Package com.michelin.cio.hudson.plugins.rolestrategy

Class RoleMap

  • public class RoleMap
extends Object
    Class holding a map for each kind of AccessControlled object, associating each Role with the concerned Users/groups.
    Author:
    Thomas Maurel

    • Field Detail

      • FORCE_CASE_SENSITIVE

        @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public static boolean FORCE_CASE_SENSITIVE

    • Constructor Detail

      • RoleMap

        @DataBoundConstructor
public RoleMap​(@NonNull
               SortedMap<Role,​Set<PermissionEntry>> grantedRoles)
        Constructor.
        Parameters:
        grantedRoles - Roles to be granted.

    • Method Detail

      • hasPermission

        @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public boolean hasPermission​(PermissionEntry sid,
                             Permission permission,
                             RoleType roleType,
                             AccessControlled controlledItem)
        Check if the given sid has the provided Permission.
        Returns:
        True if the sid's granted permission

      • hasRole

        public boolean hasRole​(@NonNull
                       Role role)
        Check if the RoleMap contains the given Role.
        Parameters:
        role - Role to be checked
        Returns:
        true if the RoleMap contains the given role

      • addRole

        public void addRole​(Role role)
        Add the given role to this RoleMap.
        Parameters:
        role - The Role to add

      • addRole

        public void addRole​(Role role,
                    Set<PermissionEntry> sids)
        Add the given role to this RoleMap and assign the sids to it. If a role
        Parameters:
        role - The Role to add
        sids - The sids associated with the Role

      • assignRole

        public void assignRole​(Role role,
                       PermissionEntry sid)
        Assign the sid to the given Role.
        Parameters:
        role - The Role to assign the sid to
        sid - The sid to assign

      • unAssignRole

        public void unAssignRole​(Role role,
                         PermissionEntry sid)
        unAssign the sid from the given Role.
        Parameters:
        role - The Role to unassign the sid to
        sid - The sid to unassign

      • clearSidsForRole

        public void clearSidsForRole​(Role role)
        Clear all the sids associated to the given Role.
        Parameters:
        role - The Role for which you want to clear the sids

      • deleteSids

        public void deleteSids​(PermissionEntry sid)
        Clear all the roles associated to the given sid.
        Parameters:
        sid - The sid for which you want to clear the Roles

      • deleteRoleSid

        public void deleteRoleSid​(PermissionEntry sid,
                          String rolename)
        Clear specific role associated to the given sid.
        Parameters:
        sid - The sid for which you want to clear the Roles
        rolename - The role for which you want to clear the Roles
        Since:
        2.6.0

      • clearSids

        public void clearSids()
        Clear all the sids for each Role of the RoleMap.

      • getRole

        @CheckForNull
public Role getRole​(String name)
        Get the Role object named after the given param.
        Parameters:
        name - The name of the Role
        Returns:
        The Role named after the given param. null if the role is missing.

      • removeRole

        public void removeRole​(Role role)
        Removes a Role.
        Parameters:
        role - The Role which shall be removed

      • getGrantedRolesEntries

        public SortedMap<Role,​Set<PermissionEntry>> getGrantedRolesEntries()
        Get an unmodifiable sorted map containing Roles and their assigned sids.
        Returns:
        An unmodifiable sorted map containing the Roles and their associated sids

      • getGrantedRoles

        @Deprecated
public SortedMap<Role,​Set<String>> getGrantedRoles()
        Deprecated.
        use getGrantedRolesEntries()
        Get an unmodifiable sorted map containing Roles and their assigned sids. All types are returned to keep the api as compatible as possible.
        Returns:
        An unmodifiable sorted map containing the Roles and their associated sids

      • getRoles

        public Set<Role> getRoles()
        Get an unmodifiable set containing all the Roles of this RoleMap.
        Returns:
        An unmodifiable set containing the Roles

      • getSids

        @Deprecated
public SortedSet<String> getSids()
        Deprecated.
        use getSidEntries()
        Get all the sids referenced in this RoleMap, minus the Anonymous sid. All types are returned to keep the api as compatible as possible.
        Returns:
        A sorted set containing all the sids, minus the Anonymous sid

      • getSids

        @Deprecated
public SortedSet<String> getSids​(Boolean includeAnonymous)
        Deprecated.
        use getSidEntries(Boolean)
        Get all the sids referenced in this RoleMap. All types are returned to keep the api as compatible as possible.
        Parameters:
        includeAnonymous - True if you want the Anonymous sid to be included in the set
        Returns:
        A sorted set containing all the sids

      • getSidEntries

        public SortedSet<PermissionEntry> getSidEntries()
        Get all the sids referenced in this RoleMap, minus the Anonymous sid.
        Returns:
        A sorted set containing all the sids, minus the Anonymous sid

      • getSidEntries

        public SortedSet<PermissionEntry> getSidEntries​(Boolean includeAnonymous)
        Get all the sids referenced in this RoleMap.
        Parameters:
        includeAnonymous - True if you want the Anonymous sid to be included in the set
        Returns:
        A sorted set containing all the sids

      • getSidEntriesForRole

        @CheckForNull
public Set<PermissionEntry> getSidEntriesForRole​(String roleName)
        Get all the permission entries assigned to the Role named after the roleName param.
        Parameters:
        roleName - The name of the role
        Returns:
        A sorted set containing all the sids. null if the role is missing.

      • getSidsForRole

        @CheckForNull
@Deprecated
public Set<String> getSidsForRole​(String roleName)
        Deprecated.
        use getSidEntriesForRole(String)
        Get all the sids assigned to the Role named after the roleName param. All types are returned to keep the api as compatible as possible.
        Parameters:
        roleName - The name of the role
        Returns:
        A sorted set containing all the sids. null if the role is missing.

      • getRolesForUser

        @NonNull
public Set<String> getRolesForUser​(User user)
                            throws org.springframework.security.core.userdetails.UsernameNotFoundException
        Get all roles associated with the given User.
        Parameters:
        user - The User for which to get the roles
        Returns:
        a set of roles
        Throws:
        org.springframework.security.core.userdetails.UsernameNotFoundException - when user is not found

      • getRolesForAuth

        @NonNull
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public Set<String> getRolesForAuth​(org.springframework.security.core.Authentication auth)
        Get all roles associated with the given Authentication.
        Parameters:
        auth - The Authentication for which to get the roles
        Returns:
        a set of roles

      • newMatchingRoleMap

        public RoleMap newMatchingRoleMap​(String itemNamePrefix)
        Create a sub-map of this RoleMap containing Roles that are applicable on the given itemNamePrefix.
        Parameters:
        itemNamePrefix - the name of the AbstractItem or Computer
        Returns:
        A RoleMap containing roles that are applicable on the itemNamePrefix

      • getMatchingJobNames

        @Deprecated
public static List<String> getMatchingJobNames​(Pattern pattern,
                                               int maxJobs)
        Deprecated.
        No replacement available. It was never intended for public usage.
        Get all job names matching the given pattern, viewable to the requesting user.
        Parameters:
        pattern - Pattern to match against
        maxJobs - Max matching jobs to look for
        Returns:
        List of matching job names

      • getMatchingAgentNames

        @Deprecated
public static List<String> getMatchingAgentNames​(Pattern pattern,
                                                 int maxAgents)
        Deprecated.
        No replacement available. It was never intended for public usage.
        Get all agent names matching the given pattern, viewable to the requesting user.
        Parameters:
        pattern - Pattern to match against
        maxAgents - Max matching agents to look for
        Returns:
        List of matching agent names