jenkins.model.Jenkins.setAuthorizationStrategy()方法的使用及代码示例

x33g5p2x  于2022-01-21 转载在 其他  
字(18.3k)|赞(0)|评价(0)|浏览(215)

本文整理了Java中jenkins.model.Jenkins.setAuthorizationStrategy()方法的一些代码示例,展示了Jenkins.setAuthorizationStrategy()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Jenkins.setAuthorizationStrategy()方法的具体详情如下:
包路径:jenkins.model.Jenkins
类名称:Jenkins
方法名:setAuthorizationStrategy

Jenkins.setAuthorizationStrategy介绍

暂无

代码示例

代码示例来源:origin: jenkinsci/jenkins

  1. jenkins.setAuthorizationStrategy(authStrategy);

代码示例来源:origin: jenkinsci/jenkins

  1. j.setDisableRememberMe(security.optBoolean("disableRememberMe", false));
  2.   j.setSecurityRealm(SecurityRealm.all().newInstanceFromRadioList(security, "realm"));
  3.   j.setAuthorizationStrategy(AuthorizationStrategy.all().newInstanceFromRadioList(security, "authorization"));    
  4. } else {
  5.   j.disableSecurity();

代码示例来源:origin: jenkinsci/jenkins-test-harness

  1. private void restoreAuth() {
  2.   if (originalSecurityRealm != null) {
  3.     rule.jenkins.setSecurityRealm(originalSecurityRealm);
  4.     originalSecurityRealm = null;
  5.   }
  6.   if (originalAuthorizationStrategy != null) {
  7.     rule.jenkins.setAuthorizationStrategy(originalAuthorizationStrategy);
  8.     originalAuthorizationStrategy = null;
  9.   }
  10.   if (originalSecurityContext != null) {
  11.     SecurityContextHolder.setContext(originalSecurityContext);
  12.     originalSecurityContext = null;
  13.   }
  14. }

代码示例来源:origin: jenkinsci/role-strategy-plugin

  1. /** 
  2.  * Called on role management form's submission.
  3.  */
  4. @RequirePOST
  5. @Restricted(NoExternalUse.class)
  6. public void doRolesSubmit(StaplerRequest req, StaplerResponse rsp) throws UnsupportedEncodingException, ServletException, FormException, IOException {
  7.   checkAdminPerm();
  8.   req.setCharacterEncoding("UTF-8");
  9.  JSONObject json = req.getSubmittedForm();
  10.  AuthorizationStrategy strategy = this.newInstance(req, json);
  11.  instance().setAuthorizationStrategy(strategy);
  12.  // Persist the data
  13.   persistChanges();
  14. }

代码示例来源:origin: jenkinsci/jenkins-test-harness

  1. private void setAuth() {
  2.   if (permissions.isEmpty()) return;
  3.   JenkinsRule.DummySecurityRealm realm = rule.createDummySecurityRealm();
  4.   realm.addGroups(username, "group");
  5.   originalSecurityRealm = rule.jenkins.getSecurityRealm();
  6.   rule.jenkins.setSecurityRealm(realm);
  7.   originalAuthorizationStrategy = rule.jenkins.getAuthorizationStrategy();
  8.   rule.jenkins.setAuthorizationStrategy(new GrantPermissions(username, permissions));
  9.   command.setTransportAuth(user().impersonate());
  10.   // Otherwise it is SYSTEM, which would be relevant for a command overriding main:
  11.   originalSecurityContext = ACL.impersonate(Jenkins.ANONYMOUS);
  12. }

代码示例来源:origin: jenkinsci/mercurial-plugin

  1. @Test public void doFillCredentialsIdItemsWithoutJobWhenAdmin() throws Exception {
  2.   r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
  3.   ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy();
  4.   as.add(Jenkins.ADMINISTER, "alice");
  5.   r.jenkins.setAuthorizationStrategy(as);
  6.   final UsernamePasswordCredentialsImpl c = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, null, "test", "bob", "s3cr3t");
  7.   CredentialsProvider.lookupStores(r.jenkins).iterator().next().addCredentials(Domain.global(), c);
  8.   ACL.impersonate(User.get("alice").impersonate(), new Runnable() {
  9.     @Override public void run() {
  10.       ListBoxModel options = r.jenkins.getDescriptorByType(MercurialSCM.DescriptorImpl.class).doFillCredentialsIdItems(null, "http://nowhere.net/");
  11.       assertEquals(CredentialsNameProvider.name(c), options.get(1).name);
  12.     }
  13.   });
  14. }

代码示例来源:origin: jenkinsci/gerrit-trigger-plugin

  1. /**
  2.  * Lock down the instance.
  3.  * @param j JenkinsRule.
  4.  * @throws Exception throw if so.
  5.  */
  6. public static void lockDown(JenkinsRule j) throws Exception {
  7.   SecurityRealm securityRealm = j.createDummySecurityRealm();
  8.   j.getInstance().setSecurityRealm(securityRealm);
  9.   j.getInstance().setAuthorizationStrategy(
  10.       new MockAuthorizationStrategy().grant(Jenkins.READ).everywhere().toAuthenticated());
  11. }

代码示例来源:origin: jenkinsci/cloudbees-folder-plugin

  1. r.jenkins.setAuthorizationStrategy(as);
  2. folder.addProperty(new com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty(grantedPermissions));

代码示例来源:origin: jenkinsci/pipeline-model-definition-plugin

  1. @Test
  2. public void invalidUser() throws Exception {
  3.   File testPath = writeJenkinsfileToTmpFile("simplePipeline");
  4.   j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
  5.   j.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy()
  6.       .grant(Jenkins.ADMINISTER).everywhere().to("bob")
  7.       .grant(Jenkins.READ,
  8.           Item.READ,
  9.           Item.EXTENDED_READ).everywhere().to("alice"));
  10.   final CLICommandInvoker.Result result = command.withStdin(FileUtils.openInputStream(testPath)).invoke();
  11.   assertThat(result, not(succeeded()));
  12.   assertThat(result.stderr(), containsString("ERROR: anonymous is missing the Overall/Read permission"));
  13.   declarativeLinterCommand.setTransportAuth(User.get("alice").impersonate());
  14.   final CLICommandInvoker.Result result2 = command.withStdin(FileUtils.openInputStream(testPath)).invoke();
  15.   assertThat(result2, succeeded());
  16.   assertThat(result2, hasNoErrorOutput());
  17.   assertThat(result2.stdout(), containsString("Jenkinsfile successfully validated."));
  18. }

代码示例来源:origin: jenkinsci/mercurial-plugin

  1. @Issue("SECURITY-158")
  2. @Test public void doFillCredentialsIdItems() throws Exception {
  3.   r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
  4.   ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy();
  5.   as.add(Jenkins.READ, "alice");
  6.   as.add(Jenkins.READ, "bob");
  7.   r.jenkins.setAuthorizationStrategy(as);
  8.   FreeStyleProject p1 = r.createFreeStyleProject("p1");
  9.   FreeStyleProject p2 = r.createFreeStyleProject("p2");
  10.   p2.addProperty(new AuthorizationMatrixProperty(Collections.singletonMap(Item.CONFIGURE, Collections.singleton("bob"))));
  11.   UsernamePasswordCredentialsImpl c = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, null, "test", "bob", "s3cr3t");
  12.   CredentialsProvider.lookupStores(r.jenkins).iterator().next().addCredentials(Domain.global(), c);
  13.   assertCredentials("alice", null);
  14.   assertCredentials("alice", p1);
  15.   assertCredentials("alice", p2);
  16.   assertCredentials("bob", null);
  17.   assertCredentials("bob", p1);
  18.   assertCredentials("bob", p2, c);
  19. }
  20. private void assertCredentials(String user, final Job<?,?> owner, Credentials... expected) {

代码示例来源:origin: jenkinsci/subversion-plugin

  1. @Issue("SECURITY-303")
  2. @Test
  3. public void credentialsAccess() throws Exception {
  4.   r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
  5.   r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
  6.     grant(Jenkins.READ, Item.READ, Item.BUILD, Item.CONFIGURE).everywhere().to("devlead").
  7.     grant(Jenkins.READ, Item.READ, Item.BUILD).everywhere().to("user"));
  8.   SystemCredentialsProvider.getInstance().setDomainCredentialsMap(Collections.singletonMap(Domain.global(), Collections.<Credentials>singletonList(
  9.     new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, "svncreds", null, "svn", "s3cr3t"))));
  10.   r.createFreeStyleProject("p");
  11.   assertSniff("devlead", "svn:s3cr3t", /* server response is bad, Jenkins should say so */ false);
  12.   assertSniff("user", null, /* Jenkins should not even try to connect, pretend it is OK */ true);
  13. }
  14. private void assertSniff(String user, String sniffed, boolean ok) throws Exception {

代码示例来源:origin: jenkinsci/workflow-cps-plugin

  1. @Issue("SECURITY-1266")
  2.   @Test
  3.   public void configureRequired() throws Exception {
  4.     CpsFlowDefinition.DescriptorImpl d = r.jenkins.getDescriptorByType(CpsFlowDefinition.DescriptorImpl.class);
  6.     r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
  7.     // Set up an administrator, and three developer users with varying levels of access.
  8.     r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
  9.         grant(Jenkins.ADMINISTER).everywhere().to("admin").
  10.         grant(Jenkins.READ, Item.CONFIGURE).everywhere().to("dev1").
  11.         grant(Jenkins.READ).everywhere().to("dev2"));
  12.     WorkflowJob job = r.jenkins.createProject(WorkflowJob.class, "w");
  14.     try (ACLContext context = ACL.as(User.getById("admin", true))) {
  15.       assertThat(d.doCheckScriptCompile(job, "echo 'hello").toString(), containsString("fail"));
  16.     }
  17.     try (ACLContext context = ACL.as(User.getById("dev1", true))) {
  18.       assertThat(d.doCheckScriptCompile(job, "echo 'hello").toString(), containsString("fail"));
  19.     }
  20.     try (ACLContext context = ACL.as(User.getById("dev2", true))) {
  21.       assertThat(d.doCheckScriptCompile(job, "echo 'hello").toString(), containsString("success"));
  22.     }
  23.   }
  24. }

代码示例来源:origin: jenkinsci/cloudbees-folder-plugin

  1. @Test public void getDestinations() throws Exception {
  2.   Folder d1 = r.jenkins.createProject(Folder.class, "d1"); // where we start
  3.   FreeStyleProject j = d1.createProject(FreeStyleProject.class, "j");
  4.   final Folder d2 = r.jenkins.createProject(Folder.class, "d2"); // where we could go
  5.   Folder d3 = r.jenkins.createProject(Folder.class, "d3"); // where we cannot
  6.   r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
  7.   r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
  8.     grant(Jenkins.READ, Item.READ).everywhere().to("joe").
  9.     grant(Item.CREATE).onItems(d2).to("joe"));
  10.   try (ACLContext ctx = ACL.as(User.get("joe"))) {
  11.     assertEquals(Arrays.asList(d1, d2), new StandardHandler().validDestinations(j));
  12.     assertEquals(Arrays.asList(r.jenkins, d2), new StandardHandler().validDestinations(d1));
  13.     assertNotEquals(Arrays.asList(r.jenkins, d3), new StandardHandler().validDestinations(j));
  14.     assertNotEquals(Arrays.asList(d1, d3), new StandardHandler().validDestinations(d1));
  15.   }
  16. }

代码示例来源:origin: jenkinsci/cloudbees-folder-plugin

  1. @Issue("JENKINS-32487")
  2. @Test public void shouldAssignPropertyOwnerOnCreationAndReload() throws Exception {
  3.   Folder folder = r.jenkins.createProject(Folder.class, "myFolder");
  4.   ProjectMatrixAuthorizationStrategy as = new ProjectMatrixAuthorizationStrategy();
  5.   // Need to do this to avoid JENKINS-9774
  6.   as.add(Jenkins.ADMINISTER, "alice");
  7.   r.jenkins.setAuthorizationStrategy(as);
  8.   
  9.   // We add a stub property to generate the persisted list
  10.   // Then we ensure owner is being assigned properly.
  11.   folder.addProperty(new FolderCredentialsProvider.FolderCredentialsProperty(new DomainCredentials[0]));
  12.   assertPropertyOwner("After property add", folder, FolderCredentialsProvider.FolderCredentialsProperty.class);
  14.   // Reload and ensure that the property owner is set
  15.   r.jenkins.reload();
  16.   Folder reloadedFolder = r.jenkins.getItemByFullName("myFolder", Folder.class);
  17.   assertPropertyOwner("After reload", reloadedFolder, FolderCredentialsProvider.FolderCredentialsProperty.class);
  18. }

代码示例来源:origin: jenkinsci/cloudbees-folder-plugin

  1. strategy.grant(Computer.BUILD).everywhere().to("bob");
  2. r.jenkins.setAuthorizationStrategy(strategy);
  3. HashMap<String, Authentication> jobsToUsers = new HashMap<String, Authentication>();
  4. jobsToUsers.put(prj.getFullName(), User.get("bob").impersonate());

代码示例来源:origin: jenkinsci/workflow-cps-plugin

  1. @Test
  2. public void sandboxInvokerUsed() throws Exception {
  3.   jenkins.jenkins.setSecurityRealm(jenkins.createDummySecurityRealm());
  4.   jenkins.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
  5.       grant(Jenkins.RUN_SCRIPTS, Jenkins.READ, Item.READ).everywhere().to("runScriptsUser").
  6.       grant(Jenkins.READ, Item.READ).everywhere().to("otherUser"));
  7.   WorkflowJob job = jenkins.jenkins.createProject(WorkflowJob.class, "p");
  8.   job.setDefinition(new CpsFlowDefinition("[a: 1, b: 2].collectEntries { k, v ->\n" +
  9.       "  Jenkins.getInstance()\n" +
  10.       "  [(v): k]\n" +
  11.       "}\n", true));
  12.   WorkflowRun r = jenkins.assertBuildStatus(Result.FAILURE, job.scheduleBuild2(0).get());
  13.   jenkins.assertLogContains("org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use staticMethod jenkins.model.Jenkins getInstance", r);
  14.   jenkins.assertLogContains("Scripts not permitted to use staticMethod jenkins.model.Jenkins getInstance. " + Messages.SandboxContinuable_ScriptApprovalLink(), r);
  15.   JenkinsRule.WebClient wc = jenkins.createWebClient();
  16.   wc.login("runScriptsUser");
  17.   // make sure we see the annotation for the RUN_SCRIPTS user.
  18.   HtmlPage rsp = wc.getPage(r, "console");
  19.   assertEquals(1, DomNodeUtil.selectNodes(rsp, "//A[@href='" + jenkins.contextPath + "/scriptApproval']").size());
  20.   // make sure raw console output doesn't include the garbage and has the right message.
  21.   TextPage raw = (TextPage)wc.goTo(r.getUrl()+"consoleText","text/plain");
  22.   assertThat(raw.getContent(), containsString(" getInstance. " + Messages.SandboxContinuable_ScriptApprovalLink()));
  23.   wc.login("otherUser");
  24.   // make sure we don't see the link for the other user.
  25.   HtmlPage rsp2 = wc.getPage(r, "console");
  26.   assertEquals(0, DomNodeUtil.selectNodes(rsp2, "//A[@href='" + jenkins.contextPath + "/scriptApproval']").size());
  27.   // make sure raw console output doesn't include the garbage and has the right message.
  28.   TextPage raw2 = (TextPage)wc.goTo(r.getUrl()+"consoleText","text/plain");
  29.   assertThat(raw2.getContent(), containsString(" getInstance. " + Messages.SandboxContinuable_ScriptApprovalLink()));
  30. }

代码示例来源:origin: jenkinsci/cloudbees-folder-plugin

  1. @Test
  2. public void given_folderCredential_when_builtAsUserWithUseItem_then_credentialFound() throws Exception {
  3.   Folder f = createFolder();
  4.   CredentialsStore folderStore = getFolderStore(f);
  5.   folderStore.addCredentials(Domain.global(),
  6.       new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, "foo-manchu", "Dr. Fu Manchu", "foo",
  7.           "manchu"));
  8.   FreeStyleProject prj = f.createProject(FreeStyleProject.class, "job");
  9.   prj.getBuildersList().add(new HasCredentialBuilder("foo-manchu"));
  10.   JenkinsRule.DummySecurityRealm realm = r.createDummySecurityRealm();
  11.   r.jenkins.setSecurityRealm(realm);
  12.   MockAuthorizationStrategy strategy = new MockAuthorizationStrategy();
  13.   strategy.grant(CredentialsProvider.USE_ITEM).everywhere().to("bob");
  14.   strategy.grant(Item.BUILD).everywhere().to("bob");
  15.   strategy.grant(Computer.BUILD).everywhere().to("bob");
  16.   r.jenkins.setAuthorizationStrategy(strategy);
  17.   HashMap<String, Authentication> jobsToUsers = new HashMap<String, Authentication>();
  18.   jobsToUsers.put(prj.getFullName(), User.get("bob").impersonate());
  19.   MockQueueItemAuthenticator authenticator = new MockQueueItemAuthenticator(jobsToUsers);
  20.   QueueItemAuthenticatorConfiguration.get().getAuthenticators().clear();
  21.   QueueItemAuthenticatorConfiguration.get().getAuthenticators().add(authenticator);
  22.   r.buildAndAssertSuccess(prj);
  23. }

代码示例来源:origin: jenkinsci/cloudbees-folder-plugin

  1. @Test
  2. public void given_folderCredential_when_builtAsUserWithoutUseItem_then_credentialNotFound() throws Exception {
  3.   Folder f = createFolder();
  4.   CredentialsStore folderStore = getFolderStore(f);
  5.   folderStore.addCredentials(Domain.global(),
  6.       new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL, "foo-manchu", "Dr. Fu Manchu", "foo",
  7.           "manchu"));
  8.   FreeStyleProject prj = f.createProject(FreeStyleProject.class, "job");
  9.   prj.getBuildersList().add(new HasCredentialBuilder("foo-manchu"));
  10.   JenkinsRule.DummySecurityRealm realm = r.createDummySecurityRealm();
  11.   r.jenkins.setSecurityRealm(realm);
  12.   MockAuthorizationStrategy strategy = new MockAuthorizationStrategy();
  13.   strategy.grant(Item.BUILD).everywhere().to("bob");
  14.   strategy.grant(Computer.BUILD).everywhere().to("bob");
  15.   r.jenkins.setAuthorizationStrategy(strategy);
  16.   HashMap<String, Authentication> jobsToUsers = new HashMap<String, Authentication>();
  17.   jobsToUsers.put(prj.getFullName(), User.get("bob").impersonate());
  18.   MockQueueItemAuthenticator authenticator = new MockQueueItemAuthenticator(jobsToUsers);
  19.   QueueItemAuthenticatorConfiguration.get().getAuthenticators().clear();
  20.   QueueItemAuthenticatorConfiguration.get().getAuthenticators().add(authenticator);
  21.   r.assertBuildStatus(Result.FAILURE, prj.scheduleBuild2(0).get());
  22. }

代码示例来源:origin: jenkinsci/cloudbees-folder-plugin

  1. @Test public void discoverPermission() throws Exception {
  2.   r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
  3.   final Folder d = r.jenkins.createProject(Folder.class, "d");
  4.   final FreeStyleProject p1 = d.createProject(FreeStyleProject.class, "p1");
  5.   r.jenkins.setAuthorizationStrategy(new MockAuthorizationStrategy().
  6.       grant(Jenkins.READ).everywhere().toEveryone().
  7.       grant(Item.DISCOVER).everywhere().toAuthenticated().
  8.       grant(Item.READ).onItems(d).toEveryone().
  9.       grant(Item.READ).onItems(p1).to("alice"));
  10.   FreeStyleProject p2 = d.createProject(FreeStyleProject.class, "p2");
  11.   ACL.impersonate(Jenkins.ANONYMOUS, new Runnable() {
  12.     @Override public void run() {
  13.       assertEquals(Collections.emptyList(), d.getItems());
  14.       assertNull(d.getItem("p1"));
  15.       assertNull(d.getItem("p2"));
  16.     }
  17.   });
  18.   ACL.impersonate(User.get("alice").impersonate(), new Runnable() {
  19.     @Override public void run() {
  20.       assertEquals(Collections.singletonList(p1), d.getItems());
  21.       assertEquals(p1, d.getItem("p1"));
  22.       try {
  23.         d.getItem("p2");
  24.         fail("should have been told p2 exists");
  25.       } catch (AccessDeniedException x) {
  26.         // correct
  27.       }
  28.     }
  29.   });
  30. }

代码示例来源:origin: jenkinsci/gerrit-trigger-plugin

  1. /**
  2.  * Tests that only an admin can read server configuration and manipulate server state.
  3.  * @throws Exception if so
  4.  */
  5. @Test
  6. @Issue({"SECURITY-402", "SECURITY-403" })
  7. public void testOnlyAdminCanPerformServerConfigurationActions() throws Exception {
  8.   GerritServer gerritServer = new GerritServer(PluginImpl.DEFAULT_SERVER_NAME);
  9.   SshdServerMock.configureFor(sshd, gerritServer);
  10.   PluginImpl.getInstance().addServer(gerritServer);
  11.   gerritServer.getConfig().setNumberOfSendingWorkerThreads(NUMBEROFSENDERTHREADS);
  12.   ((Config)gerritServer.getConfig()).setGerritAuthKeyFile(sshKey.getPrivateKey());
  13.   gerritServer.start();
  14.   Setup.lockDown(j);
  15.   j.getInstance().setAuthorizationStrategy(
  16.       new MockAuthorizationStrategy().grant(Item.READ, Item.DISCOVER).everywhere().toAuthenticated()
  17.           .grant(Jenkins.READ, Item.DISCOVER).everywhere().toEveryone()
  18.           .grant(Item.CONFIGURE).everywhere().to("bob")
  19.           .grant(Jenkins.ADMINISTER).everywhere().to("alice"));
  20.   j.jenkins.setCrumbIssuer(null); //Not really testing csrf right now
  21.   JenkinsRule.WebClient webClient = j.createWebClient().login("alice", "alice");
  22.   HtmlPage page = webClient.goTo("plugin/gerrit-trigger/servers/0/");
  23.   HtmlForm config = page.getFormByName("config");
  24.   assertNotNull(config);
  25.   post(webClient, "plugin/gerrit-trigger/servers/0/sleep", "application/json", null);
  26.   webClient = j.createWebClient().login("bob", "bob");
  27.   webClient.assertFails("plugin/gerrit-trigger/servers/0/", 403);
  28.   post(webClient, "plugin/gerrit-trigger/servers/0/wakeup", null, 403);
  29. }

内容来源于网络,如有侵权,请联系作者删除!

Jenkins

相关文章

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多

    Jenkins类方法

    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com