Package com.michelin.cio.hudson.plugins.rolestrategy

Class RoleMap

java.lang.Object
com.michelin.cio.hudson.plugins.rolestrategy.RoleMap
public class RoleMap extends Object
Class holding a map for each kind of AccessControlled object, associating each Role with the concerned Users/groups.
Author:
Thomas Maurel

  • Field Details

    • FORCE_CASE_SENSITIVE

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public static boolean FORCE_CASE_SENSITIVE

  • Constructor Details

    • RoleMap

      @DataBoundConstructor public RoleMap(@NonNull SortedMap<Role,Set<PermissionEntry>> grantedRoles)
      Constructor.
      Parameters:
      grantedRoles - Roles to be granted.

  • Method Details

    • hasPermission

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public boolean hasPermission(PermissionEntry sid, Permission permission, RoleType roleType, AccessControlled controlledItem)
      Check if the given sid has the provided Permission.
      Returns:
      True if the sid's granted permission

    • hasRole

      public boolean hasRole(@NonNull Role role)
      Check if the RoleMap contains the given Role.
      Parameters:
      role - Role to be checked
      Returns:
      true if the RoleMap contains the given role

    • getACL

      public SidACL getACL(RoleType roleType, AccessControlled controlledItem)
      Get the ACL for the current RoleMap.
      Returns:
      ACL for the current RoleMap

    • addRole

      public void addRole(Role role)
      Add the given role to this RoleMap.
      Parameters:
      role - The Role to add

    • addRole

      public void addRole(Role role, Set<PermissionEntry> sids)
      Add the given role to this RoleMap and assign the sids to it. If a role
      Parameters:
      role - The Role to add
      sids - The sids associated with the Role

    • assignRole

      public void assignRole(Role role, PermissionEntry sid)
      Assign the sid to the given Role.
      Parameters:
      role - The Role to assign the sid to
      sid - The sid to assign

    • assignRole

      @Deprecated public void assignRole(Role role, String sid)
      Deprecated.
      use assignRole(Role, PermissionEntry)
      Assign the sid to the given Role. Assigns are a AuthorizationType.EITHER
      Parameters:
      role - The Role to assign the sid to
      sid - The sid to assign

    • unAssignRole

      public void unAssignRole(Role role, PermissionEntry sid)
      unAssign the sid from the given Role.
      Parameters:
      role - The Role to unassign the sid to
      sid - The sid to unassign

    • unAssignRole

      @Deprecated public void unAssignRole(Role role, String sid)
      Deprecated.
      use unAssignRole(Role, PermissionEntry)
      unAssign the sid from the given Role. This will only unassign entries of type AuthorizationType.EITHER.
      Parameters:
      role - The Role to unassign the sid to
      sid - The sid to unassign
      Since:
      2.6.0

    • clearSidsForRole

      public void clearSidsForRole(Role role)
      Clear all the sids associated to the given Role.
      Parameters:
      role - The Role for which you want to clear the sids

    • deleteSids

      public void deleteSids(PermissionEntry sid)
      Clear all the roles associated to the given sid.
      Parameters:
      sid - The sid for which you want to clear the Roles

    • deleteSids

      @Deprecated public void deleteSids(String sid)
      Deprecated.
      use deleteSids(PermissionEntry)
      Clear all the roles associated to the given sid. This will only find sids of type AuthorizationType.EITHER
      Parameters:
      sid - The sid for which you want to clear the Roles

    • deleteRoleSid

      public void deleteRoleSid(PermissionEntry sid, String rolename)
      Clear specific role associated to the given sid.
      Parameters:
      sid - The sid for which you want to clear the Roles
      rolename - The role for which you want to clear the Roles
      Since:
      2.6.0

    • deleteRoleSid

      @Deprecated public void deleteRoleSid(String sid, String rolename)
      Deprecated.
      use deleteRoleSid(PermissionEntry, String)
      Clear specific role associated to the given sid. This will only find sids of type AuthorizationType.EITHER
      Parameters:
      sid - The sid for which you want to clear the Roles
      rolename - The role for which you want to clear the Roles
      Since:
      2.6.0

    • clearSids

      public void clearSids()
      Clear all the sids for each Role of the RoleMap.

    • getRole

      @CheckForNull public Role getRole(String name)
      Get the Role object named after the given param.
      Parameters:
      name - The name of the Role
      Returns:
      The Role named after the given param. null if the role is missing.

    • removeRole

      public void removeRole(Role role)
      Removes a Role.
      Parameters:
      role - The Role which shall be removed

    • getGrantedRolesEntries

      public SortedMap<Role,Set<PermissionEntry>> getGrantedRolesEntries()
      Get an unmodifiable sorted map containing Roles and their assigned sids.
      Returns:
      An unmodifiable sorted map containing the Roles and their associated sids

    • getGrantedRoles

      @Deprecated public SortedMap<Role,Set<String>> getGrantedRoles()
      Deprecated.
      use getGrantedRolesEntries()
      Get an unmodifiable sorted map containing Roles and their assigned sids. All types are returned to keep the api as compatible as possible.
      Returns:
      An unmodifiable sorted map containing the Roles and their associated sids

    • getRoles

      public Set<Role> getRoles()
      Get an unmodifiable set containing all the Roles of this RoleMap.
      Returns:
      An unmodifiable set containing the Roles

    • getSids

      @Deprecated public SortedSet<String> getSids()
      Deprecated.
      use getSidEntries()
      Get all the sids referenced in this RoleMap, minus the Anonymous sid. All types are returned to keep the api as compatible as possible.
      Returns:
      A sorted set containing all the sids, minus the Anonymous sid

    • getSids

      @Deprecated public SortedSet<String> getSids(Boolean includeAnonymous)
      Deprecated.
      use getSidEntries(Boolean)
      Get all the sids referenced in this RoleMap. All types are returned to keep the api as compatible as possible.
      Parameters:
      includeAnonymous - True if you want the Anonymous sid to be included in the set
      Returns:
      A sorted set containing all the sids

    • getSidEntries

      public SortedSet<PermissionEntry> getSidEntries()
      Get all the sids referenced in this RoleMap, minus the Anonymous sid.
      Returns:
      A sorted set containing all the sids, minus the Anonymous sid

    • getSidEntries

      public SortedSet<PermissionEntry> getSidEntries(Boolean includeAnonymous)
      Get all the sids referenced in this RoleMap.
      Parameters:
      includeAnonymous - True if you want the Anonymous sid to be included in the set
      Returns:
      A sorted set containing all the sids

    • getSidEntriesForRole

      @CheckForNull public Set<PermissionEntry> getSidEntriesForRole(String roleName)
      Get all the permission entries assigned to the Role named after the roleName param.
      Parameters:
      roleName - The name of the role
      Returns:
      A sorted set containing all the sids. null if the role is missing.

    • getSidsForRole

      @CheckForNull @Deprecated public Set<String> getSidsForRole(String roleName)
      Deprecated.
      use getSidEntriesForRole(String)
      Get all the sids assigned to the Role named after the roleName param. All types are returned to keep the api as compatible as possible.
      Parameters:
      roleName - The name of the role
      Returns:
      A sorted set containing all the sids. null if the role is missing.

    • getRolesForUser

      @NonNull public Set<String> getRolesForUser(User user) throws org.springframework.security.core.userdetails.UsernameNotFoundException
      Get all roles associated with the given User.
      Parameters:
      user - The User for which to get the roles
      Returns:
      a set of roles
      Throws:
      org.springframework.security.core.userdetails.UsernameNotFoundException - when user is not found

    • getRolesForAuth

      @NonNull @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public Set<String> getRolesForAuth(org.springframework.security.core.Authentication auth)
      Get all roles associated with the given Authentication.
      Parameters:
      auth - The Authentication for which to get the roles
      Returns:
      a set of roles

    • newMatchingRoleMap

      public RoleMap newMatchingRoleMap(String itemNamePrefix)
      Create a sub-map of this RoleMap containing Roles that are applicable on the given itemNamePrefix.
      Parameters:
      itemNamePrefix - the name of the AbstractItem or Computer
      Returns:
      A RoleMap containing roles that are applicable on the itemNamePrefix

    • getMatchingJobNames

      @Deprecated public static List<String> getMatchingJobNames(Pattern pattern, int maxJobs)
      Deprecated.
      No replacement available. It was never intended for public usage.
      Get all job names matching the given pattern, viewable to the requesting user.
      Parameters:
      pattern - Pattern to match against
      maxJobs - Max matching jobs to look for
      Returns:
      List of matching job names

    • getMatchingAgentNames

      @Deprecated public static List<String> getMatchingAgentNames(Pattern pattern, int maxAgents)
      Deprecated.
      No replacement available. It was never intended for public usage.
      Get all agent names matching the given pattern, viewable to the requesting user.
      Parameters:
      pattern - Pattern to match against
      maxAgents - Max matching agents to look for
      Returns:
      List of matching agent names