Skip to content
Permalink
Browse files

[JENKINS-38048] Permits credentialsId dropdowns to be used from a glo…

…bal configuration screen.
  • Loading branch information
jglick committed Sep 8, 2016
1 parent f6ace83 commit b52b095c8310c607d28120b3a20137eacc58a64c
@@ -5,7 +5,6 @@
import com.cloudbees.plugins.credentials.common.StandardCredentials;
import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials;
import com.cloudbees.plugins.credentials.domains.URIRequirementBuilder;
import hudson.EnvVars;
import hudson.Extension;
import hudson.Util;
@@ -36,6 +35,7 @@

import static hudson.Util.fixEmpty;
import static hudson.Util.fixEmptyAndTrim;
import javax.annotation.CheckForNull;

@ExportedBean
public class UserRemoteConfig extends AbstractDescribableImpl<UserRemoteConfig> implements Serializable {
@@ -85,7 +85,8 @@ public String toString() {
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item project,
@QueryParameter String url,
@QueryParameter String credentialsId) {
if (project == null || !project.hasPermission(Item.EXTENDED_READ)) {
if (project == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
project != null && !project.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel().includeCurrentValue(credentialsId);
}
return new StandardListBoxModel()
@@ -104,7 +105,8 @@ public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item project,
public FormValidation doCheckCredentialsId(@AncestorInPath Item project,
@QueryParameter String url,
@QueryParameter String value) {
if (project == null || !project.hasPermission(Item.EXTENDED_READ)) {
if (project == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
project != null && !project.hasPermission(Item.EXTENDED_READ)) {
return FormValidation.ok();
}

@@ -149,7 +151,8 @@ public FormValidation doCheckUrl(@AncestorInPath Item item,

// Normally this permission is hidden and implied by Item.CONFIGURE, so from a view-only form you will not be able to use this check.
// (TODO under certain circumstances being granted only USE_OWN might suffice, though this presumes a fix of JENKINS-31870.)
if (item == null || !item.hasPermission(CredentialsProvider.USE_ITEM)) {
if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
item != null && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return FormValidation.ok();
}

@@ -185,7 +188,7 @@ public FormValidation doCheckUrl(@AncestorInPath Item item,
return FormValidation.ok();
}

private static StandardCredentials lookupCredentials(Item project, String credentialId, String uri) {
private static StandardCredentials lookupCredentials(@CheckForNull Item project, String credentialId, String uri) {
return (credentialId == null) ? null : CredentialsMatchers.firstOrNull(
CredentialsProvider.lookupCredentials(StandardCredentials.class, project, ACL.SYSTEM,
GitURIRequirementsBuilder.fromUri(uri).build()),
@@ -192,7 +192,8 @@ public String getDisplayName() {
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath SCMSourceOwner context,
@QueryParameter String remote,
@QueryParameter String credentialsId) {
if (context == null || !context.hasPermission(Item.EXTENDED_READ)) {
if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
context != null && !context.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel().includeCurrentValue(credentialsId);
}
return new StandardListBoxModel()
@@ -209,7 +210,8 @@ public ListBoxModel doFillCredentialsIdItems(@AncestorInPath SCMSourceOwner cont
public FormValidation doCheckCredentialsId(@AncestorInPath SCMSourceOwner context,
@QueryParameter String url,
@QueryParameter String value) {
if (context == null || !context.hasPermission(Item.EXTENDED_READ)) {
if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
context != null && !context.hasPermission(Item.EXTENDED_READ)) {
return FormValidation.ok();
}

0 comments on commit b52b095

Please sign in to comment.
You can’t perform that action at this time.