hudson.security

Class ACL

java.lang.Object

hudson.security.ACL

Direct Known Subclasses:

SidACL

public abstract class ACL
extends Object

Gate-keeper that controls access to Hudson's model objects.

Author:

Kohsuke Kawaguchi

Field Summary

Fields

Modifier and Type	Field and Description
static Sid	ANONYMOUS Sid that represents the anonymous unauthenticated users.
static String	ANONYMOUS_USERNAME The username for the anonymous user
protected static Sid[]	AUTOMATIC_SIDS
static Sid	EVERYONE Special Sid that represents "everyone", even including anonymous users.
static Authentication	SYSTEM Deprecated. use SYSTEM2
static String	SYSTEM_USERNAME The username for the system user
static org.springframework.security.core.Authentication	SYSTEM2 Sid that represents the Hudson itself.

Constructor Summary

Constructors

Constructor and Description
ACL()

Method Summary

Modifier and Type	Method and Description
static ACLContext	as(Authentication auth) Deprecated. use as2(Authentication)
static ACLContext	as(User user) Changes the Authentication associated with the current thread to the specified one and returns an AutoCloseable that restores the previous security context.
static ACLContext	as2(org.springframework.security.core.Authentication auth) Changes the Authentication associated with the current thread to the specified one and returns an AutoCloseable that restores the previous security context.
void	checkAnyPermission(Permission... permissions) Checks if the current security principal has one of the supplied permissions.
void	checkCreatePermission(ItemGroup c, TopLevelItemDescriptor d) Checks if the current security principal has the permission to create top level items within the specified item group.
void	checkCreatePermission(ViewGroup c, ViewDescriptor d) Checks if the current security principal has the permission to create views within the specified view group.
void	checkPermission(Permission p) Checks if the current security principal has this permission.
boolean	hasAnyPermission(Permission... permissions) Checks if the current security principal has any of the permissions.
boolean	hasCreatePermission(Authentication a, ItemGroup c, TopLevelItemDescriptor d) Deprecated. use hasCreatePermission2(Authentication, ItemGroup, TopLevelItemDescriptor)
boolean	hasCreatePermission(Authentication a, ViewGroup c, ViewDescriptor d) Deprecated. use hasCreatePermission2(Authentication, ItemGroup, TopLevelItemDescriptor)
boolean	hasCreatePermission2(org.springframework.security.core.Authentication a, ItemGroup c, TopLevelItemDescriptor d) Checks if the given principal has the permission to create top level items within the specified item group.
boolean	hasCreatePermission2(org.springframework.security.core.Authentication a, ViewGroup c, ViewDescriptor d) Checks if the given principal has the permission to create views within the specified view group.
boolean	hasPermission(Authentication a, Permission permission) Deprecated. use hasPermission2(org.springframework.security.core.Authentication, hudson.security.Permission)
boolean	hasPermission(Permission p) Checks if the current security principal has this permission.
boolean	hasPermission2(org.springframework.security.core.Authentication a, Permission permission) Checks if the given principle has the given permission.
static SecurityContext	impersonate(Authentication auth) Deprecated. use impersonate2(Authentication)
static <V,T extends Exception> V	impersonate(Authentication auth, hudson.remoting.Callable<V,T> body) Deprecated. use impersonate2(Authentication, Callable)
static void	impersonate(Authentication auth, Runnable body) Deprecated. use impersonate2(Authentication, Runnable)
static org.springframework.security.core.context.SecurityContext	impersonate2(org.springframework.security.core.Authentication auth) Deprecated. use try with resources and as2(Authentication)
static <V,T extends Exception> V	impersonate2(org.springframework.security.core.Authentication auth, hudson.remoting.Callable<V,T> body) Deprecated. use try with resources and as2(Authentication)
static void	impersonate2(org.springframework.security.core.Authentication auth, Runnable body) Deprecated. use try with resources and as2(Authentication)
static boolean	isAnonymous(Authentication authentication) Deprecated. use isAnonymous2(org.springframework.security.core.Authentication)
static boolean	isAnonymous2(org.springframework.security.core.Authentication authentication) Checks if the given authentication is anonymous by checking its class.
static ACL	lambda(BiFunction<Authentication,Permission,Boolean> impl) Deprecated. use lambda2(java.util.function.BiFunction<org.springframework.security.core.Authentication, hudson.security.Permission, java.lang.Boolean>)
static ACL	lambda2(BiFunction<org.springframework.security.core.Authentication,Permission,Boolean> impl) Creates a simple ACL implementation based on a “single-abstract-method” easily implemented via lambda syntax.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

EVERYONE

public static final Sid EVERYONE

Special Sid that represents "everyone", even including anonymous users.

This doesn't need to be included in Authentication.getAuthorities(), but ACL is responsible for checking it nonetheless, as if it was the last entry in the granted authority.

ANONYMOUS_USERNAME

@Restricted(value=org.kohsuke.accmod.restrictions.NoExternalUse.class)
public static final String ANONYMOUS_USERNAME

The username for the anonymous user

See Also:

Constant Field Values

ANONYMOUS

public static final Sid ANONYMOUS

Sid that represents the anonymous unauthenticated users.

HudsonFilter sets this up, so this sid remains the same regardless of the current SecurityRealm in use.

AUTOMATIC_SIDS

protected static final Sid[] AUTOMATIC_SIDS

SYSTEM_USERNAME

@Restricted(value=org.kohsuke.accmod.restrictions.NoExternalUse.class)
public static final String SYSTEM_USERNAME

The username for the system user

See Also:

Constant Field Values

SYSTEM2

public static final org.springframework.security.core.Authentication SYSTEM2

Sid that represents the Hudson itself.

This is used when Hudson is performing computation for itself, instead of acting on behalf of an user, such as doing builds.

Since:

2.266

SYSTEM

@Deprecated
public static final Authentication SYSTEM

Deprecated. use SYSTEM2

Constructor Detail

ACL

public ACL()

Method Detail

checkPermission

public final void checkPermission(@NonNull
                                  Permission p)

Checks if the current security principal has this permission.

This is just a convenience function.

Throws:

org.springframework.security.access.AccessDeniedException - if the user doesn't have the permission.

checkAnyPermission

public final void checkAnyPermission(@NonNull
                                     Permission... permissions)

Checks if the current security principal has one of the supplied permissions. This is just a convenience function.

Throws:

org.springframework.security.access.AccessDeniedException - if the user doesn't have the permission.

IllegalArgumentException - if no permissions are provided

Since:

2.222

hasPermission

public final boolean hasPermission(@NonNull
                                   Permission p)

Checks if the current security principal has this permission.

Returns:

false if the user doesn't have the permission.

hasAnyPermission

public final boolean hasAnyPermission(@NonNull
                                      Permission... permissions)

Checks if the current security principal has any of the permissions.

Returns:

false if the user doesn't have one of the required permissions.

Throws:

IllegalArgumentException - if no permissions are provided

hasPermission2

public boolean hasPermission2(@NonNull
                              org.springframework.security.core.Authentication a,
                              @NonNull
                              Permission permission)

Checks if the given principle has the given permission.

Note that SYSTEM2 can be passed in as the authentication parameter, in which case you should probably just assume it has every permission.

Since:

2.266

hasPermission

@Deprecated
public boolean hasPermission(@NonNull
                                         Authentication a,
                                         @NonNull
                                         Permission permission)

Deprecated. use hasPermission2(org.springframework.security.core.Authentication, hudson.security.Permission)

lambda2

public static ACL lambda2(BiFunction<org.springframework.security.core.Authentication,Permission,Boolean> impl)

Creates a simple ACL implementation based on a “single-abstract-method” easily implemented via lambda syntax.

Parameters:

impl - the implementation of hasPermission2(Authentication, Permission)

Returns:

an adapter to that lambda

Since:

2.266

lambda

@Deprecated
public static ACL lambda(BiFunction<Authentication,Permission,Boolean> impl)

Deprecated. use lambda2(java.util.function.BiFunction<org.springframework.security.core.Authentication, hudson.security.Permission, java.lang.Boolean>)

Since:

2.105

checkCreatePermission

public final void checkCreatePermission(@NonNull
                                        ItemGroup c,
                                        @NonNull
                                        TopLevelItemDescriptor d)

Checks if the current security principal has the permission to create top level items within the specified item group.

This is just a convenience function.

Parameters:

c - the container of the item.

d - the descriptor of the item to be created.

Throws:

org.springframework.security.access.AccessDeniedException - if the user doesn't have the permission.

Since:

1.607

hasCreatePermission2

public boolean hasCreatePermission2(@NonNull
                                    org.springframework.security.core.Authentication a,
                                    @NonNull
                                    ItemGroup c,
                                    @NonNull
                                    TopLevelItemDescriptor d)

Checks if the given principal has the permission to create top level items within the specified item group.

Note that SYSTEM2 can be passed in as the authentication parameter, in which case you should probably just assume it can create anything anywhere.

Parameters:

a - the principal.

c - the container of the item.

d - the descriptor of the item to be created.

Returns:

false if the user doesn't have the permission.

Since:

2.266

hasCreatePermission

@Deprecated
public boolean hasCreatePermission(@NonNull
                                               Authentication a,
                                               @NonNull
                                               ItemGroup c,
                                               @NonNull
                                               TopLevelItemDescriptor d)

Deprecated. use hasCreatePermission2(Authentication, ItemGroup, TopLevelItemDescriptor)

Since:

1.607

checkCreatePermission

public final void checkCreatePermission(@NonNull
                                        ViewGroup c,
                                        @NonNull
                                        ViewDescriptor d)

Checks if the current security principal has the permission to create views within the specified view group.

This is just a convenience function.

Parameters:

c - the container of the item.

d - the descriptor of the view to be created.

Throws:

org.springframework.security.access.AccessDeniedException - if the user doesn't have the permission.

Since:

1.607

hasCreatePermission2

public boolean hasCreatePermission2(@NonNull
                                    org.springframework.security.core.Authentication a,
                                    @NonNull
                                    ViewGroup c,
                                    @NonNull
                                    ViewDescriptor d)

Checks if the given principal has the permission to create views within the specified view group.

Note that SYSTEM2 can be passed in as the authentication parameter, in which case you should probably just assume it can create anything anywhere.

Parameters:

a - the principal.

c - the container of the view.

d - the descriptor of the view to be created.

Returns:

false if the user doesn't have the permission.

Since:

2.266

hasCreatePermission

@Deprecated
public boolean hasCreatePermission(@NonNull
                                               Authentication a,
                                               @NonNull
                                               ViewGroup c,
                                               @NonNull
                                               ViewDescriptor d)

Deprecated. use hasCreatePermission2(Authentication, ItemGroup, TopLevelItemDescriptor)

Since:

2.37

impersonate2

@Deprecated
 @NonNull
public static org.springframework.security.core.context.SecurityContext impersonate2(@NonNull
                                                                                                           org.springframework.security.core.Authentication auth)

Deprecated. use try with resources and as2(Authentication)

Changes the Authentication associated with the current thread to the specified one, and returns the previous security context.

When the impersonation is over, be sure to restore the previous authentication via SecurityContextHolder.setContext(returnValueFromThisMethod); or just use impersonate2(Authentication, Runnable).

We need to create a new SecurityContext instead of SecurityContext.setAuthentication(Authentication) because the same SecurityContext object is reused for all the concurrent requests from the same session.

Since:

2.266

impersonate

@Deprecated
 @NonNull
public static SecurityContext impersonate(@NonNull
                                                                Authentication auth)

Deprecated. use impersonate2(Authentication)

Since:

1.462

impersonate2

@Deprecated
public static void impersonate2(@NonNull
                                            org.springframework.security.core.Authentication auth,
                                            @NonNull
                                            Runnable body)

Deprecated. use try with resources and as2(Authentication)

Safer variant of impersonate2(Authentication) that does not require a finally-block.

Parameters:

auth - authentication, such as SYSTEM2

body - an action to run with this alternate authentication in effect

Since:

2.266

impersonate

@Deprecated
public static void impersonate(@NonNull
                                           Authentication auth,
                                           @NonNull
                                           Runnable body)

Deprecated. use impersonate2(Authentication, Runnable)

Since:

1.509

impersonate2

@Deprecated
public static <V,T extends Exception> V impersonate2(org.springframework.security.core.Authentication auth,
                                                                 hudson.remoting.Callable<V,T> body)
                                                          throws T extends Exception

Deprecated. use try with resources and as2(Authentication)

Safer variant of impersonate2(Authentication) that does not require a finally-block.

Parameters:

auth - authentication, such as SYSTEM2

body - an action to run with this alternate authentication in effect (try NotReallyRoleSensitiveCallable)

Throws:

T extends Exception

Since:

2.266

impersonate

@Deprecated
public static <V,T extends Exception> V impersonate(Authentication auth,
                                                                hudson.remoting.Callable<V,T> body)
                                                         throws T extends Exception

Deprecated. use impersonate2(Authentication, Callable)

Throws:

T extends Exception

Since:

1.587

as2

@NonNull
public static ACLContext as2(@NonNull
                                      org.springframework.security.core.Authentication auth)

Changes the Authentication associated with the current thread to the specified one and returns an AutoCloseable that restores the previous security context.

This makes impersonation much easier within code as it can now be used using the try with resources construct:

     try (ACLContext ctx = ACL.as2(auth)) {
        ...
     }
 

Parameters:

auth - the new authentication.

Returns:

the previous authentication context

Since:

2.266

as

@Deprecated
 @NonNull
public static ACLContext as(@NonNull
                                                  Authentication auth)

Deprecated. use as2(Authentication)

Since:

2.14

as

@NonNull
public static ACLContext as(@CheckForNull
                                     User user)

Changes the Authentication associated with the current thread to the specified one and returns an AutoCloseable that restores the previous security context.

This makes impersonation much easier within code as it can now be used using the try with resources construct:

     try (ACLContext ctx = ACL.as2(auth)) {
        ...
     }
 

Parameters:

user - the user to impersonate.

Returns:

the previous authentication context

Since:

2.14

isAnonymous2

public static boolean isAnonymous2(@NonNull
                                   org.springframework.security.core.Authentication authentication)

Checks if the given authentication is anonymous by checking its class.

Since:

2.266

See Also:

Jenkins.ANONYMOUS2, AnonymousAuthenticationToken

isAnonymous

@Deprecated
public static boolean isAnonymous(@NonNull
                                              Authentication authentication)

Deprecated. use isAnonymous2(org.springframework.security.core.Authentication)