return FormValidation.error(Messages.BuildTrigger_NotBuildable(projectName)); Authentication auth = Tasks.getAuthenticationOf(project); if (!item.hasPermission(auth, Item.BUILD)) { return FormValidation.error(Messages.BuildTrigger_you_have_no_permission_to_build_(projectName));
Authentication auth = Tasks.getAuthenticationOf((Queue.Task) job);
/** * Helper method to get the default authentication to use for an {@link Item}. */ @NonNull /*package*/ static Authentication getDefaultAuthenticationOf(Item item) { if (item instanceof Queue.Task) { return Tasks.getAuthenticationOf((Queue.Task) item); } else { return ACL.SYSTEM; } }
@NonNull @Nonnull protected Authentication getAuthentication(Item item) { return item instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) item) : ACL.SYSTEM; }
/** * Helper method to get the default authentication to use for an {@link Item}. */ @NonNull /*package*/ static Authentication getDefaultAuthenticationOf(Item item) { if (item instanceof Queue.Task) { return Tasks.getAuthenticationOf((Queue.Task) item); } else { return ACL.SYSTEM; } }
public boolean isUpstreamBuildVisibleByDownstreamBuildAuth(@Nonnull WorkflowJob upstreamPipeline, @Nonnull Queue.Task downstreamPipeline) { Authentication auth = Tasks.getAuthenticationOf(downstreamPipeline); Authentication downstreamPipelineAuth; if (auth.equals(ACL.SYSTEM) && !QueueItemAuthenticatorConfiguration.get().getAuthenticators().isEmpty()) { downstreamPipelineAuth = Jenkins.ANONYMOUS; // cf. BuildTrigger } else { downstreamPipelineAuth = auth; } try (ACLContext ignored = ACL.as(downstreamPipelineAuth)) { WorkflowJob upstreamPipelineObtainedAsImpersonated = getItemByFullName(upstreamPipeline.getFullName(), WorkflowJob.class); boolean result = upstreamPipelineObtainedAsImpersonated != null; LOGGER.log(Level.FINE, "isUpstreamBuildVisibleByDownstreamBuildAuth({0}, {1}): taskAuth: {2}, downstreamPipelineAuth: {3}, upstreamPipelineObtainedAsImpersonated:{4}, result: {5}", new Object[]{upstreamPipeline, downstreamPipeline, auth, downstreamPipelineAuth, upstreamPipelineObtainedAsImpersonated, result}); return result; } }
? Tasks.getAuthenticationOf((Queue.Task) project) : ACL.SYSTEM, GitURIRequirementsBuilder.fromUri(url).build(),
return FormValidation.error(Messages.BuildTrigger_NotBuildable(projectName)); Authentication auth = Tasks.getAuthenticationOf(project); if (!item.getACL().hasPermission(auth, Item.BUILD)) { return FormValidation.error(Messages.BuildTrigger_you_have_no_permission_to_build_(projectName));
public ListBoxModel doFillCredentialsItems(@AncestorInPath Item context) { if (context == null || !context.hasPermission(Item.CONFIGURE)) { return new ListBoxModel(); } return new StandardListBoxModel() .includeEmptyValue() .includeMatchingAs( context instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) context) : ACL.SYSTEM, context, StandardUsernamePasswordCredentials.class, Collections.emptyList(), CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class)) .includeMatchingAs(context instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) context) : ACL.SYSTEM, context, AmazonWebServicesCredentials.class, Collections.emptyList(), CredentialsMatchers.instanceOf(AmazonWebServicesCredentials.class)); } }
context, context instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) context) : ACL.SYSTEM, URIRequirementBuilder.fromUri(remote).build(),
Authentication auth = Tasks.getAuthenticationOf((ParameterizedJobMixIn.ParameterizedJob)project); if (auth.equals(ACL.SYSTEM) && !QueueItemAuthenticatorConfiguration.get().getAuthenticators().isEmpty()) { auth = Jenkins.ANONYMOUS;
public static Optional<StandardCredentials> findCredentials( Item item, String credentialsId, String uri) { if (isNullOrEmpty(credentialsId)) { return absent(); } return fromNullable( CredentialsMatchers.firstOrNull( CredentialsProvider.lookupCredentials( StandardCredentials.class, item, item instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) item) : ACL.SYSTEM, URIRequirementBuilder.fromUri(uri).build()), CredentialsMatchers.allOf( CredentialsMatchers.withId(credentialsId), CredentialsMatchers.anyOf( CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class), CredentialsMatchers.instanceOf(StringCredentials.class))))); }
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item project, @QueryParameter String url, @QueryParameter String credentialsId) { if (project == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) || project != null && !project.hasPermission(Item.EXTENDED_READ)) { return new StandardListBoxModel().includeCurrentValue(credentialsId); } if (project == null) { /* Construct a fake project */ project = new FreeStyleProject(Jenkins.getInstance(), "fake-" + UUID.randomUUID().toString()); } return new StandardListBoxModel() .includeEmptyValue() .includeMatchingAs( project instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) project) : ACL.SYSTEM, project, StandardUsernameCredentials.class, GitURIRequirementsBuilder.fromUri(url).build(), GitClient.CREDENTIALS_MATCHER) .includeCurrentValue(credentialsId); }
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item context, @QueryParameter String remote, @QueryParameter String credentialsId) { if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) || context != null && !context.hasPermission(Item.EXTENDED_READ)) { return new StandardListBoxModel().includeCurrentValue(credentialsId); } return new StandardListBoxModel() .includeEmptyValue() .includeMatchingAs( context instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task)context) : ACL.SYSTEM, context, StandardUsernameCredentials.class, URIRequirementBuilder.fromUri(remote).build(), GitClient.CREDENTIALS_MATCHER) .includeCurrentValue(credentialsId); }
@Override public void run() { SecurityContext context = ACL.impersonate(Tasks.getAuthenticationOf(wi.task)); try {
Authentication auth = Tasks.getAuthenticationOf((Queue.Task) job);
public static ListBoxModel doFillCredentialsIdItems(Item item, String credentialsId, String uri) { StandardListBoxModel result = new StandardListBoxModel(); if (item == null) { if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) { return result.includeCurrentValue(credentialsId); } } else { if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) { return result.includeCurrentValue(credentialsId); } } return result // .includeEmptyValue() // .includeMatchingAs( item instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) item) : ACL.SYSTEM, item, StandardCredentials.class, URIRequirementBuilder.fromUri(uri).build(), CredentialsMatchers.anyOf( CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class), CredentialsMatchers.instanceOf(StringCredentials.class))) .includeCurrentValue(credentialsId); }