-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
11 changed files
with
455 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,3 +18,5 @@ build/ | |
|
||
# locally stored credentials | ||
test-keys.txt | ||
|
||
.DS_Store |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
32 changes: 32 additions & 0 deletions
32
src/main/java/com/cloudbees/plugins/deployer/sources/FilePathValidator.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
package com.cloudbees.plugins.deployer.sources; | ||
|
||
import hudson.FilePath; | ||
|
||
import java.io.File; | ||
import java.io.IOException; | ||
|
||
public class FilePathValidator { | ||
|
||
private FilePathValidator() { | ||
// to hide the implicit public constructor | ||
} | ||
|
||
/** | ||
* Checks whether a given child path is a descendant of a given parent path using {@link File#getCanonicalFile}. | ||
* | ||
* If the child path does not exist, this method will canonicalize path elements such as {@code /../} and | ||
* {@code /./} before comparing it to the parent path, and it will not throw an exception. If the child path | ||
* does exist, symlinks will be resolved before checking whether the child is a descendant of the parent path. | ||
* @param child FilePath | ||
* @param parent FilePath | ||
* @return boolean value of whether child path is a descendant of parent path | ||
* @throws IllegalStateException when child or parent FilePath represent remote file | ||
* @throws IOException when {@link File#getCanonicalFile} throws | ||
*/ | ||
public static boolean isDescendant(FilePath child, FilePath parent) throws IOException { | ||
if (child.isRemote() || parent.isRemote()) { | ||
throw new IllegalStateException("Directory path '" + parent + "' is not located on the controller"); | ||
} | ||
return new File(child.getRemote()).getCanonicalFile().toPath().startsWith(new File(parent.getRemote()).getCanonicalPath()); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
60 changes: 60 additions & 0 deletions
60
src/test/java/com/cloudbees/plugins/deployer/DeployNowRunActionTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
package com.cloudbees.plugins.deployer; | ||
|
||
import com.gargoylesoftware.htmlunit.Page; | ||
import hudson.model.FreeStyleProject; | ||
import hudson.model.Item; | ||
import hudson.model.Result; | ||
import jenkins.model.Jenkins; | ||
import org.junit.Before; | ||
import org.junit.Rule; | ||
import org.junit.Test; | ||
import org.jvnet.hudson.test.Issue; | ||
import org.jvnet.hudson.test.JenkinsRule; | ||
import org.jvnet.hudson.test.MockAuthorizationStrategy; | ||
|
||
import java.io.File; | ||
import java.net.HttpURLConnection; | ||
|
||
import static org.hamcrest.MatcherAssert.assertThat; | ||
import static org.hamcrest.Matchers.is; | ||
|
||
public class DeployNowRunActionTest { | ||
|
||
@Rule | ||
public JenkinsRule r = new JenkinsRule(); | ||
|
||
@Issue("SECURITY-2205") | ||
@Test | ||
public void doDeployTextWhenUserWithoutPermissionThenShouldReturnStatusForbidden() throws Exception { | ||
FreeStyleProject project = r.createFreeStyleProject("test"); | ||
r.assertBuildStatus(Result.SUCCESS, project.scheduleBuild2(1)); | ||
|
||
JenkinsRule.WebClient webClient = r.createWebClient().withThrowExceptionOnFailingStatusCode(false); | ||
|
||
webClient.login("user"); | ||
Page page = webClient.goTo("job/" + project.getName() + "/" + project.getLastSuccessfulBuild().getNumber() + "/deploy-now/deployText"); | ||
assertThat(page.getWebResponse().getStatusCode(), is(HttpURLConnection.HTTP_FORBIDDEN)); | ||
} | ||
|
||
@Issue("SECURITY-2205") | ||
@Test | ||
public void doDeployTextWhenUserWithDeployPermissionThenShouldReturnOk() throws Exception { | ||
FreeStyleProject project = r.createFreeStyleProject("test1"); | ||
r.assertBuildStatus(Result.SUCCESS, project.scheduleBuild2(1)); | ||
File logFile = new File(project.getLastSuccessfulBuild().getRootDir() + "/cloudbees-deploy-now.log"); | ||
logFile.createNewFile(); | ||
|
||
JenkinsRule.WebClient webClient = r.createWebClient().withThrowExceptionOnFailingStatusCode(false); | ||
webClient.login("admin"); | ||
Page page = webClient.goTo("job/" + project.getName() + "/" + project.getLastSuccessfulBuild().getNumber() + "/deploy-now/deployText", "text/plain"); | ||
assertThat(page.getWebResponse().getStatusCode(), is(HttpURLConnection.HTTP_OK)); | ||
} | ||
|
||
@Before | ||
public void setUpAuthorization() { | ||
r.jenkins.setSecurityRealm(r.createDummySecurityRealm()); | ||
r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy() | ||
.grant(Jenkins.ADMINISTER, DeployNowRunAction.DEPLOY).everywhere().to("admin") | ||
.grant(Jenkins.READ, Item.READ).everywhere().to("user")); | ||
} | ||
} |
93 changes: 93 additions & 0 deletions
93
src/test/java/com/cloudbees/plugins/deployer/sources/FixedDirectoryDeploySourceTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
package com.cloudbees.plugins.deployer.sources; | ||
|
||
import com.gargoylesoftware.htmlunit.Page; | ||
import hudson.Util; | ||
import hudson.model.FreeStyleProject; | ||
import hudson.model.Item; | ||
import hudson.model.Result; | ||
import hudson.model.TaskListener; | ||
import jenkins.model.Jenkins; | ||
import org.junit.Before; | ||
import org.junit.Rule; | ||
import org.junit.Test; | ||
import org.jvnet.hudson.test.Issue; | ||
import org.jvnet.hudson.test.JenkinsRule; | ||
import org.jvnet.hudson.test.MockAuthorizationStrategy; | ||
|
||
import java.io.File; | ||
import java.net.HttpURLConnection; | ||
|
||
import static org.hamcrest.MatcherAssert.assertThat; | ||
import static org.hamcrest.Matchers.containsString; | ||
import static org.hamcrest.Matchers.is; | ||
|
||
public class FixedDirectoryDeploySourceTest { | ||
|
||
@Rule | ||
public JenkinsRule r = new JenkinsRule(); | ||
|
||
private FreeStyleProject project; | ||
|
||
@Issue("SECURITY-2206") | ||
@Test | ||
public void doCheckDirectoryPathWhenUserWithoutPermissionThenStatusForbidden() throws Exception { | ||
project = r.createFreeStyleProject(); | ||
|
||
JenkinsRule.WebClient webClient = r.createWebClient().withThrowExceptionOnFailingStatusCode(false); | ||
webClient.login("user"); | ||
Page page = webClient.goTo("job/" + project.getName() +"/descriptorByName/com.cloudbees.plugins.deployer.sources.FixedDirectoryDeploySource/checkDirectoryPath?fromWorkspace=true&value=value"); | ||
|
||
assertThat(page.getWebResponse().getStatusCode(), is(HttpURLConnection.HTTP_FORBIDDEN)); | ||
} | ||
|
||
@Issue("SECURITY-2206") | ||
@Test | ||
public void doCheckDirectoryPathWhenPathTraversalThenReturnError() throws Exception { | ||
project = r.createFreeStyleProject(); | ||
r.assertBuildStatus(Result.SUCCESS, project.scheduleBuild2(1)); | ||
|
||
JenkinsRule.WebClient webClient = r.createWebClient().withThrowExceptionOnFailingStatusCode(false); | ||
webClient.login("admin"); | ||
Page page = webClient.goTo("job/" + project.getName() +"/descriptorByName/com.cloudbees.plugins.deployer.sources.FixedDirectoryDeploySource/checkDirectoryPath?fromWorkspace=true&value=../../secret"); | ||
|
||
assertThat(page.getWebResponse().getContentAsString(), containsString("Directory path '../../secret' is not contained within the workspace for")); | ||
} | ||
|
||
@Issue("SECURITY-2206") | ||
@Test | ||
public void doCheckDirectoryPathWhenValueIsSymlinkThenReturnError() throws Exception { | ||
project = r.createFreeStyleProject(); | ||
r.assertBuildStatus(Result.SUCCESS, project.scheduleBuild2(1)); | ||
Util.createSymlink(new File(project.getSomeWorkspace().getRemote()), r.jenkins.getRootDir().getAbsolutePath(), "temp_link", TaskListener.NULL); | ||
|
||
JenkinsRule.WebClient webClient = r.createWebClient().withThrowExceptionOnFailingStatusCode(false); | ||
webClient.login("admin"); | ||
Page page = webClient.goTo("job/" + project.getName() +"/descriptorByName/com.cloudbees.plugins.deployer.sources.FixedDirectoryDeploySource/checkDirectoryPath?fromWorkspace=true&value=temp_link"); | ||
|
||
assertThat(page.getWebResponse().getContentAsString(), containsString("Directory path 'temp_link' is not contained within the workspace for")); | ||
} | ||
|
||
@Issue("SECURITY-2206") | ||
@Test | ||
public void doCheckDirectoryPathWhenParamsValidThenReturnOk() throws Exception { | ||
project = r.createFreeStyleProject(); | ||
r.assertBuildStatus(Result.SUCCESS, project.scheduleBuild2(1)); | ||
|
||
project.getSomeWorkspace().child("test").mkdirs(); | ||
|
||
JenkinsRule.WebClient webClient = r.createWebClient().withThrowExceptionOnFailingStatusCode(false); | ||
webClient.login("admin"); | ||
Page page = webClient.goTo("job/" + project.getName() +"/descriptorByName/com.cloudbees.plugins.deployer.sources.FixedDirectoryDeploySource/checkDirectoryPath?fromWorkspace=true&value=test"); | ||
|
||
assertThat(page.getWebResponse().getStatusCode(), is(HttpURLConnection.HTTP_OK)); | ||
assertThat(page.getWebResponse().getContentAsString(), is("<div/>")); | ||
} | ||
|
||
@Before | ||
public void setUpAuthorization() { | ||
r.jenkins.setSecurityRealm(r.createDummySecurityRealm()); | ||
r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy() | ||
.grant(Jenkins.ADMINISTER).everywhere().to("admin") | ||
.grant(Jenkins.READ, Item.READ).everywhere().to("user")); | ||
} | ||
} |
Oops, something went wrong.