From 1313c422170a064dab0f9359324ff27e30a9f4a5 Mon Sep 17 00:00:00 2001 From: Mark Adamcin Date: Mon, 30 Sep 2019 17:41:38 -0700 Subject: [PATCH] add @RequirePOST annotation and checkPermission configure --- .../graniteclient/BuildPackageBuilder.java | 19 ++++-- .../graniteclient/DeployPackagesBuilder.java | 65 ++++++++++--------- .../DownloadPackagesBuilder.java | 23 ++++--- .../graniteclient/GraniteAHCFactory.java | 3 + .../PackageChoiceParameterDefinition.java | 23 ++++--- .../ReplicatePackagesBuilder.java | 27 ++++---- .../BuildPackageBuilder/config.jelly | 2 +- .../DeployPackagesBuilder/config.jelly | 2 +- .../DownloadPackagesBuilder/config.jelly | 2 +- .../GraniteAHCFactory/global.jelly | 2 +- .../config.jelly | 2 +- .../ReplicatePackagesBuilder/config.jelly | 2 +- 12 files changed, 100 insertions(+), 72 deletions(-) diff --git a/src/main/java/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder.java b/src/main/java/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder.java index 2c5eb57..0ba472e 100644 --- a/src/main/java/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder.java +++ b/src/main/java/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder.java @@ -27,10 +27,6 @@ package org.jenkinsci.plugins.graniteclient; -import java.io.IOException; -import javax.annotation.Nonnull; -import javax.servlet.ServletException; - import com.cloudbees.plugins.credentials.common.AbstractIdCredentialsListBoxModel; import hudson.Extension; import hudson.FilePath; @@ -53,6 +49,11 @@ import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.DataBoundSetter; import org.kohsuke.stapler.QueryParameter; +import org.kohsuke.stapler.interceptor.RequirePOST; + +import javax.annotation.Nonnull; +import javax.servlet.ServletException; +import java.io.IOException; /** * Implementation of the "Build a Content Package on CRX" build step @@ -89,7 +90,7 @@ public BuildPackageBuilder(String packageId, String baseUrl, String credentialsI } public void perform(@Nonnull Run build, @Nonnull FilePath workspace, @Nonnull Launcher launcher, - @Nonnull TaskListener listener) throws InterruptedException, IOException { + @Nonnull TaskListener listener) throws InterruptedException, IOException { Result result = Result.SUCCESS; Result buildResult = build.getResult(); @@ -269,18 +270,22 @@ public boolean isApplicable(Class aClass) { return true; } + @RequirePOST public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPath Item context, @QueryParameter("baseUrl") String baseUrl, @QueryParameter("value") String value) { + context.checkPermission(Item.CONFIGURE); return GraniteCredentialsListBoxModel.fillItems(value, context, baseUrl); } - public FormValidation doTestConnection(@QueryParameter("baseUrl") final String baseUrl, + @RequirePOST + public FormValidation doTestConnection(@AncestorInPath Item context, + @QueryParameter("baseUrl") final String baseUrl, @QueryParameter("credentialsId") final String credentialsId, @QueryParameter("requestTimeout") final long requestTimeout, @QueryParameter("serviceTimeout") final long serviceTimeout) throws IOException, ServletException { - + context.checkPermission(Item.CONFIGURE); return BaseUrlUtil.testOneConnection(baseUrl, credentialsId, requestTimeout, serviceTimeout); } diff --git a/src/main/java/org/jenkinsci/plugins/graniteclient/DeployPackagesBuilder.java b/src/main/java/org/jenkinsci/plugins/graniteclient/DeployPackagesBuilder.java index 4045ae7..9ccedd1 100644 --- a/src/main/java/org/jenkinsci/plugins/graniteclient/DeployPackagesBuilder.java +++ b/src/main/java/org/jenkinsci/plugins/graniteclient/DeployPackagesBuilder.java @@ -27,23 +27,6 @@ package org.jenkinsci.plugins.graniteclient; -import static org.jenkinsci.plugins.graniteclient.BaseUrlUtil.splitByNewline; - -import java.io.File; -import java.io.IOException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.Comparator; -import java.util.HashMap; -import java.util.HashSet; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; -import javax.annotation.Nonnull; -import javax.servlet.ServletException; - import com.cloudbees.plugins.credentials.common.AbstractIdCredentialsListBoxModel; import hudson.Extension; import hudson.FilePath; @@ -70,6 +53,24 @@ import org.kohsuke.stapler.DataBoundSetter; import org.kohsuke.stapler.QueryParameter; import org.kohsuke.stapler.StaplerRequest; +import org.kohsuke.stapler.interceptor.RequirePOST; + +import javax.annotation.Nonnull; +import javax.servlet.ServletException; +import java.io.File; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.Comparator; +import java.util.HashMap; +import java.util.HashSet; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import static org.jenkinsci.plugins.graniteclient.BaseUrlUtil.splitByNewline; /** * Implementation of the "Deploy Content Packages to CRX" build step @@ -354,17 +355,17 @@ private Map selectPackages(@Nonnull final Run build, Collections.sort( listed, Collections.reverseOrder( - new Comparator() { - public int compare(FilePath left, FilePath right) { - try { - return Long.compare(left.lastModified(), right.lastModified()); - } catch (Exception e) { - listener.error("Failed to compare a couple files: %s", e.getMessage()); + new Comparator() { + public int compare(FilePath left, FilePath right) { + try { + return Long.compare(left.lastModified(), right.lastModified()); + } catch (Exception e) { + listener.error("Failed to compare a couple files: %s", e.getMessage()); + } + return 0; + } } - return 0; - } - } - )); + )); for (FilePath path : listed) { PackId packId = path.act(new IdentifyPackageCallable()); @@ -485,9 +486,11 @@ public boolean configure(StaplerRequest req, JSONObject json) throws FormExcepti return true; } + @RequirePOST public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPath Item context, @QueryParameter("baseUrls") String baseUrls, @QueryParameter("value") String value) { + context.checkPermission(Item.CONFIGURE); List _baseUrls = splitByNewline(baseUrls); if (!_baseUrls.isEmpty()) { @@ -497,12 +500,14 @@ public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPat } } - public FormValidation doTestConnection(@QueryParameter("baseUrls") final String baseUrls, + @RequirePOST + public FormValidation doTestConnection(@AncestorInPath Item context, + @QueryParameter("baseUrls") final String baseUrls, @QueryParameter("credentialsId") final String credentialsId, @QueryParameter("requestTimeout") final long requestTimeout, @QueryParameter("serviceTimeout") final long serviceTimeout) throws IOException, ServletException { - + context.checkPermission(Item.CONFIGURE); return BaseUrlUtil.testManyConnections(baseUrls, credentialsId, requestTimeout, serviceTimeout); } @@ -515,7 +520,7 @@ public ListBoxModel doFillAcHandlingItems() { ACHandling.MERGE, ACHandling.OVERWRITE, ACHandling.CLEAR) - ) { + ) { model.add(mode.getLabel(), mode.name()); } return model; diff --git a/src/main/java/org/jenkinsci/plugins/graniteclient/DownloadPackagesBuilder.java b/src/main/java/org/jenkinsci/plugins/graniteclient/DownloadPackagesBuilder.java index 118ec1e..b81c80d 100644 --- a/src/main/java/org/jenkinsci/plugins/graniteclient/DownloadPackagesBuilder.java +++ b/src/main/java/org/jenkinsci/plugins/graniteclient/DownloadPackagesBuilder.java @@ -27,13 +27,6 @@ package org.jenkinsci.plugins.graniteclient; -import java.io.IOException; -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; -import javax.annotation.Nonnull; -import javax.servlet.ServletException; - import com.cloudbees.plugins.credentials.common.AbstractIdCredentialsListBoxModel; import hudson.Extension; import hudson.FilePath; @@ -55,6 +48,14 @@ import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.DataBoundSetter; import org.kohsuke.stapler.QueryParameter; +import org.kohsuke.stapler.interceptor.RequirePOST; + +import javax.annotation.Nonnull; +import javax.servlet.ServletException; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; /** * Implementation of the "Download Content Packages from CRX" build step @@ -268,18 +269,22 @@ public boolean isApplicable(Class aClass) { return true; } + @RequirePOST public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPath Item context, @QueryParameter("baseUrl") String baseUrl, @QueryParameter("value") String value) { + context.checkPermission(Item.CONFIGURE); return GraniteCredentialsListBoxModel.fillItems(value, context, baseUrl); } - public FormValidation doTestConnection(@QueryParameter("baseUrl") final String baseUrl, + @RequirePOST + public FormValidation doTestConnection(@AncestorInPath Item context, + @QueryParameter("baseUrl") final String baseUrl, @QueryParameter("credentialsId") final String credentialsId, @QueryParameter("requestTimeout") final long requestTimeout, @QueryParameter("serviceTimeout") final long serviceTimeout) throws IOException, ServletException { - + context.checkPermission(Item.CONFIGURE); return BaseUrlUtil.testOneConnection(baseUrl, credentialsId, requestTimeout, serviceTimeout); } diff --git a/src/main/java/org/jenkinsci/plugins/graniteclient/GraniteAHCFactory.java b/src/main/java/org/jenkinsci/plugins/graniteclient/GraniteAHCFactory.java index 0621ea3..ec5d04a 100644 --- a/src/main/java/org/jenkinsci/plugins/graniteclient/GraniteAHCFactory.java +++ b/src/main/java/org/jenkinsci/plugins/graniteclient/GraniteAHCFactory.java @@ -55,6 +55,7 @@ import org.kohsuke.stapler.AncestorInPath; import org.kohsuke.stapler.QueryParameter; import org.kohsuke.stapler.StaplerRequest; +import org.kohsuke.stapler.interceptor.RequirePOST; /** * Global extension and configurable factory for {@link AsyncHttpClient} instances @@ -144,8 +145,10 @@ public String getDisplayName() { return "CRX Content Package Deployer - HTTP Client"; } + @RequirePOST public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPath Item context, @QueryParameter("value") String value) { + context.checkPermission(Item.CONFIGURE); return GraniteCredentialsListBoxModel.fillItems(value, context); } diff --git a/src/main/java/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition.java b/src/main/java/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition.java index 98ce1c5..2480be6 100644 --- a/src/main/java/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition.java +++ b/src/main/java/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition.java @@ -27,13 +27,6 @@ package org.jenkinsci.plugins.graniteclient; -import java.io.IOException; -import java.util.ArrayList; -import java.util.Collections; -import java.util.Iterator; -import java.util.List; -import javax.servlet.ServletException; - import com.cloudbees.plugins.credentials.common.AbstractIdCredentialsListBoxModel; import hudson.Extension; import hudson.model.Item; @@ -52,6 +45,14 @@ import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.QueryParameter; import org.kohsuke.stapler.StaplerRequest; +import org.kohsuke.stapler.interceptor.RequirePOST; + +import javax.servlet.ServletException; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Iterator; +import java.util.List; /** * Implementation of the "CRX Content Package Choice Parameter" type @@ -68,18 +69,22 @@ public String getDisplayName() { return "CRX Content Package Choice Parameter"; } - public FormValidation doTestConnection(@QueryParameter("baseUrl") final String baseUrl, + @RequirePOST + public FormValidation doTestConnection(@AncestorInPath Item context, + @QueryParameter("baseUrl") final String baseUrl, @QueryParameter("credentialsId") final String credentialsId, @QueryParameter("requestTimeout") final long requestTimeout, @QueryParameter("serviceTimeout") final long serviceTimeout) throws IOException, ServletException { - + context.checkPermission(Item.CONFIGURE); return BaseUrlUtil.testOneConnection(baseUrl, credentialsId, requestTimeout, serviceTimeout); } + @RequirePOST public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPath Item context, @QueryParameter("baseUrl") String baseUrl, @QueryParameter("value") String value) { + context.checkPermission(Item.CONFIGURE); return GraniteCredentialsListBoxModel.fillItems(value, context, baseUrl); } diff --git a/src/main/java/org/jenkinsci/plugins/graniteclient/ReplicatePackagesBuilder.java b/src/main/java/org/jenkinsci/plugins/graniteclient/ReplicatePackagesBuilder.java index f7ec3d3..9a6b5d0 100644 --- a/src/main/java/org/jenkinsci/plugins/graniteclient/ReplicatePackagesBuilder.java +++ b/src/main/java/org/jenkinsci/plugins/graniteclient/ReplicatePackagesBuilder.java @@ -27,15 +27,6 @@ package org.jenkinsci.plugins.graniteclient; -import static org.jenkinsci.plugins.graniteclient.BaseUrlUtil.splitByNewline; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; -import javax.annotation.Nonnull; -import javax.servlet.ServletException; - import com.cloudbees.plugins.credentials.common.AbstractIdCredentialsListBoxModel; import hudson.Extension; import hudson.FilePath; @@ -57,6 +48,16 @@ import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.DataBoundSetter; import org.kohsuke.stapler.QueryParameter; +import org.kohsuke.stapler.interceptor.RequirePOST; + +import javax.annotation.Nonnull; +import javax.servlet.ServletException; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import static org.jenkinsci.plugins.graniteclient.BaseUrlUtil.splitByNewline; /** * Implementation of the "Replicate Content Packages from CRX" build step @@ -240,9 +241,11 @@ public boolean isApplicable(Class aClass) { return true; } + @RequirePOST public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPath Item context, @QueryParameter("baseUrls") String baseUrls, @QueryParameter("value") String value) { + context.checkPermission(Item.CONFIGURE); List _baseUrls = splitByNewline(baseUrls); if (!_baseUrls.isEmpty()) { @@ -252,12 +255,14 @@ public AbstractIdCredentialsListBoxModel doFillCredentialsIdItems(@AncestorInPat } } - public FormValidation doTestConnection(@QueryParameter("baseUrls") final String baseUrls, + @RequirePOST + public FormValidation doTestConnection(@AncestorInPath Item context, + @QueryParameter("baseUrls") final String baseUrls, @QueryParameter("credentialsId") final String credentialsId, @QueryParameter("requestTimeout") final long requestTimeout, @QueryParameter("serviceTimeout") final long serviceTimeout) throws IOException, ServletException { - + context.checkPermission(Item.CONFIGURE); return BaseUrlUtil.testManyConnections(baseUrls, credentialsId, requestTimeout, serviceTimeout); } diff --git a/src/main/resources/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder/config.jelly b/src/main/resources/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder/config.jelly index 1b967f3..e2278a5 100644 --- a/src/main/resources/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder/config.jelly +++ b/src/main/resources/org/jenkinsci/plugins/graniteclient/BuildPackageBuilder/config.jelly @@ -54,7 +54,7 @@ - + - + - + - + diff --git a/src/main/resources/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition/config.jelly b/src/main/resources/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition/config.jelly index 61543ae..c54df81 100644 --- a/src/main/resources/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition/config.jelly +++ b/src/main/resources/org/jenkinsci/plugins/graniteclient/PackageChoiceParameterDefinition/config.jelly @@ -68,7 +68,7 @@ - + - +