() { User user = User.get(startedBy, false); String userName = user != null ? user.getDisplayName() : startedBy; return Messages.BuildCommand_CLICause_ShortDescription(userName); }
/** * Only for legacy token */ private boolean hasPermissionToSeeToken() { // Administrators can do whatever they want if (SHOW_LEGACY_TOKEN_TO_ADMINS && Jenkins.get().hasPermission(Jenkins.ADMINISTER)) { return true; } User current = User.current(); if (current == null) { // Anonymous return false; } // SYSTEM user is always eligible to see tokens if (Jenkins.getAuthentication() == ACL.SYSTEM) { return true; } return User.idStrategy().equals(user.getId(), current.getId()); }
@Override protected void loggedIn(@Nonnull String username) { try { // user should have been created but may not have been saved for some realms // but as this is a callback of a successful login we can safely create the user. User u = User.getById(username, true); LastGrantedAuthoritiesProperty o = u.getProperty(LastGrantedAuthoritiesProperty.class); if (o==null) u.addProperty(o=new LastGrantedAuthoritiesProperty()); Authentication a = Jenkins.getAuthentication(); if (a!=null && a.getName().equals(username)) o.update(a); // just for defensive sanity checking } catch (IOException e) { LOGGER.log(Level.WARNING, "Failed to record granted authorities",e); } }
public static PaneStatusProperties forCurrentUser() { final User current = User.current(); if (current == null) { return FALLBACK; } return current.getProperty(PaneStatusProperties.class); }
public User getUser() { return userId == null ? User.getUnknown() : User.getById(userId, true) ; }
Slave node = (Slave) Jenkins.getInstance().getNode(name); User user = User.current(); userId = user!=null ? user.getId() : "anonymous";
public synchronized void run() { if (!(status instanceof Pending)) { return; } status = new Running(); try { // safeRestart records the current authentication for the log, so set it to the managing user try (ACLContext acl = ACL.as(User.get(authentication, false, Collections.emptyMap()))) { Jenkins.getInstance().safeRestart(); } } catch (RestartNotSupportedException exception) { // ignore if restart is not allowed status = new Failure(); error = exception; } }
@Nonnull @Restricted(NoExternalUse.class) /*package*/ String getApiTokenInsecure() { if(apiToken == null){ return Messages.ApiTokenProperty_NoLegacyToken(); } String p = apiToken.getPlainText(); if (p.equals(Util.getDigestOf(Jenkins.getInstance().getSecretKey()+":"+user.getId()))) { // if the current token is the initial value created by pre SECURITY-49 Jenkins, we can't use that. // force using the newer value apiToken = Secret.fromString(p=API_KEY_SEED.mac(user.getId())); } return Util.getDigestOf(p); }
/** * Creates a new account from a valid signup info. A signup info is valid if its {@link SignupInfo#errors} * field is empty. * * @param si the valid signup info to create an account from * @return a valid {@link User} object created from given signup info * @throws IllegalArgumentException if an invalid signup info is passed */ private User createAccount(SignupInfo si) throws IOException { if (!si.errors.isEmpty()) { String messages = getErrorMessages(si); throw new IllegalArgumentException("invalid signup info passed to createAccount(si): " + messages); } // register the user User user = createAccount(si.username, si.password1); user.setFullName(si.fullname); if (isMailerPluginPresent()) { try { // legacy hack. mail support has moved out to a separate plugin Class<?> up = Jenkins.getInstance().pluginManager.uberClassLoader.loadClass("hudson.tasks.Mailer$UserProperty"); Constructor<?> c = up.getDeclaredConstructor(String.class); user.addProperty((UserProperty) c.newInstance(si.email)); } catch (ReflectiveOperationException e) { throw new RuntimeException(e); } } user.save(); return user; }
/** * Call this method to authenticate the user when you confirmed (via your protocol specific work) that * the current HTTP request indeed owns this identifier. * * <p> * This method will locate the user who owns this identifier, associate the credential with * the current session. IOW, it signs in the user. * * @throws UnclaimedIdentityException * If this identifier is not claimed by anyone. If you just let this exception propagate * to the caller of your "doXyz" method, it will either render an error page or initiate * a user registration session (provided that {@link SecurityRealm} supports that.) */ @SuppressWarnings("ACL.impersonate") @Nonnull public User signin() throws UnclaimedIdentityException { User u = locateUser(); if (u!=null) { // login as this user UserDetails d = Jenkins.getInstance().getSecurityRealm().loadUserByUsername(u.getId()); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(d,"",d.getAuthorities()); token.setDetails(d); SecurityContextHolder.getContext().setAuthentication(token); return u; } else { // Unassociated identity. throw new UnclaimedIdentityException(this); } }
@Override protected int run() throws Exception { final Jenkins jenkins = Jenkins.getActiveInstance(); jenkins.checkPermission(Computer.CREATE); final Node newNode = (Node) Jenkins.XSTREAM2.fromXML(stdin); if (nodeName != null) { // Using deprecated method but it's contract is preserved newNode.setNodeName(nodeName); } if(newNode instanceof Slave) { //change userId too User user = User.current(); ((Slave) newNode).setUserId(user==null ? "anonymous" : user.getId()); } if (jenkins.getNode(newNode.getNodeName()) != null) { throw new IllegalStateException("Node '" + newNode.getNodeName() + "' already exists"); } jenkins.addNode(newNode); return 0; }
|| !Jenkins.getInstance().isUseSecurity()) { UserDetails userDetails = u.getUserDetailsForImpersonation(); Authentication auth = u.impersonate(userDetails);
@SuppressWarnings("deprecation") private Object readResolve() throws ObjectStreamException { if (user != null) { String id = user.getId(); if (id != null) { userId = id; } else { // The user field is not properly deserialized so id may be missing. Look the user up by fullname User user = User.get(this.user.getFullName(), true, Collections.emptyMap()); userId = user.getId(); } this.user = null; } return this; } }
@Override public Authentication getAuthentication() { if (authentication != null) { return authentication; } User u = User.get(descriptor.getHudsonUserName()); return u.impersonate(); } };
/** * Gets the user of the given name. * * @return the user of the given name (which may or may not be an id), if that person exists; else null * @see User#get(String,boolean) * @see User#getById(String, boolean) */ public @CheckForNull User getUser(String name) { return User.get(name, User.ALLOW_USER_CREATION_VIA_URL && hasPermission(ADMINISTER)); }
/** * Gets the {@link User} object representing the currently logged-in user, or null * if the current user is anonymous. * * @since 1.172 */ public static @CheckForNull User current() { return get(Jenkins.getAuthentication()); }
public static boolean isExcludedRecipient(User user, TaskListener listener) { Mailer.UserProperty prop = user.getProperty(Mailer.UserProperty.class); String[] testValues = new String[] { user.getFullName(), user.getId(), user.getDisplayName(), prop != null ? prop.getAddress() : null }; for(String testValue : testValues) { if(testValue != null && isExcludedRecipient(testValue, listener)) { return true; } } return false; }
@Override public String resolveCanonicalId(String idOrFullName, Map<String, ?> context) { for (User user : getAll()) { if (idOrFullName.equals(user.getFullName())) return user.getId(); } return null; }
Replacer(User u) { id = u.getId(); }