@Override public void update(CruiseConfig preprocessedConfig) throws Exception { preprocessedPipelineConfigs = findPipelineConfigs(preprocessedConfig, group); preprocessedPipelineConfigs.setAuthorization(authorization); }
@Override public void setAuthorization(Authorization authorization) { this.getAuthorizationPart().setAuthorization(authorization); }
public static PipelineConfigs fromJSON(JsonReader jsonReader) { PipelineConfigs pipelineConfigs = new BasicPipelineConfigs(); jsonReader.readStringIfPresent("name", pipelineConfigs::setGroup); if (jsonReader.hasJsonObject("authorization")) { Authorization authorization = AuthorizationRepresenter.fromJSON(jsonReader.readJsonObject("authorization")); pipelineConfigs.setAuthorization(authorization); } return pipelineConfigs; } }
@Test public void shouldDeleteGroupWithSameNameWhenEmpty() { PipelineConfigs group = createGroup("group", new PipelineConfig[] {}); group.setAuthorization(new Authorization(new ViewConfig(new AdminUser(new CaseInsensitiveString("user"))))); PipelineGroups groups = new PipelineGroups(group); groups.deleteGroup("group"); assertThat(groups.size(), is(0)); }
@Test public void shouldAddAuthorizationToPipelinesConfigForEditsWithUIOrigin_WhenFileHasNoPipelineGroupYet_AndForEdit() { BasicCruiseConfig mainCruiseConfig = new BasicCruiseConfig(); // only remotely defined group PartialConfig partialConfig = PartialConfigMother.withPipelineInGroup("pipe1", "group1"); partialConfig.setOrigins(new RepoConfigOrigin()); cruiseConfig = new BasicCruiseConfig(mainCruiseConfig, true, partialConfig); assertThat(cruiseConfig.getGroups().size(), is(1)); assertThat(cruiseConfig.getGroups().get(0) instanceof MergePipelineConfigs, is(true)); assertThat(cruiseConfig.getGroups().get(0).getGroup(), is("group1")); MergePipelineConfigs mergedEnv = (MergePipelineConfigs) cruiseConfig.getGroups().get(0); assertThat(mergedEnv.getLocal().getOrigin(), is(new UIConfigOrigin())); Authorization authorization = new Authorization(new AdminsConfig( new AdminUser(new CaseInsensitiveString("firstTemplate-admin")))); cruiseConfig.getGroups().get(0).setAuthorization(authorization); assertThat(mergedEnv.getLocal().getAuthorization(), is(authorization)); }
@Test public void shouldValidateStagePermissionsOfATemplateStageInTheContextOfPipelineUsingTheTemplate() { StageConfig stageConfig = StageConfigMother.custom("stage", new JobConfigs(new JobConfig(new CaseInsensitiveString("defaultJob")))); stageConfig.setApproval(new Approval(new AuthConfig(new AdminUser(new CaseInsensitiveString("non-admin-non-operate"))))); PipelineTemplateConfig template = PipelineTemplateConfigMother.createTemplate("template", stageConfig); PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfigWithTemplate("pipeline", "template"); pipelineConfig.usingTemplate(template); BasicCruiseConfig cruiseConfig = GoConfigMother.defaultCruiseConfig(); cruiseConfig.addTemplate(template); cruiseConfig.addPipelineWithoutValidation("group", pipelineConfig); PipelineConfigs group = cruiseConfig.findGroup("group"); group.setAuthorization(new Authorization(new ViewConfig(), new OperationConfig(new AdminUser(new CaseInsensitiveString("foo"))), new AdminsConfig())); cruiseConfig.server().security().securityAuthConfigs().add(new SecurityAuthConfig()); cruiseConfig.server().security().adminsConfig().add(new AdminUser(new CaseInsensitiveString("super-admin"))); template.validateTree(ConfigSaveValidationContext.forChain(cruiseConfig), cruiseConfig, false); assertThat(template.errors().getAllOn("name"), is(Arrays.asList("User \"non-admin-non-operate\" who is not authorized to operate pipeline group `group` can not be authorized to approve stage"))); }