Skip to content
Permalink
Browse files
Merge pull request #8 from ikedam/feature/JENKINS-26670_SupportWorkfl…
…owJob

[FIXED JENKINS-26670] Support Job including WorkflowJob
  • Loading branch information
ikedam committed May 16, 2015
2 parents 440d75a + 135849e commit 9365f685c1fb5e89594a18fac8de9a92b19a99dc
26 pom.xml
@@ -4,6 +4,7 @@
<groupId>org.jenkins-ci.plugins</groupId>
<artifactId>plugin</artifactId>
<version>1.532</version><!-- QueueItemAuthenticator is since 1.520 -->
<!--<version>1.580.1</version>--><!-- When you test the integration with workflow -->
</parent>

<groupId>org.jenkins-ci.plugins</groupId>
@@ -39,8 +40,33 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<workflow.version>1.0</workflow.version>
</properties>

<dependencies>
<!-- When you test the integration with workflow -->
<!--
<dependency>
<groupId>org.jenkins-ci.plugins.workflow</groupId>
<artifactId>workflow-job</artifactId>
<version>${workflow.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.jenkins-ci.plugins.workflow</groupId>
<artifactId>workflow-basic-steps</artifactId>
<version>${workflow.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.jenkins-ci.plugins.workflow</groupId>
<artifactId>workflow-cps</artifactId>
<version>${workflow.version}</version>
<scope>test</scope>
</dependency>
-->
</dependencies>

<!-- get every artifact through repo.jenkins-ci.org, which proxies all the artifacts that we need -->
<repositories>
<repository>
@@ -40,14 +40,13 @@
import hudson.model.JobProperty;
import hudson.model.JobPropertyDescriptor;
import hudson.model.Queue;
import hudson.model.AbstractProject;
import hudson.model.Descriptor;
import hudson.security.AuthorizationStrategy;

/**
* Specifies how to authorize its builds.
*/
public class AuthorizeProjectProperty extends JobProperty<AbstractProject<?,?>> {
public class AuthorizeProjectProperty extends JobProperty<Job<?,?>> {
/**
* Property name used for job configuration page.
*/
@@ -80,7 +79,7 @@ public AuthorizeProjectProperty(AuthorizeProjectStrategy strategy) {
*
* @param item the item in queue, which will be a build.
* @return authorization for this build.
* @see AuthorizeProjectStrategy#authenticate(hudson.model.AbstractProject, hudson.model.Queue.Item)
* @see AuthorizeProjectStrategy#authenticate(hudson.model.Job, hudson.model.Queue.Item)
*/
public Authentication authenticate(Queue.Item item) {
if (getStrategy() == null) {
@@ -24,21 +24,27 @@

package org.jenkinsci.plugins.authorizeproject;

import java.util.logging.Level;
import java.util.logging.Logger;

import org.acegisecurity.Authentication;

import jenkins.model.Jenkins;
import hudson.DescriptorExtensionList;
import hudson.ExtensionPoint;
import hudson.Util;
import hudson.model.AbstractDescribableImpl;
import hudson.model.Queue;
import hudson.model.AbstractProject;
import hudson.model.Descriptor;
import hudson.model.Job;

/**
* Extension point to define a new strategy to authorize builds configured in project configuration pages.
*/
public abstract class AuthorizeProjectStrategy extends AbstractDescribableImpl<AuthorizeProjectStrategy>
implements ExtensionPoint {
private static final Logger LOGGER = Logger.getLogger(AuthorizeProjectStrategy.class.getName());
/**
* @return all the registered {@link AuthorizeProjectStrategy}.
*/
@@ -53,5 +59,35 @@ public static DescriptorExtensionList<AuthorizeProjectStrategy, Descriptor<Autho
* @param item the item in queue, which will be a build.
* @return
*/
public abstract Authentication authenticate(AbstractProject<?, ?> project, Queue.Item item);
public Authentication authenticate(Job<?, ?> project, Queue.Item item) {
if(!Util.isOverridden(
AuthorizeProjectStrategy.class,
getClass(),
"authenticate",
AbstractProject.class,
Queue.Item.class
)) {
throw new AbstractMethodError();
}

if (!(project instanceof AbstractProject)) {
Descriptor<?> d = Jenkins.getInstance().getDescriptor(getClass());
LOGGER.log(
Level.WARNING,
"This authorization strategy ({0}) is designed for authorize-project < 1.1.0 and not applicable for non-AbstractProjects (like WorkflowJob). ignored.",
(d != null)?d.getDisplayName():getClass().getName()
);
return null;
}
return authenticate((AbstractProject<?,?>)project, item);
}

/**
* @deprecated use {@link #authenticate(hudson.model.Job, Queue.Item)} instead.
*/
@Deprecated
public Authentication authenticate(AbstractProject<?, ?> project, Queue.Item item) {
return authenticate((Job<?,?>)project, item);
}

}
@@ -28,6 +28,7 @@

import hudson.Extension;
import hudson.model.AbstractProject;
import hudson.model.Job;
import hudson.model.Queue;

import javax.annotation.CheckForNull;
@@ -61,11 +62,13 @@ public ProjectQueueItemAuthenticator() {
@Override
@CheckForNull
public Authentication authenticate(Queue.Item item) {
if (!(item.task instanceof AbstractProject)) {
// This handles only AbstractProject.
if (!(item.task instanceof Job)) {
return null;
}
AbstractProject<?, ?> project = ((AbstractProject<?,?>)item.task).getRootProject();
Job<?, ?> project = (Job<?,?>)item.task;
if (project instanceof AbstractProject) {
project = ((AbstractProject<?,?>)project).getRootProject();
}
AuthorizeProjectProperty prop = project.getProperty(AuthorizeProjectProperty.class);
if (prop == null) {
return null;
@@ -26,8 +26,8 @@

import jenkins.model.Jenkins;
import hudson.Extension;
import hudson.model.Job;
import hudson.model.Queue;
import hudson.model.AbstractProject;

import org.acegisecurity.Authentication;
import org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy;
@@ -51,10 +51,10 @@ public AnonymousAuthorizationStrategy() {
* @param project
* @param item
* @return anonymous authorization
* @see org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy#authenticate(hudson.model.AbstractProject, hudson.model.Queue.Item)
* @see org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy#authenticate(hudson.model.Job, hudson.model.Queue.Item)
*/
@Override
public Authentication authenticate(AbstractProject<?, ?> project, Queue.Item item) {
public Authentication authenticate(Job<?, ?> project, Queue.Item item) {
return Jenkins.ANONYMOUS;
}

@@ -38,6 +38,7 @@
import hudson.model.AbstractProject;
import hudson.model.Descriptor;
import hudson.model.Descriptor.FormException;
import hudson.model.Job;
import hudson.security.ACL;
import hudson.util.FormValidation;
import net.sf.json.JSONObject;
@@ -96,10 +97,10 @@ public SpecificUsersAuthorizationStrategy(String userid, boolean noNeedReauthent
* @param project
* @param item
* @return
* @see org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy#authenticate(hudson.model.AbstractProject, hudson.model.Queue.Item)
* @see org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy#authenticate(hudson.model.Job, hudson.model.Queue.Item)
*/
@Override
public Authentication authenticate(AbstractProject<?, ?> project, Queue.Item item) {
public Authentication authenticate(Job<?, ?> project, Queue.Item item) {
User u = User.get(getUserid(), false, Collections.emptyMap());
if (u == null) {
// fallback to anonymous
@@ -164,7 +165,7 @@ protected static boolean isAuthenticateionRequired(
* @param project
* @return
*/
protected static SpecificUsersAuthorizationStrategy getCurrentStrategy(AbstractProject<?,?> project) {
protected static SpecificUsersAuthorizationStrategy getCurrentStrategy(Job<?,?> project) {
if (project == null) {
return null;
}
@@ -181,6 +182,11 @@ protected static SpecificUsersAuthorizationStrategy getCurrentStrategy(AbstractP
return (SpecificUsersAuthorizationStrategy)prop.getStrategy();
}

@Deprecated
protected static SpecificUsersAuthorizationStrategy getCurrentStrategy(AbstractProject<?,?> project) {
return getCurrentStrategy((Job<?,?>)project);
}

/**
* Called when XSTREAM2 instantiates this from XML configuration.
*
@@ -315,7 +321,7 @@ public SpecificUsersAuthorizationStrategy newInstance(StaplerRequest req, JSONOb
SpecificUsersAuthorizationStrategy strategy = newInstanceWithoutAuthentication(req, formData);

SpecificUsersAuthorizationStrategy currentStrategy
= getCurrentStrategy(req.findAncestorObject(AbstractProject.class));
= getCurrentStrategy(req.findAncestorObject(Job.class));

if (isAuthenticateionRequired(strategy, currentStrategy)) {
if (!authenticate(strategy, req, formData)) {
@@ -354,7 +360,7 @@ public String doCheckPasswordRequested(
SpecificUsersAuthorizationStrategy newStrategy = new SpecificUsersAuthorizationStrategy(userid, noNeedReauthentication);
return Boolean.toString(isAuthenticateionRequired(
newStrategy,
getCurrentStrategy(req.findAncestorObject(AbstractProject.class))
getCurrentStrategy(req.findAncestorObject(Job.class))
));
}

@@ -385,7 +391,7 @@ public FormValidation doCheckPassword(
SpecificUsersAuthorizationStrategy newStrategy = new SpecificUsersAuthorizationStrategy(userid, noNeedReauthentication);
if (!isAuthenticateionRequired(
newStrategy,
getCurrentStrategy(req.findAncestorObject(AbstractProject.class))
getCurrentStrategy(req.findAncestorObject(Job.class))
)) {
// authentication is not required.
return FormValidation.ok();
@@ -29,8 +29,8 @@
import hudson.model.Cause;
import hudson.model.Cause.UpstreamCause;
import hudson.model.Cause.UserIdCause;
import hudson.model.Job;
import hudson.model.Queue;
import hudson.model.AbstractProject;
import hudson.model.Run;
import hudson.model.User;
import java.util.Collections;
@@ -55,10 +55,10 @@ public TriggeringUsersAuthorizationStrategy() {
* @param project
* @param item
* @return
* @see org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy#authenticate(hudson.model.AbstractProject, hudson.model.Queue.Item)
* @see org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy#authenticate(hudson.model.Job, hudson.model.Queue.Item)
*/
@Override
public Authentication authenticate(AbstractProject<?, ?> project, Queue.Item item) {
public Authentication authenticate(Job<?, ?> project, Queue.Item item) {
Cause.UserIdCause cause = getRootUserIdCause(item);
if (cause != null) {
User u = User.get(cause.getUserId(), false, Collections.emptyMap());

0 comments on commit 9365f68

Please sign in to comment.