本文整理汇总了Java中hudson.security.ACL.impersonate方法的典型用法代码示例。如果您正苦于以下问题:Java ACL.impersonate方法的具体用法?Java ACL.impersonate怎么用?Java ACL.impersonate使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类hudson.security.ACL
的用法示例。
在下文中一共展示了ACL.impersonate方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getRun
import hudson.security.ACL; //导入方法依赖的package包/类
@CheckForNull
public Run<?, ?> getRun() {
if (StringUtils.isBlank(buildId)) {
return null;
}
final Job<?, ?> job = getJob();
if (job != null) {
SecurityContext old = ACL.impersonate(ACL.SYSTEM);
try {
return job.getBuild(buildId);
} catch (Exception e) {
logger.log(Level.WARNING, "Unable to retrieve run " + jobName + ":" + buildId, e);
} finally {
SecurityContextHolder.setContext(old);
}
}
return null;
}
示例2: abortShouldNotRetry
import hudson.security.ACL; //导入方法依赖的package包/类
@Issue("JENKINS-41276")
@Test
public void abortShouldNotRetry() throws Exception {
r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
WorkflowJob p = r.jenkins.createProject(WorkflowJob.class, "p");
p.setDefinition(new CpsFlowDefinition(
"int count = 0; retry(3) { echo 'trying '+(count++); semaphore 'start'; echo 'NotHere' } echo 'NotHere'", true));
final WorkflowRun b = p.scheduleBuild2(0).waitForStart();
SemaphoreStep.waitForStart("start/1", b);
ACL.impersonate(User.get("dev").impersonate(), new Runnable() {
@Override public void run() {
b.getExecutor().doStop();
}
});
r.assertBuildStatus(Result.ABORTED, r.waitForCompletion(b));
r.assertLogContains("trying 0", b);
r.assertLogContains("Aborted by dev", b);
r.assertLogNotContains("trying 1", b);
r.assertLogNotContains("trying 2", b);
r.assertLogNotContains("NotHere", b);
}
示例3: terminateRun
import hudson.security.ACL; //导入方法依赖的package包/类
private static void terminateRun(final WorkflowRun run) {
ACL.impersonate(ACL.SYSTEM, new NotReallyRoleSensitiveCallable<Void, RuntimeException>() {
@Override
public Void call() throws RuntimeException {
run.doTerm();
Timer.get().schedule(new SafeTimerTask() {
@Override
public void doRun() {
ACL.impersonate(ACL.SYSTEM, new NotReallyRoleSensitiveCallable<Void, RuntimeException>() {
@Override
public Void call() throws RuntimeException {
run.doKill();
return null;
}
});
}
}, 5, TimeUnit.SECONDS);
return null;
}
});
}
示例4: cancelQueuedBuild
import hudson.security.ACL; //导入方法依赖的package包/类
@SuppressFBWarnings("SE_BAD_FIELD")
public static boolean cancelQueuedBuild(WorkflowJob job, Build build) {
String buildUid = build.getMetadata().getUid();
final Queue buildQueue = Jenkins.getActiveInstance().getQueue();
for (final Queue.Item item : buildQueue.getItems()) {
for (Cause cause : item.getCauses()) {
if (cause instanceof BuildCause && ((BuildCause) cause).getUid().equals(buildUid)) {
return ACL.impersonate(ACL.SYSTEM, new NotReallyRoleSensitiveCallable<Boolean, RuntimeException>() {
@Override
public Boolean call() throws RuntimeException {
buildQueue.cancel(item);
return true;
}
});
}
}
}
return cancelNotYetStartedBuild(job, build);
}
示例5: innerDeleteEventToJenkinsJobRun
import hudson.security.ACL; //导入方法依赖的package包/类
private static synchronized void innerDeleteEventToJenkinsJobRun(
final Build build) throws Exception {
final WorkflowJob job = getJobFromBuild(build);
if (job != null) {
ACL.impersonate(ACL.SYSTEM,
new NotReallyRoleSensitiveCallable<Void, Exception>() {
@Override
public Void call() throws Exception {
cancelBuild(job, build, true);
return null;
}
});
} else {
// in case build was created and deleted quickly, prior to seeing BC
// event, clear out from pre-BC cache
removeBuildFromNoBCList(build);
}
}
示例6: doImpersonate
import hudson.security.ACL; //导入方法依赖的package包/类
@RequirePOST
public HttpResponse doImpersonate(StaplerRequest req, @QueryParameter String name) {
Authentication auth = Jenkins.getAuthentication();
GrantedAuthority[] authorities = auth.getAuthorities();
if (authorities == null || StringUtils.isBlank(name)) {
return HttpResponses.redirectToContextRoot();
}
GrantedAuthority authority = null;
for (GrantedAuthority a : authorities) {
if (a.getAuthority().equals(name)) {
authority = a;
break;
}
}
if (authority == null) {
return HttpResponses.redirectToContextRoot();
}
if (!SecurityRealm.AUTHENTICATED_AUTHORITY.equals(authority)) {
ACL.impersonate(new ImpersonationAuthentication(auth, authority, SecurityRealm.AUTHENTICATED_AUTHORITY));
} else {
ACL.impersonate(new ImpersonationAuthentication(auth, SecurityRealm.AUTHENTICATED_AUTHORITY));
}
return HttpResponses.redirectToContextRoot();
}
示例7: scheduleJob
import hudson.security.ACL; //导入方法依赖的package包/类
public SlackTextMessage scheduleJob(String projectName) {
ACL.impersonate(ACL.SYSTEM);
String response = "";
Project project =
Jenkins.getInstance().getItemByFullName(projectName, Project.class);
boolean success = false;
if (project != null)
success = project.scheduleBuild(new SlackWebhookCause(this.slackUser));
else
return new SlackTextMessage("Could not find project ("+projectName+")\n");
if (success)
return new SlackTextMessage("Build scheduled for project "+ projectName+"\n");
else
return new SlackTextMessage("Build not scheduled due to an issue with Jenkins");
}
示例8: execute
import hudson.security.ACL; //导入方法依赖的package包/类
public void execute() {
if (pushHook.getRepository() != null && pushHook.getRepository().getUrl() == null) {
LOGGER.log(Level.WARNING, "No repository url found.");
return;
}
if (project instanceof Job<?, ?>) {
ACL.impersonate(ACL.SYSTEM, new TriggerNotifier(project, secretToken, Jenkins.getAuthentication()) {
@Override
protected void performOnPost(GitLabPushTrigger trigger) {
trigger.onPost(pushHook);
}
});
throw HttpResponses.ok();
}
if (project instanceof SCMSourceOwner) {
ACL.impersonate(ACL.SYSTEM, new SCMSourceOwnerNotifier());
throw HttpResponses.ok();
}
throw HttpResponses.errorWithoutStack(409, "Push Hook is not supported for this project");
}
示例9: getProject
import hudson.security.ACL; //导入方法依赖的package包/类
public Job<?, ?> getProject( String job, StaplerRequest req, StaplerResponse rsp )
throws HttpResponses.HttpResponseException
{
Job<?, ?> p;
SecurityContext orig = ACL.impersonate( ACL.SYSTEM );
try
{
p = Jenkins.getInstance().getItemByFullName( job, Job.class );
}
finally
{
SecurityContextHolder.setContext( orig );
}
if ( p == null )
{
throw org.kohsuke.stapler.HttpResponses.notFound();
}
return p;
}
示例10: testRebuildNotAuthorized
import hudson.security.ACL; //导入方法依赖的package包/类
@Test
public void testRebuildNotAuthorized() throws Exception {
FreeStyleProject projectA = jenkins.createFreeStyleProject("A");
jenkins.createFreeStyleProject("B");
projectA.getPublishersList().add(new BuildPipelineTrigger("B", null));
jenkins.getInstance().rebuildDependencyGraph();
DeliveryPipelineView view = new DeliveryPipelineView("View");
jenkins.getInstance().addView(view);
jenkins.getInstance().setSecurityRealm(jenkins.createDummySecurityRealm());
GlobalMatrixAuthorizationStrategy gmas = new GlobalMatrixAuthorizationStrategy();
gmas.add(Permission.READ, "devel");
jenkins.getInstance().setAuthorizationStrategy(gmas);
SecurityContext oldContext = ACL.impersonate(User.get("devel").impersonate());
try {
view.triggerRebuild("B", "1");
fail();
} catch (AuthenticationException e) {
//Should throw this
}
SecurityContextHolder.setContext(oldContext);
}
示例11: findBuild
import hudson.security.ACL; //导入方法依赖的package包/类
/**
* Function to finds the build with the unique build id.
*
* @param jobName
* The jenkins job or project name
* @param buildNumber
* The jenkins build number
* @return
* the build Run if found, otherwise return null
*/
public static Run<?,?> findBuild(String jobName, int buildNumber) {
SecurityContext oldContext = ACL.impersonate(ACL.SYSTEM);
try {
AbstractProject<?,?> project = Jenkins.getActiveInstance().getItemByFullName(jobName, AbstractProject.class);
if (project != null){
Run<?,?> run = project.getBuildByNumber(buildNumber);
if (run != null) {
return run;
}
}
return null;
} finally {
SecurityContextHolder.setContext(oldContext);
}
}
示例12: testPermissionWhenParameterized
import hudson.security.ACL; //导入方法依赖的package包/类
/**
* When the source project name is parameterized, cannot check at configure time whether
* the project is accessible. In this case, permission check is done when the build runs.
* Only jobs accessible to all authenticated users are allowed.
*/
@LocalData
@Test
public void testPermissionWhenParameterized() throws Exception {
FreeStyleProject p = createProject("test$JOB", null, "", "", false, false, false, true);
ParameterDefinition paramDef = new StringParameterDefinition("JOB", "job1");
ParametersDefinitionProperty paramsDef = new ParametersDefinitionProperty(paramDef);
p.addProperty(paramsDef);
// Build step should succeed when this parameter expands to a job accessible
// to authenticated users (even if triggered by anonymous, as in this case):
SecurityContextHolder.clearContext();
FreeStyleBuild b = p.scheduleBuild2(0, new UserCause(),
new ParametersAction(new StringParameterValue("JOB", "Job2"))).get();
assertFile(true, "foo2.txt", b);
rule.assertBuildStatusSuccess(b);
// Build step should fail for a job not accessible to all authenticated users,
// even when accessible to the user starting the job, as in this case:
SecurityContext old = ACL.impersonate(
new UsernamePasswordAuthenticationToken("joe","joe"));
try {
b = p.scheduleBuild2(0, new UserCause(),
new ParametersAction(new StringParameterValue("JOB", "Job"))).get();
assertFile(false, "foo.txt", b);
rule.assertBuildStatus(Result.FAILURE, b);
} finally {
SecurityContextHolder.setContext(old);
}
}
示例13: innerDeleteEventToJenkinsJob
import hudson.security.ACL; //导入方法依赖的package包/类
private void innerDeleteEventToJenkinsJob(final BuildConfig buildConfig) throws Exception {
final Job job = getJobFromBuildConfig(buildConfig);
if (job != null) {
// employ intern of the BC UID to facilitate sync'ing on the same
// actual object
synchronized (buildConfig.getMetadata().getUid().intern()) {
ACL.impersonate(ACL.SYSTEM, new NotReallyRoleSensitiveCallable<Void, Exception>() {
@Override
public Void call() throws Exception {
try {
job.delete();
} finally {
removeJobWithBuildConfig(buildConfig);
Jenkins.getActiveInstance().rebuildDependencyGraphAsync();
}
return null;
}
});
// if the bc has a source secret it is possible it should
// be deleted as well (called function will cross reference
// with secret watch)
CredentialsUtils.deleteSourceCredentials(buildConfig);
}
}
}
示例14: upsertCredential
import hudson.security.ACL; //导入方法依赖的package包/类
private static String upsertCredential(Secret secret, String namespace,
String secretName) throws IOException {
String id = null;
if (secret != null) {
Credentials creds = secretToCredentials(secret);
if (creds == null)
return null;
id = secretName(namespace, secretName);
Credentials existingCreds = lookupCredentials(id);
final SecurityContext previousContext = ACL.impersonate(ACL.SYSTEM);
try {
CredentialsStore s = CredentialsProvider
.lookupStores(Jenkins.getActiveInstance()).iterator()
.next();
if (existingCreds != null) {
s.updateCredentials(Domain.global(), existingCreds, creds);
logger.info("Updated credential " + id + " from Secret "
+ NamespaceName.create(secret) + " with revision: "
+ secret.getMetadata().getResourceVersion());
} else {
s.addCredentials(Domain.global(), creds);
logger.info("Created credential " + id + " from Secret "
+ NamespaceName.create(secret) + " with revision: "
+ secret.getMetadata().getResourceVersion());
}
s.save();
} finally {
SecurityContextHolder.setContext(previousContext);
}
}
return id;
}
示例15: deleteCredential
import hudson.security.ACL; //导入方法依赖的package包/类
private static void deleteCredential(String id, NamespaceName name,
String resourceRevision) throws IOException {
Credentials existingCred = lookupCredentials(id);
if (existingCred != null) {
final SecurityContext previousContext = ACL.impersonate(ACL.SYSTEM);
try {
Fingerprint fp = CredentialsProvider
.getFingerprintOf(existingCred);
if (fp != null && fp.getJobs().size() > 0) {
// per messages in credentials console, it is not a given,
// but
// it is possible for job refs to a credential to be
// tracked;
// if so, we will not prevent deletion, but at least note
// things
// for potential diagnostics
StringBuffer sb = new StringBuffer();
for (String job : fp.getJobs())
sb.append(job).append(" ");
logger.info("About to delete credential " + id
+ "which is referenced by jobs: " + sb.toString());
}
CredentialsStore s = CredentialsProvider
.lookupStores(Jenkins.getActiveInstance()).iterator()
.next();
s.removeCredentials(Domain.global(), existingCred);
logger.info("Deleted credential " + id + " from Secret " + name
+ " with revision: " + resourceRevision);
s.save();
} finally {
SecurityContextHolder.setContext(previousContext);
}
}
}