From 5cab126a4b66adb105239207a6cc997976ba3699 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Evaristo=20Gutie=CC=81rrez?= Date: Thu, 3 Nov 2016 11:05:57 +0100 Subject: [PATCH 1/3] [JENKINS-39470] Migrate to 2.17 parent POM. Apply a couple fixes that avoided the build to finish successfully. --- pom.xml | 13 +++++++++---- src/main/resources/index.jelly | 1 + .../SecureRequesterImplTest.java | 15 ++++++++++----- 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/pom.xml b/pom.xml index 4db053f..a43275e 100644 --- a/pom.xml +++ b/pom.xml @@ -3,9 +3,9 @@ org.jenkins-ci.plugins plugin - - 1.537 + 2.17 + secure-requester-whitelist 1.1-SNAPSHOT hpi @@ -18,25 +18,30 @@ http://www.opensource.org/licenses/mit-license.php + scm:git:git://github.com/jenkinsci/${project.artifactId}-plugin.git scm:git:git@github.com:jenkinsci/${project.artifactId}-plugin.git https://github.com/jenkinsci/${project.artifactId}-plugin + repo.jenkins-ci.org http://repo.jenkins-ci.org/public/ + repo.jenkins-ci.org http://repo.jenkins-ci.org/public/ + - - 1 + 1.580.1 + 6 + false diff --git a/src/main/resources/index.jelly b/src/main/resources/index.jelly index 730ddfa..fc82b15 100644 --- a/src/main/resources/index.jelly +++ b/src/main/resources/index.jelly @@ -1,3 +1,4 @@ +
Allows an administrator to specify sites trusted to make JSONP or primitive-XPath REST API requests.
diff --git a/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java b/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java index 066a441..37c6a12 100644 --- a/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java +++ b/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java @@ -25,7 +25,7 @@ package org.jenkinsci.plugins.secure_requester_whitelist; import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException; -import com.gargoylesoftware.htmlunit.WebRequestSettings; +import com.gargoylesoftware.htmlunit.WebRequest; import java.net.URL; import net.sf.json.JSONObject; import static org.junit.Assert.*; @@ -39,10 +39,13 @@ public class SecureRequesterImplTest { @Rule public JenkinsRule r = new JenkinsRule(); @PresetData(PresetData.DataSet.NO_ANONYMOUS_READACCESS) - @Test public void authorizing() throws Exception { + @Test + public void authorizing() throws Exception { assertJSONP(null, 403); assertJSONP("http://apache.org/", 403); + Whitelist.get().configure(null, new JSONObject().accumulate("allowNoReferer", true).accumulate("domains", "apache.org jenkins-ci.org")); + assertJSONP(null, 200); assertJSONP("http://apache.org/", 200); assertJSONP("http://jenkins-ci.org/", 200); @@ -51,13 +54,15 @@ public class SecureRequesterImplTest { assertJSONP("huh?", 403); } - private void assertJSONP(String referer, int expectedStatusCode) throws Exception { - JenkinsRule.WebClient wc = r.createWebClient(); + private void assertJSONP(final String referer, final int expectedStatusCode) throws Exception { + final JenkinsRule.WebClient wc = r.createWebClient(); wc.login("alice"); - WebRequestSettings req = new WebRequestSettings(new URL(wc.getContextPath() + "api/json?jsonp")); + + final WebRequest req = new WebRequest(new URL(wc.getContextPath() + "api/json?jsonp")); if (referer != null) { req.setAdditionalHeader("Referer", referer); } + try { wc.getPage(req); assertEquals(expectedStatusCode, 200); From ec5d4353fea53b986057eff50942009e7bb4dbfe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Evaristo=20Gutie=CC=81rrez?= Date: Mon, 7 Nov 2016 08:58:36 +0100 Subject: [PATCH 2/3] [JENKINS-39470] Avoid extra diff. --- .../secure_requester_whitelist/SecureRequesterImplTest.java | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java b/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java index 37c6a12..2abce90 100644 --- a/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java +++ b/src/test/java/org/jenkinsci/plugins/secure_requester_whitelist/SecureRequesterImplTest.java @@ -39,13 +39,10 @@ public class SecureRequesterImplTest { @Rule public JenkinsRule r = new JenkinsRule(); @PresetData(PresetData.DataSet.NO_ANONYMOUS_READACCESS) - @Test - public void authorizing() throws Exception { + @Test public void authorizing() throws Exception { assertJSONP(null, 403); assertJSONP("http://apache.org/", 403); - Whitelist.get().configure(null, new JSONObject().accumulate("allowNoReferer", true).accumulate("domains", "apache.org jenkins-ci.org")); - assertJSONP(null, 200); assertJSONP("http://apache.org/", 200); assertJSONP("http://jenkins-ci.org/", 200); From ebc2327d6158b3b2275caa16ec421f0859811851 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Evaristo=20Gutie=CC=81rrez?= Date: Mon, 7 Nov 2016 09:45:31 +0100 Subject: [PATCH 3/3] [JENKINS-39470] Avoid hiding extra findbug errors. --- pom.xml | 1 - .../jenkinsci/plugins/secure_requester_whitelist/Whitelist.java | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index a43275e..ec5a634 100644 --- a/pom.xml +++ b/pom.xml @@ -42,6 +42,5 @@ 1.580.1 6 - false diff --git a/src/main/java/org/jenkinsci/plugins/secure_requester_whitelist/Whitelist.java b/src/main/java/org/jenkinsci/plugins/secure_requester_whitelist/Whitelist.java index 1c4d4e9..b00ba90 100644 --- a/src/main/java/org/jenkinsci/plugins/secure_requester_whitelist/Whitelist.java +++ b/src/main/java/org/jenkinsci/plugins/secure_requester_whitelist/Whitelist.java @@ -24,6 +24,7 @@ package org.jenkinsci.plugins.secure_requester_whitelist; +import edu.umd.cs.findbugs.annotations.SuppressFBWarnings; import hudson.Extension; import jenkins.model.GlobalConfiguration; import jenkins.model.GlobalConfigurationCategory; @@ -33,6 +34,7 @@ @Extension public class Whitelist extends GlobalConfiguration { + @SuppressFBWarnings("NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE") public static Whitelist get() { return Jenkins.getInstance().getDescriptorByType(Whitelist.class); }