java.lang.Object
- hudson.model.AbstractDescribableImpl<AuthorizationStrategy>
- - hudson.security.AuthorizationStrategy
  - - com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy

All Implemented Interfaces:

ExtensionPoint, Describable<AuthorizationStrategy>
```
public class RoleBasedAuthorizationStrategy
extends AuthorizationStrategy
```
Role-based authorization strategy.

Author:

Thomas Maurel

Nested Class Summary

Nested Classes
Modifier and Type	Class	Description
`static class`	`RoleBasedAuthorizationStrategy.ConverterImpl`	Converter used to persist and retrieve the strategy from disk.
`static class`	`RoleBasedAuthorizationStrategy.DescriptorImpl`	Descriptor used to bind the strategy to the Web forms.

Nested classes/interfaces inherited from class hudson.security.AuthorizationStrategy
AuthorizationStrategy.Unsecured

Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary

Fields
Modifier and Type	Field	Description
`static RoleBasedAuthorizationStrategy.DescriptorImpl`	`DESCRIPTOR`
`static String`	`GLOBAL`
`static String`	`MACRO_ROLE`
`static String`	`MACRO_USER`
`static String`	`PERMISSION_TEMPLATES`
`static String`	`PROJECT`
`static String`	`SLAVE`

Fields inherited from class hudson.security.AuthorizationStrategy
LIST, UNSECURED

Constructor Summary

Constructors
Constructor	Description
`RoleBasedAuthorizationStrategy()`	Create new RoleBasedAuthorizationStrategy.
`RoleBasedAuthorizationStrategy(Map<String,RoleMap> grantedRoles)`	Creates a new `RoleBasedAuthorizationStrategy`.
`RoleBasedAuthorizationStrategy(Map<String,RoleMap> grantedRoles, Set<PermissionTemplate> permissionTemplates)`	Creates a new `RoleBasedAuthorizationStrategy`.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method	Description
`void`	`doAddRole(String type, String roleName, String permissionIds, String overwrite, String pattern, String template)`	API method to add a role.
`void`	`doAddTemplate(String name, String permissionIds, boolean overwrite)`	API method to add a permission template.
`void`	`doAssignGroupRole(String type, String roleName, String group)`	API method to assign a Group to role.
`void`	`doAssignRole(String type, String roleName, String sid)`	Deprecated. Use `doAssignUserRole(java.lang.String, java.lang.String, java.lang.String)` or `doAssignGroupRole(java.lang.String, java.lang.String, java.lang.String)` to create unambiguous entries
`void`	`doAssignUserRole(String type, String roleName, String user)`	API method to assign a User to role.
`void`	`doDeleteGroup(String type, String group)`	API method to delete a group from all granted roles.
`void`	`doDeleteSid(String type, String sid)`	API method to delete a SID from all granted roles.
`void`	`doDeleteUser(String type, String user)`	API method to delete a user from all granted roles.
`void`	`doGetAllRoles(String type)`	API method to get all roles and the SIDs assigned to the roles for a roletype.
`void`	`doGetMatchingAgents(String pattern, int maxAgents)`	API method to get a list of agents matching a pattern.
`void`	`doGetMatchingJobs(String pattern, int maxJobs)`	API method to get a list of items matching a pattern.
`void`	`doGetRole(String type, String roleName)`	API method to get the granted permissions of a role and the SIDs assigned to it.
`void`	`doGetTemplate(String name)`	API method to get the granted permissions of a template and if the template is used.
`void`	`doRemoveRoles(String type, String roleNames)`	API method to remove roles.
`void`	`doRemoveTemplates(String names, boolean force)`	API method to remove templates.
`void`	`doUnassignGroupRole(String type, String roleName, String group)`	API method to remove a user from a role.
`void`	`doUnassignRole(String type, String roleName, String sid)`	API method to remove a SID from a role.
`void`	`doUnassignUserRole(String type, String roleName, String user)`	API method to remove a user from a role.
`ACL`	`getACL(AbstractItem project)`
`ACL`	`getACL(Computer computer)`
`ACL`	`getACL(Job<?,?> project)`	Get the specific ACL for projects.
`ACL`	`getACL(Node node)`
`SortedMap<Role,Set<String>>`	`getGrantedRoles(RoleType type)`	Deprecated. use `getGrantedRolesEntries(RoleType)`
`SortedMap<Role,Set<String>>`	`getGrantedRoles(String type)`	Deprecated. Use `getGrantedRolesEntries(RoleType)`
`SortedMap<Role,Set<PermissionEntry>>`	`getGrantedRolesEntries(RoleType type)`	Get the `Role`s and the sids assigned to them for the given `RoleType`.
`SortedMap<Role,Set<PermissionEntry>>`	`getGrantedRolesEntries(String type)`	Get the `Role`s and the sids assigned to them for the given `RoleType`.
`Collection<String>`	`getGroups()`	Used by the container realm.
`static RoleBasedAuthorizationStrategy`	`getInstance()`	Retrieves instance of the strategy.
`PermissionTemplate`	`getPermissionTemplate(String templateName)`
`Set<PermissionTemplate>`	`getPermissionTemplates()`	Get the permission templates.
`RoleMap`	`getRoleMap(RoleType roleType)`	Get the `RoleMap` corresponding to the `RoleType`.
`SidACL`	`getRootACL()`	Get the root ACL.
`Set<PermissionEntry>`	`getSidEntries(String type)`	Get all the SIDs referenced by specified `RoleMap` type.
`Set<String>`	`getSIDs(String type)`	Deprecated. use `getSidEntries(String)`
`boolean`	`hasPermissionTemplate(String name)`
`static void`	`init()`	Validate the config after System config was loaded.
`static boolean`	`isCreateAllowed()`	Deprecated. Always available since 1.566
`void`	`validateConfig()`	Checks if there are ambiguous entries and adds them to the monitor.

Methods inherited from class hudson.security.AuthorizationStrategy
all, getACL, getACL, getACL, getACL

Methods inherited from class hudson.model.AbstractDescribableImpl
getDescriptor

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

GLOBAL
```
public static final String GLOBAL
```
See Also:

Constant Field Values

PROJECT
```
public static final String PROJECT
```
See Also:

Constant Field Values

SLAVE
```
public static final String SLAVE
```
See Also:

Constant Field Values

PERMISSION_TEMPLATES

public static final String PERMISSION_TEMPLATES

See Also:: Constant Field Values

MACRO_ROLE
```
public static final String MACRO_ROLE
```
See Also:

Constant Field Values

MACRO_USER
```
public static final String MACRO_USER
```
See Also:

Constant Field Values

DESCRIPTOR

@Extension
public static final RoleBasedAuthorizationStrategy.DescriptorImpl DESCRIPTOR

Constructor Detail
- RoleBasedAuthorizationStrategy
```
public RoleBasedAuthorizationStrategy()
```
  Create new RoleBasedAuthorizationStrategy.
- RoleBasedAuthorizationStrategy
```
public RoleBasedAuthorizationStrategy(Map<String,RoleMap> grantedRoles)
```
  Creates a new RoleBasedAuthorizationStrategy.
  
  Parameters:
  
  grantedRoles - the roles in the strategy
- RoleBasedAuthorizationStrategy
```
public RoleBasedAuthorizationStrategy(Map<String,RoleMap> grantedRoles,
                                      @CheckForNull
                                      Set<PermissionTemplate> permissionTemplates)
```
  Creates a new RoleBasedAuthorizationStrategy.
  
  Parameters:
  
  grantedRoles - the roles in the strategy
  
  permissionTemplates - the permission templates in the strategy

Method Detail

getRootACL
```
@NonNull
public SidACL getRootACL()
```
Get the root ACL.

Specified by:

getRootACL in class AuthorizationStrategy

Returns:

The global ACL

getRoleMap
```
@NonNull
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public RoleMap getRoleMap(RoleType roleType)
```
Get the RoleMap corresponding to the RoleType.

Parameters:

roleType - the type of the role

Returns:

the RoleMap corresponding to the roleType

Throws:

IllegalArgumentException - for an invalid roleType

getACL
```
@NonNull
public ACL getACL(@NonNull
                  Job<?,?> project)
```
Get the specific ACL for projects.

Overrides:

getACL in class AuthorizationStrategy

Parameters:

project - The access-controlled project

Returns:

The project specific ACL

getACL

@NonNull
public ACL getACL(@NonNull
                  AbstractItem project)

Overrides:: getACL in class AuthorizationStrategy

getACL

@NonNull
public ACL getACL(@NonNull
                  Computer computer)

Overrides:: getACL in class AuthorizationStrategy

getACL

@NonNull
public ACL getACL(@NonNull
                  Node node)

Overrides:: getACL in class AuthorizationStrategy

getGroups
```
@NonNull
public Collection<String> getGroups()
```
Used by the container realm.

Specified by:

getGroups in class AuthorizationStrategy

Returns:

All the sids referenced by the strategy

getGrantedRoles
```
@Nullable
@Deprecated
public SortedMap<Role,Set<String>> getGrantedRoles(String type)
```
Deprecated.
Use getGrantedRolesEntries(RoleType)

Get the roles from the global RoleMap.
The returned sorted map is unmodifiable.

Parameters:

type - The object type controlled by the RoleMap

Returns:

All roles from the global RoleMap.

getGrantedRoles
```
@Deprecated
public SortedMap<Role,Set<String>> getGrantedRoles(@NonNull
                                                         RoleType type)
```
Deprecated.
use getGrantedRolesEntries(RoleType)

Get the Roles and the sids assigned to them for the given RoleType.

Parameters:

type - the type of the role

Returns:

roles mapped to the set of user sids assigned to that role

Since:

2.12

getPermissionTemplates
```
public Set<PermissionTemplate> getPermissionTemplates()
```
Get the permission templates.

Returns:

set of permission templates.

getPermissionTemplate

@CheckForNull
public PermissionTemplate getPermissionTemplate(String templateName)

hasPermissionTemplate

public boolean hasPermissionTemplate(String name)

getGrantedRolesEntries

public SortedMap<Role,Set<PermissionEntry>> getGrantedRolesEntries(@NonNull
                                                                         String type)

Get the Roles and the sids assigned to them for the given RoleType.

Parameters:: type - the type of the role
Returns:: roles mapped to the set of user sids assigned to that role

getGrantedRolesEntries

public SortedMap<Role,Set<PermissionEntry>> getGrantedRolesEntries(@NonNull
                                                                         RoleType type)

Get the Roles and the sids assigned to them for the given RoleType.

Parameters:: type - the type of the role
Returns:: roles mapped to the set of user sids assigned to that role

getSidEntries
```
public Set<PermissionEntry> getSidEntries(String type)
```
Get all the SIDs referenced by specified RoleMap type.

Parameters:

type - The object type controlled by the RoleMap

Returns:

All SIDs from the specified RoleMap.

getSIDs
```
@Deprecated
@CheckForNull
public Set<String> getSIDs(String type)
```
Deprecated.
use getSidEntries(String)

Get all the SIDs referenced by specified RoleMap type.

Parameters:

type - The object type controlled by the RoleMap

Returns:

All SIDs from the specified RoleMap.

doAddTemplate

@POST
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doAddTemplate(@QueryParameter(required=true)
                          String name,
                          @QueryParameter(required=true)
                          String permissionIds,
                          @QueryParameter(required=false)
                          boolean overwrite)
                   throws IOException

API method to add a permission template. An existing template with the same will only be replaced when overwrite is set. Otherwise, the request will fail with status 400

Parameters:: name - The template nae; permissionIds - Comma separated list of permission IDs; overwrite - If an existing template should be overwritten
Throws:: IOException

doRemoveTemplates

@POST
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doRemoveTemplates(@QueryParameter(required=true)
                              String names,
                              @QueryParameter(required=false)
                              boolean force)
                       throws IOException

API method to remove templates.

Example: curl -X POST localhost:8080/role-strategy/strategy/removeTemplates --data "templates=developer,qualits"

Parameters:: names - comma separated list of templates to remove; force - If templates that are in use should be removed
Throws:: IOException - in case saving changes fails

doAddRole

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doAddRole(@QueryParameter(required=true)
                      String type,
                      @QueryParameter(required=true)
                      String roleName,
                      @QueryParameter(required=true)
                      String permissionIds,
                      @QueryParameter(required=true)
                      String overwrite,
                      @QueryParameter(required=false)
                      String pattern,
                      @QueryParameter(required=false)
                      String template)
               throws IOException

API method to add a role.

Unknown and dangerous permissions are ignored. When specifying a template for an item role, the given permissions are ignored. The named template must exist, otherwise the request fails with status 400. The template is ignored when adding global or agent roles.

Example: curl -X POST localhost:8080/role-strategy/strategy/addRole --data "type=globalRoles&roleName=ADM& permissionIds=hudson.model.Item.Discover,hudson.model.Item.ExtendedRead&overwrite=true"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); roleName - Name of role; permissionIds - Comma separated list of IDs for given roleName; overwrite - Overwrite existing role; pattern - Role pattern; template - Name of template
Throws:: IOException - In case saving changes fails
Since:: 2.5.0

doRemoveRoles

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doRemoveRoles(@QueryParameter(required=true)
                          String type,
                          @QueryParameter(required=true)
                          String roleNames)
                   throws IOException

API method to remove roles.

Example: curl -X POST localhost:8080/role-strategy/strategy/removeRoles --data "type=globalRoles& roleNames=ADM,DEV"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); roleNames - comma separated list of roles to remove from type
Throws:: IOException - in case saving changes fails
Since:: 2.5.0

doAssignRole
```
@Deprecated
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doAssignRole(@QueryParameter(required=true)
                         String type,
                         @QueryParameter(required=true)
                         String roleName,
                         @QueryParameter(required=true)
                         String sid)
                  throws IOException
```
Deprecated.
Use doAssignUserRole(java.lang.String, java.lang.String, java.lang.String) or doAssignGroupRole(java.lang.String, java.lang.String, java.lang.String) to create unambiguous entries

API method to assign a SID of type EITHER to role. This method should no longer be used.
Example: curl -X POST localhost:8080/role-strategy/strategy/assignRole --data "type=globalRoles&roleName=ADM &sid=username"

Parameters:

type - (globalRoles, projectRoles, slaveRoles)

roleName - name of role (single, no list)

sid - user ID (single, no list)

Throws:

IOException - in case saving changes fails

Since:

2.5.0

doAssignUserRole

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doAssignUserRole(@QueryParameter(required=true)
                             String type,
                             @QueryParameter(required=true)
                             String roleName,
                             @QueryParameter(required=true)
                             String user)
                      throws IOException

API method to assign a User to role.

Example: curl -X POST localhost:8080/role-strategy/strategy/assignUserRole --data "type=globalRoles&roleName=ADM &user=username"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); roleName - name of role (single, no list); user - user ID (single, no list)
Throws:: IOException - in case saving changes fails
Since:: TODO

doAssignGroupRole

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doAssignGroupRole(@QueryParameter(required=true)
                              String type,
                              @QueryParameter(required=true)
                              String roleName,
                              @QueryParameter(required=true)
                              String group)
                       throws IOException

API method to assign a Group to role.

Example: curl -X POST localhost:8080/role-strategy/strategy/assignGroupRole --data "type=globalRoles&roleName=ADM &group=groupname"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); roleName - name of role (single, no list); group - group ID (single, no list)
Throws:: IOException - in case saving changes fails
Since:: TODO

doDeleteSid
```
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doDeleteSid(@QueryParameter(required=true)
                        String type,
                        @QueryParameter(required=true)
                        String sid)
                 throws IOException
```
API method to delete a SID from all granted roles. Only SIDS of type EITHER with the given name will be deleted.
Example: curl -X POST localhost:8080/role-strategy/strategy/deleteSid --data "type=globalRoles&sid=username"

Parameters:

type - (globalRoles, projectRoles, slaveRoles)

sid - user/group ID to remove

Throws:

IOException - in case saving changes fails

Since:

2.4.1

doDeleteUser

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doDeleteUser(@QueryParameter(required=true)
                         String type,
                         @QueryParameter(required=true)
                         String user)
                  throws IOException

API method to delete a user from all granted roles.

Example: curl -X POST localhost:8080/role-strategy/strategy/deleteUser --data "type=globalRoles&user=username"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); user - user ID to remove
Throws:: IOException - in case saving changes fails
Since:: 2.4.1

doDeleteGroup

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doDeleteGroup(@QueryParameter(required=true)
                          String type,
                          @QueryParameter(required=true)
                          String group)
                   throws IOException

API method to delete a group from all granted roles.

Example: curl -X POST localhost:8080/role-strategy/strategy/deleteGroup --data "type=globalRoles&group=groupname"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); group - group ID to remove
Throws:: IOException - in case saving changes fails
Since:: 2.4.1

doUnassignRole
```
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doUnassignRole(@QueryParameter(required=true)
                           String type,
                           @QueryParameter(required=true)
                           String roleName,
                           @QueryParameter(required=true)
                           String sid)
                    throws IOException
```
API method to remove a SID from a role. Only entries of type EITHER will be removed. use doUnassignUserRole(String, String, String) or doUnassignGroupRole(String, String, String) to unassign a User or a Group.
Example: curl -X POST localhost:8080/role-strategy/strategy/unassignRole --data "type=globalRoles&roleName=AMD&sid=username"

Parameters:

type - (globalRoles, projectRoles, slaveRoles)

roleName - unassign role with sid

sid - user ID to remove

Throws:

IOException - in case saving changes fails

Since:

2.6.0

doUnassignUserRole

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doUnassignUserRole(@QueryParameter(required=true)
                               String type,
                               @QueryParameter(required=true)
                               String roleName,
                               @QueryParameter(required=true)
                               String user)
                        throws IOException

API method to remove a user from a role.

Example: curl -X POST localhost:8080/role-strategy/strategy/unassignUserRole --data "type=globalRoles&roleName=AMD&user=username"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); roleName - unassign role with sid; user - user ID to remove
Throws:: IOException - in case saving changes fails
Since:: TODO

doUnassignGroupRole

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doUnassignGroupRole(@QueryParameter(required=true)
                                String type,
                                @QueryParameter(required=true)
                                String roleName,
                                @QueryParameter(required=true)
                                String group)
                         throws IOException

API method to remove a user from a role.

Example: curl -X POST localhost:8080/role-strategy/strategy/unassignGroupRole --data "type=globalRoles&roleName=AMD&user=username"

Parameters:: type - (globalRoles, projectRoles, slaveRoles); roleName - unassign role with sid; group - user ID to remove
Throws:: IOException - in case saving changes fails
Since:: TODO

doGetTemplate

@GET
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doGetTemplate(@QueryParameter(required=true)
                          String name)
                   throws IOException

API method to get the granted permissions of a template and if the template is used.

Example: curl -XGET 'http://localhost:8080/jenkins/role-strategy/strategy/getTemplate?name=developer'

Returns json with granted permissions and assigned sids.
Example:


   {
     "permissionIds": {
         "hudson.model.Item.Read":true,
         "hudson.model.Item.Build":true,
         "hudson.model.Item.Cancel":true,
      },
      "isUsed": true
   }

Throws:: IOException

doGetRole

@GET
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doGetRole(@QueryParameter(required=true)
                      String type,
                      @QueryParameter(required=true)
                      String roleName)
               throws IOException

API method to get the granted permissions of a role and the SIDs assigned to it.

Example: curl -XGET 'http://localhost:8080/jenkins/role-strategy/strategy/getRole ?type=projectRoles&roleName=admin'

Returns json with granted permissions and assigned sids.
Example:


   {
     "permissionIds": {
         "hudson.model.Item.Read":true,
         "hudson.model.Item.Build":true,
         "hudson.model.Item.Cancel":true,
      },
      "sids": [{"type":"USER","sid":"user1"}, {"type":"USER","sid":"user2"}]
      "pattern": ".*",
      "template": "developers",
   }

Parameters:: type - (globalRoles, projectRoles, slaveRoles); roleName - name of role (single, no list)
Throws:: IOException - In case write response failed
Since:: 2.8.3

doGetAllRoles

@GET
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doGetAllRoles(@QueryParameter(fixEmpty=true)
                          String type)
                   throws IOException

API method to get all roles and the SIDs assigned to the roles for a roletype.

Example: curl -X GET localhost:8080/role-strategy/strategy/getAllRoles?type=projectRoles

Returns a json with roles and sids
Example:


   {
     "role2": [{"type":"USER","sid":"user1"}, {"type":"USER","sid":"user2"}],
     "role2": [{"type":"GROUP","sid":"group1"}, {"type":"USER","sid":"user2"}]
   }

Parameters:: type - (globalRoles by default, projectRoles, slaveRoles)
Throws:: IOException
Since:: 2.6.0

doGetMatchingJobs

@GET
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doGetMatchingJobs(@QueryParameter(required=true)
                              String pattern,
                              @QueryParameter
                              int maxJobs)
                       throws IOException

API method to get a list of items matching a pattern.

Example: curl -X GET localhost:8080/role-strategy/strategy/getMatchingJobs?pattern=^staging.*

Parameters:: pattern - Pattern to match against; maxJobs - Maximum matching items to search for
Throws:: IOException - when unable to write response

doGetMatchingAgents

@GET
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void doGetMatchingAgents(@QueryParameter(required=true)
                                String pattern,
                                @QueryParameter
                                int maxAgents)
                         throws IOException

API method to get a list of agents matching a pattern.

Example: curl -X GET localhost:8080/role-strategy/strategy/getMatchingAgents?pattern=^linux.*

Parameters:: pattern - Pattern to match against; maxAgents - Maximum matching agents to search for
Throws:: IOException - when unable to write response

validateConfig

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public void validateConfig()

Checks if there are ambiguous entries and adds them to the monitor.

init

@Initializer(after=SYSTEM_CONFIG_LOADED)
public static void init()

Validate the config after System config was loaded.

getInstance
```
@CheckForNull
public static RoleBasedAuthorizationStrategy getInstance()
```
Retrieves instance of the strategy.

Returns:

Strategy instance or null if it is disabled.

isCreateAllowed
```
@Deprecated
public static boolean isCreateAllowed()
```
Deprecated.
Always available since 1.566

Control job create using RoleBasedProjectNamingStrategy.

Since:

2.2.0

Class RoleBasedAuthorizationStrategy

Nested Class Summary

Nested classes/interfaces inherited from class hudson.security.AuthorizationStrategy

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

Field Summary

Fields inherited from class hudson.security.AuthorizationStrategy

Constructor Summary

Method Summary

Methods inherited from class hudson.security.AuthorizationStrategy

Methods inherited from class hudson.model.AbstractDescribableImpl

Methods inherited from class java.lang.Object

Field Detail

GLOBAL

PROJECT

SLAVE

PERMISSION_TEMPLATES

MACRO_ROLE

MACRO_USER

DESCRIPTOR

Constructor Detail

RoleBasedAuthorizationStrategy

RoleBasedAuthorizationStrategy

RoleBasedAuthorizationStrategy

Method Detail

getRootACL

getRoleMap

getACL

getACL

getACL

getACL

getGroups

getGrantedRoles

getGrantedRoles

getPermissionTemplates

getPermissionTemplate

hasPermissionTemplate

getGrantedRolesEntries

getGrantedRolesEntries

getSidEntries

getSIDs

doAddTemplate

doRemoveTemplates

doAddRole

doRemoveRoles

doAssignRole

doAssignUserRole

doAssignGroupRole

doDeleteSid

doDeleteUser

doDeleteGroup

doUnassignRole

doUnassignUserRole

doUnassignGroupRole

doGetTemplate

doGetRole

doGetAllRoles

doGetMatchingJobs

doGetMatchingAgents

validateConfig

init

getInstance

isCreateAllowed