java.lang.Object
com.michelin.cio.hudson.plugins.rolestrategy.RoleMap

public class RoleMap extends Object
Class holding a map for each kind of AccessControlled object, associating each Role with the concerned Users/groups.
Author:
Thomas Maurel
  • Field Details

    • FORCE_CASE_SENSITIVE

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public static boolean FORCE_CASE_SENSITIVE
  • Constructor Details

    • RoleMap

      @DataBoundConstructor public RoleMap(@NonNull SortedMap<Role,Set<PermissionEntry>> grantedRoles)
      Constructor.
      Parameters:
      grantedRoles - Roles to be granted.
  • Method Details

    • hasPermission

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public boolean hasPermission(PermissionEntry sid, Permission permission, RoleType roleType, AccessControlled controlledItem)
      Check if the given sid has the provided Permission.
      Returns:
      True if the sid's granted permission
    • hasRole

      public boolean hasRole(@NonNull Role role)
      Check if the RoleMap contains the given Role.
      Parameters:
      role - Role to be checked
      Returns:
      true if the RoleMap contains the given role
    • getACL

      public SidACL getACL(RoleType roleType, AccessControlled controlledItem)
      Get the ACL for the current RoleMap.
      Returns:
      ACL for the current RoleMap
    • addRole

      public void addRole(Role role)
      Add the given role to this RoleMap.
      Parameters:
      role - The Role to add
    • addRole

      public void addRole(Role role, Set<PermissionEntry> sids)
      Add the given role to this RoleMap and assign the sids to it. If a role
      Parameters:
      role - The Role to add
      sids - The sids associated with the Role
    • assignRole

      public void assignRole(Role role, PermissionEntry sid)
      Assign the sid to the given Role.
      Parameters:
      role - The Role to assign the sid to
      sid - The sid to assign
    • assignRole

      @Deprecated public void assignRole(Role role, String sid)
      Assign the sid to the given Role. Assigns are a AuthorizationType.EITHER
      Parameters:
      role - The Role to assign the sid to
      sid - The sid to assign
    • unAssignRole

      public void unAssignRole(Role role, PermissionEntry sid)
      unAssign the sid from the given Role.
      Parameters:
      role - The Role to unassign the sid to
      sid - The sid to unassign
    • unAssignRole

      @Deprecated public void unAssignRole(Role role, String sid)
      unAssign the sid from the given Role. This will only unassign entries of type AuthorizationType.EITHER.
      Parameters:
      role - The Role to unassign the sid to
      sid - The sid to unassign
      Since:
      2.6.0
    • clearSidsForRole

      public void clearSidsForRole(Role role)
      Clear all the sids associated to the given Role.
      Parameters:
      role - The Role for which you want to clear the sids
    • deleteSids

      public void deleteSids(PermissionEntry sid)
      Clear all the roles associated to the given sid.
      Parameters:
      sid - The sid for which you want to clear the Roles
    • deleteSids

      @Deprecated public void deleteSids(String sid)
      Clear all the roles associated to the given sid. This will only find sids of type AuthorizationType.EITHER
      Parameters:
      sid - The sid for which you want to clear the Roles
    • deleteRoleSid

      public void deleteRoleSid(PermissionEntry sid, String rolename)
      Clear specific role associated to the given sid.
      Parameters:
      sid - The sid for which you want to clear the Roles
      rolename - The role for which you want to clear the Roles
      Since:
      2.6.0
    • deleteRoleSid

      @Deprecated public void deleteRoleSid(String sid, String rolename)
      Clear specific role associated to the given sid. This will only find sids of type AuthorizationType.EITHER
      Parameters:
      sid - The sid for which you want to clear the Roles
      rolename - The role for which you want to clear the Roles
      Since:
      2.6.0
    • clearSids

      public void clearSids()
      Clear all the sids for each Role of the RoleMap.
    • getRole

      @CheckForNull public Role getRole(String name)
      Get the Role object named after the given param.
      Parameters:
      name - The name of the Role
      Returns:
      The Role named after the given param. null if the role is missing.
    • removeRole

      public void removeRole(Role role)
      Removes a Role.
      Parameters:
      role - The Role which shall be removed
    • getGrantedRolesEntries

      public SortedMap<Role,Set<PermissionEntry>> getGrantedRolesEntries()
      Get an unmodifiable sorted map containing Roles and their assigned sids.
      Returns:
      An unmodifiable sorted map containing the Roles and their associated sids
    • getGrantedRoles

      @Deprecated public SortedMap<Role,Set<String>> getGrantedRoles()
      Deprecated.
      Get an unmodifiable sorted map containing Roles and their assigned sids. All types are returned to keep the api as compatible as possible.
      Returns:
      An unmodifiable sorted map containing the Roles and their associated sids
    • getRoles

      public Set<Role> getRoles()
      Get an unmodifiable set containing all the Roles of this RoleMap.
      Returns:
      An unmodifiable set containing the Roles
    • getSids

      @Deprecated public SortedSet<String> getSids()
      Deprecated.
      Get all the sids referenced in this RoleMap, minus the Anonymous sid. All types are returned to keep the api as compatible as possible.
      Returns:
      A sorted set containing all the sids, minus the Anonymous sid
    • getSids

      @Deprecated public SortedSet<String> getSids(Boolean includeAnonymous)
      Deprecated.
      Get all the sids referenced in this RoleMap. All types are returned to keep the api as compatible as possible.
      Parameters:
      includeAnonymous - True if you want the Anonymous sid to be included in the set
      Returns:
      A sorted set containing all the sids
    • getSidEntries

      public SortedSet<PermissionEntry> getSidEntries()
      Get all the sids referenced in this RoleMap, minus the Anonymous sid.
      Returns:
      A sorted set containing all the sids, minus the Anonymous sid
    • getSidEntries

      public SortedSet<PermissionEntry> getSidEntries(Boolean includeAnonymous)
      Get all the sids referenced in this RoleMap.
      Parameters:
      includeAnonymous - True if you want the Anonymous sid to be included in the set
      Returns:
      A sorted set containing all the sids
    • getSidEntriesForRole

      @CheckForNull public Set<PermissionEntry> getSidEntriesForRole(String roleName)
      Get all the permission entries assigned to the Role named after the roleName param.
      Parameters:
      roleName - The name of the role
      Returns:
      A sorted set containing all the sids. null if the role is missing.
    • getSidsForRole

      @CheckForNull @Deprecated public Set<String> getSidsForRole(String roleName)
      Get all the sids assigned to the Role named after the roleName param. All types are returned to keep the api as compatible as possible.
      Parameters:
      roleName - The name of the role
      Returns:
      A sorted set containing all the sids. null if the role is missing.
    • getRolesForUser

      @NonNull public Set<String> getRolesForUser(User user) throws org.springframework.security.core.userdetails.UsernameNotFoundException
      Get all roles associated with the given User.
      Parameters:
      user - The User for which to get the roles
      Returns:
      a set of roles
      Throws:
      org.springframework.security.core.userdetails.UsernameNotFoundException - when user is not found
    • getRolesForAuth

      @NonNull @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public Set<String> getRolesForAuth(org.springframework.security.core.Authentication auth)
      Get all roles associated with the given Authentication.
      Parameters:
      auth - The Authentication for which to get the roles
      Returns:
      a set of roles
    • newMatchingRoleMap

      public RoleMap newMatchingRoleMap(String itemNamePrefix)
      Create a sub-map of this RoleMap containing Roles that are applicable on the given itemNamePrefix.
      Parameters:
      itemNamePrefix - the name of the AbstractItem or Computer
      Returns:
      A RoleMap containing roles that are applicable on the itemNamePrefix
    • getMatchingJobNames

      @Deprecated public static List<String> getMatchingJobNames(Pattern pattern, int maxJobs)
      Deprecated.
      No replacement available. It was never intended for public usage.
      Get all job names matching the given pattern, viewable to the requesting user.
      Parameters:
      pattern - Pattern to match against
      maxJobs - Max matching jobs to look for
      Returns:
      List of matching job names
    • getMatchingAgentNames

      @Deprecated public static List<String> getMatchingAgentNames(Pattern pattern, int maxAgents)
      Deprecated.
      No replacement available. It was never intended for public usage.
      Get all agent names matching the given pattern, viewable to the requesting user.
      Parameters:
      pattern - Pattern to match against
      maxAgents - Max matching agents to look for
      Returns:
      List of matching agent names