Class SpecificUsersAuthorizationStrategy
java.lang.Object
hudson.model.AbstractDescribableImpl<AuthorizeProjectStrategy>
org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy
org.jenkinsci.plugins.authorizeproject.strategy.SpecificUsersAuthorizationStrategy
- All Implemented Interfaces:
ExtensionPoint
,Describable<AuthorizeProjectStrategy>
Run builds as a user specified in project configuration pages.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
Our descriptor.Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson
-
Constructor Summary
ConstructorsConstructorDescriptionSpecificUsersAuthorizationStrategy
(String userid, boolean useApitoken, String apitoken, String password) -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.core.Authentication
authenticate
(Job<?, ?> project, Queue.Item item) Run builds as a specified user.protected static SpecificUsersAuthorizationStrategy
getCurrentStrategy
(Job<?, ?> project) ReturnSpecificUsersAuthorizationStrategy
configured in a project.boolean
Tests if the authorization can be configured by the current user.boolean
Tests if the job can be reconfigured by the current user when this strategy is the configured strategy.protected static boolean
isAuthenticationRequired
(String userId) boolean
protected Object
If we are being deserialized outside of loading the initial jobs (or reloading) then we need to cross check the strategy permissions to defend against somebody trying to push a configuration relating to a user other than themselves.void
setDontRestrictJobConfiguration
(boolean dontRestrictPermission) Methods inherited from class org.jenkinsci.plugins.authorizeproject.AuthorizeProjectStrategy
all, checkAuthorizationConfigurePermission, checkJobConfigurePermission
-
Constructor Details
-
SpecificUsersAuthorizationStrategy
-
SpecificUsersAuthorizationStrategy
@DataBoundConstructor public SpecificUsersAuthorizationStrategy(String userid, boolean useApitoken, String apitoken, String password) throws org.springframework.security.access.AccessDeniedException - Throws:
org.springframework.security.access.AccessDeniedException
-
-
Method Details
-
getUserid
- Returns:
- id of the user to run builds as.
-
isDontRestrictJobConfiguration
public boolean isDontRestrictJobConfiguration()- Returns:
- whether not to restrict job configuration
- Since:
- 1.3.0
- See Also:
-
setDontRestrictJobConfiguration
@DataBoundSetter public void setDontRestrictJobConfiguration(boolean dontRestrictPermission) - Parameters:
dontRestrictPermission
- whether not to restrict job configuration- Since:
- 1.3.0
- See Also:
-
isAuthenticationRequired
-
getDescriptor
Description copied from class:AuthorizeProjectStrategy
- Specified by:
getDescriptor
in interfaceDescribable<AuthorizeProjectStrategy>
- Overrides:
getDescriptor
in classAuthorizeProjectStrategy
-
authenticate
public org.springframework.security.core.Authentication authenticate(Job<?, ?> project, Queue.Item item) Run builds as a specified user.If the user is invalid, run as anonymous.
- Specified by:
authenticate
in classAuthorizeProjectStrategy
- Parameters:
project
- the project to run.item
- the item in queue, which will be a build.- Returns:
true
if authentication was successful- See Also:
-
hasJobConfigurePermission
Tests if the job can be reconfigured by the current user when this strategy is the configured strategy. Users withJenkins.ADMINISTER
permission skips this check.- Overrides:
hasJobConfigurePermission
in classAuthorizeProjectStrategy
- Parameters:
context
- the context of the job- Returns:
true
if and only if the current user is allowed to reconfigure the specified job.
-
hasAuthorizationConfigurePermission
Tests if the authorization can be configured by the current user. Users withJenkins.ADMINISTER
permission skips this check.- Overrides:
hasAuthorizationConfigurePermission
in classAuthorizeProjectStrategy
- Parameters:
context
- the context of the job- Returns:
true
if and only if the current user is allowed to configure this authorization.
-
getCurrentStrategy
ReturnSpecificUsersAuthorizationStrategy
configured in a project. -
readResolve
If we are being deserialized outside of loading the initial jobs (or reloading) then we need to cross check the strategy permissions to defend against somebody trying to push a configuration relating to a user other than themselves.- Overrides:
readResolve
in classAuthorizeProjectStrategy
- Returns:
this
- Throws:
ObjectStreamException
- if the object cannot be deserialized.- See Also:
-