private String calcEtag(Username username, List<GoDashboardPipelineGroup> pipelineGroups, List<GoDashboardEnvironment> environments) { final String pipelineSegment = pipelineGroups.stream(). map(GoDashboardPipelineGroup::etag).collect(Collectors.joining(SEP_CHAR)); final String environmentSegment = environments.stream(). map(GoDashboardEnvironment::etag).collect(Collectors.joining(SEP_CHAR)); return DigestUtils.md5Hex(StringUtils.joinWith(SEP_CHAR, username.getUsername(), pipelineSegment, environmentSegment)); }
private String calcPipelinesDataEtag(Username username, List<PipelineConfigs> pipelineConfigs) { final HashMap<String, List<CaseInsensitiveString>> pipelinesDataSegment = new HashMap<>(); for (PipelineConfigs group : pipelineConfigs) { final List<PipelineConfig> pipelines = group.getPipelines(); if (!pipelines.isEmpty()) { List<CaseInsensitiveString> pipelineNames = pipelines.stream().map(PipelineConfig::name).collect(Collectors.toList()); pipelinesDataSegment.put(group.getGroup(), pipelineNames); } } return DigestUtils.md5Hex(StringUtils.joinWith("/", username.getUsername(), pipelinesDataSegment)); } }
public boolean hasAdminPermissionsForPipeline(Username username, CaseInsensitiveString pipelineName) { String groupName = goConfigService.findGroupNameByPipeline(pipelineName); if (groupName == null) { return true; } return isUserAdminOfGroup(username.getUsername(), groupName); }
public List<PipelineConfig> getAllPipelineConfigsForEditForUser(Username username) { ArrayList<PipelineConfig> pipelineConfigs = new ArrayList<>(); List<String> groupsForUser = getConfigForEditing().getGroupsForUser(username.getUsername(), rolesForUser(username.getUsername())); for (String groupName : groupsForUser) { pipelineConfigs.addAll(getAllPipelinesForEditInGroup(groupName).getPipelines()); } return pipelineConfigs; }
public List<CaseInsensitiveString> viewablePipelinesFor(Username username) { List<CaseInsensitiveString> pipelines = new ArrayList<>(); for (String group : goConfigService.allGroups()) { if (hasViewPermissionForGroup(CaseInsensitiveString.str(username.getUsername()), group)) { pipelines.addAll(goConfigService.pipelines(group)); } } return pipelines; }
public static BuildCause createManualForced(MaterialRevisions materialRevisions, Username username) { if (username == null) { throw new IllegalArgumentException("Username cannot be null"); } String message = String.format("Forced by %s", username.getDisplayName()); return new BuildCause(materialRevisions, BuildTrigger.forForced(message), CaseInsensitiveString.str(username.getUsername())); }
public static void toJSON(OutputWriter writer, UserToRepresent user) { writer.addLinks(linksWriter -> linksWriter .addLink("self", String.format("%s/%s", Routes.Users.BASE, user.getUsername().getUsername().toString())) .addLink("find", String.format("%s%s", Routes.Users.BASE, Routes.Users.USER_NAME)) .addAbsoluteLink("doc", Routes.Users.DOC)); represent(writer, user); }
private boolean userDoesNotHaveViewPermission(Username user, LocalizedOperationResult operationResult) { if (!securityService.hasViewPermissionForPipeline(user, pipelineName)) { operationResult.forbidden("User '" + CaseInsensitiveString.str(user.getUsername()) + "' does not have view permission on pipeline '" + pipelineName + "'", forbiddenForPipeline(pipelineName)); return true; } return false; } }
private boolean isAuthorized() { if (goConfigService.isAdministrator(username.getUsername())) { return true; } result.forbidden(forbiddenToEdit(), forbidden()); return false; }
private boolean isAuthorized() { if (!(goConfigService.isUserAdmin(username) || goConfigService.isGroupAdministrator(username.getUsername()))) { result.forbidden(forbiddenToEdit(), forbidden()); return false; } return true; } }
@Override public boolean canContinue(CruiseConfig cruiseConfig) { if (!goConfigService.isAdministrator(username.getUsername())) { result.forbidden(LocalizedMessage.forbiddenToEditResource("environment", environmentConfig.name(), username.getDisplayName()), HealthStateType.forbidden()); return false; } return true; }
public boolean canEditPipeline(String pipelineName, Username username) { PipelineConfig pipelineConfig; try { pipelineConfig = pipelineConfigNamed(new CaseInsensitiveString(pipelineName)); } catch (PipelineNotFoundException e) { return false; } return pipelineConfig != null && pipelineConfig.isLocal() && isUserAdminOfGroup(username.getUsername(), findGroupNameByPipeline(pipelineConfig.name())); }
public void checkPermission(CruiseConfig cruiseConfig, LocalizedOperationResult result) { String groupName = cruiseConfig.getGroups().findGroupNameByPipeline(new CaseInsensitiveString(pipeline)); if (!securityService.isUserAdminOfGroup(username.getUsername(), groupName)) { result.forbidden(LocalizedMessage.forbiddenToEdit(), null); } }
private void populateStageOperatePermission(PipelineInstanceModel pipelineInstanceModel, Username username) { for (StageInstanceModel stage : pipelineInstanceModel.getStageHistory()) { stage.setOperatePermission(securityService.hasOperatePermissionForStage(pipelineInstanceModel.getName(), stage.getName(), CaseInsensitiveString.str(username.getUsername()))); } }
@Override public boolean canContinue(CruiseConfig cruiseConfig) { if (goConfigService.groups().hasGroup(groupName) && !goConfigService.isUserAdminOfGroup(currentUser.getUsername(), groupName)) { result.forbidden(forbiddenToEditGroup(groupName), forbidden()); return false; } return true; } }
private GoDashboardEnvironment dashboardEnvironmentFor(EnvironmentConfig environment, DashboardFilter filter, Username user, Users allowedUsers, GoDashboardPipelines allPipelines) { GoDashboardEnvironment env = new GoDashboardEnvironment(environment.name().toString(), allowedUsers); environment.getPipelineNames().forEach(pipelineName -> { GoDashboardPipeline pipeline = allPipelines.find(pipelineName); if (null != pipeline && pipeline.canBeViewedBy(user.getUsername().toString()) && filter.isPipelineVisible(pipelineName)) { env.addPipeline(pipeline); } }); return env; }
public void updateComment(String pipelineName, int pipelineCounter, String comment, Username username, HttpLocalizedOperationResult result) { if (!Toggles.isToggleOn(Toggles.PIPELINE_COMMENT_FEATURE_TOGGLE_KEY)) { result.notImplemented("'Pipeline Comment' feature is turned off. Please turn it on to use it."); return; } if (securityService.hasOperatePermissionForPipeline(username.getUsername(), pipelineName)) { pipelineDao.updateComment(pipelineName, pipelineCounter, comment); } else { result.forbidden("You do not have operate permissions for pipeline '" + pipelineName + "'.", HealthStateType.general(HealthStateScope.forPipeline(pipelineName))); } }
@Override public boolean canContinue(CruiseConfig cruiseConfig) { String groupName = goConfigService.findGroupNameByPipeline(pipelineConfig.name()); if (goConfigService.groups().hasGroup(groupName) && !goConfigService.isUserAdminOfGroup(currentUser.getUsername(), groupName)) { result.forbidden(LocalizedMessage.forbiddenToDelete("Pipeline", pipelineConfig.getName()), HealthStateType.forbidden()); return false; } return true; } }
private void populateCanRunStatus(Username username, PipelineInstanceModel pipelineInstanceModel) { for (StageInstanceModel stageHistoryItem : pipelineInstanceModel.getStageHistory()) { boolean canRun = scheduleService.canRun( pipelineInstanceModel.getPipelineIdentifier(), stageHistoryItem.getName(), CaseInsensitiveString.str(username.getUsername()), pipelineInstanceModel.hasPreviousStageBeenScheduled( stageHistoryItem.getName())); stageHistoryItem.setCanRun(canRun); } populatePipelineCanRunStatus(username, pipelineInstanceModel); }
public static void represent(OutputWriter childWriter, UserToRepresent user) { childWriter.add("login_name", user.getUsername().getUsername().toString()) .add("display_name", user.getDisplayName()) .add("enabled", user.isEnabled()) .add("email", user.getEmail()) .add("email_me", user.isEmailMe()) .add("is_admin", user.isAdmin()) .addChildList("roles", listWriter -> user.getRoles().forEach(role -> listWriter.addChild(propertyWriter -> RoleRepresenter.toJSON(propertyWriter, role)))) .addChildList("checkin_aliases", user.getMatchers()); }