Class RoleMap
java.lang.Object
com.michelin.cio.hudson.plugins.rolestrategy.RoleMap
Class holding a map for each kind of
AccessControlled
object, associating each Role
with the
concerned User
s/groups.- Author:
- Thomas Maurel
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
Add the given role to thisRoleMap
.void
addRole
(Role role, Set<PermissionEntry> sids) Add the given role to thisRoleMap
and assign the sids to it.void
assignRole
(Role role, PermissionEntry sid) Assign the sid to the givenRole
.void
assignRole
(Role role, String sid) Deprecated.void
void
clearSidsForRole
(Role role) Clear all the sids associated to the givenRole
.void
deleteRoleSid
(PermissionEntry sid, String rolename) Clear specific role associated to the given sid.void
deleteRoleSid
(String sid, String rolename) Deprecated.void
Clear all the roles associated to the given sid.void
deleteSids
(String sid) Deprecated.getACL
(RoleType roleType, AccessControlled controlledItem) Get the ACL for the currentRoleMap
.Deprecated.Get an unmodifiable sorted map containingRole
s and their assigned sids.getMatchingAgentNames
(Pattern pattern, int maxAgents) Deprecated.No replacement available.getMatchingJobNames
(Pattern pattern, int maxJobs) Deprecated.No replacement available.Get theRole
object named after the given param.getRoles()
getRolesForAuth
(org.springframework.security.core.Authentication auth) Get all roles associated with the given Authentication.getRolesForUser
(User user) Get all roles associated with the given User.Get all the sids referenced in thisRoleMap
, minus theAnonymous
sid.getSidEntries
(Boolean includeAnonymous) Get all the sids referenced in thisRoleMap
.getSidEntriesForRole
(String roleName) Get all the permission entries assigned to theRole
named after theroleName
param.getSids()
Deprecated.usegetSidEntries()
Deprecated.getSidsForRole
(String roleName) Deprecated.boolean
hasPermission
(PermissionEntry sid, Permission permission, RoleType roleType, AccessControlled controlledItem) Check if the given sid has the providedPermission
.boolean
newMatchingRoleMap
(String itemNamePrefix) void
removeRole
(Role role) Removes aRole
.void
unAssignRole
(Role role, PermissionEntry sid) unAssign the sid from the givenRole
.void
unAssignRole
(Role role, String sid) Deprecated.
-
Field Details
-
FORCE_CASE_SENSITIVE
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public static boolean FORCE_CASE_SENSITIVE
-
-
Constructor Details
-
RoleMap
Constructor.- Parameters:
grantedRoles
- Roles to be granted.
-
-
Method Details
-
hasPermission
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public boolean hasPermission(PermissionEntry sid, Permission permission, RoleType roleType, AccessControlled controlledItem) Check if the given sid has the providedPermission
.- Returns:
- True if the sid's granted permission
-
hasRole
- Parameters:
role
- Role to be checked- Returns:
true
if theRoleMap
contains the given role
-
getACL
Get the ACL for the currentRoleMap
.- Returns:
- ACL for the current
RoleMap
-
addRole
Add the given role to thisRoleMap
.- Parameters:
role
- TheRole
to add
-
addRole
Add the given role to thisRoleMap
and assign the sids to it. If a role -
assignRole
Assign the sid to the givenRole
.- Parameters:
role
- TheRole
to assign the sid tosid
- The sid to assign
-
assignRole
Deprecated.Assign the sid to the givenRole
. Assigns are aAuthorizationType.EITHER
- Parameters:
role
- TheRole
to assign the sid tosid
- The sid to assign
-
unAssignRole
unAssign the sid from the givenRole
.- Parameters:
role
- TheRole
to unassign the sid tosid
- The sid to unassign
-
unAssignRole
Deprecated.unAssign the sid from the givenRole
. This will only unassign entries of typeAuthorizationType.EITHER
.- Parameters:
role
- TheRole
to unassign the sid tosid
- The sid to unassign- Since:
- 2.6.0
-
clearSidsForRole
Clear all the sids associated to the givenRole
.- Parameters:
role
- TheRole
for which you want to clear the sids
-
deleteSids
Clear all the roles associated to the given sid.- Parameters:
sid
- The sid for which you want to clear theRole
s
-
deleteSids
Deprecated.Clear all the roles associated to the given sid. This will only find sids of typeAuthorizationType.EITHER
- Parameters:
sid
- The sid for which you want to clear theRole
s
-
deleteRoleSid
Clear specific role associated to the given sid. -
deleteRoleSid
Deprecated.Clear specific role associated to the given sid. This will only find sids of typeAuthorizationType.EITHER
-
clearSids
public void clearSids() -
getRole
Get theRole
object named after the given param. -
removeRole
Removes aRole
.- Parameters:
role
- TheRole
which shall be removed
-
getGrantedRolesEntries
Get an unmodifiable sorted map containingRole
s and their assigned sids.- Returns:
- An unmodifiable sorted map containing the
Role
s and their associated sids
-
getGrantedRoles
Deprecated.Get an unmodifiable sorted map containingRole
s and their assigned sids. All types are returned to keep the api as compatible as possible.- Returns:
- An unmodifiable sorted map containing the
Role
s and their associated sids
-
getRoles
- Returns:
- An unmodifiable set containing the
Role
s
-
getSids
Deprecated.usegetSidEntries()
Get all the sids referenced in thisRoleMap
, minus theAnonymous
sid. All types are returned to keep the api as compatible as possible.- Returns:
- A sorted set containing all the sids, minus the
Anonymous
sid
-
getSids
Deprecated.Get all the sids referenced in thisRoleMap
. All types are returned to keep the api as compatible as possible.- Parameters:
includeAnonymous
- True if you want theAnonymous
sid to be included in the set- Returns:
- A sorted set containing all the sids
-
getSidEntries
Get all the sids referenced in thisRoleMap
, minus theAnonymous
sid.- Returns:
- A sorted set containing all the sids, minus the
Anonymous
sid
-
getSidEntries
Get all the sids referenced in thisRoleMap
.- Parameters:
includeAnonymous
- True if you want theAnonymous
sid to be included in the set- Returns:
- A sorted set containing all the sids
-
getSidEntriesForRole
Get all the permission entries assigned to theRole
named after theroleName
param.- Parameters:
roleName
- The name of the role- Returns:
- A sorted set containing all the sids.
null
if the role is missing.
-
getSidsForRole
Deprecated.Get all the sids assigned to theRole
named after theroleName
param. All types are returned to keep the api as compatible as possible.- Parameters:
roleName
- The name of the role- Returns:
- A sorted set containing all the sids.
null
if the role is missing.
-
getRolesForUser
@NonNull public Set<String> getRolesForUser(User user) throws org.springframework.security.core.userdetails.UsernameNotFoundException Get all roles associated with the given User.- Parameters:
user
- The User for which to get the roles- Returns:
- a set of roles
- Throws:
org.springframework.security.core.userdetails.UsernameNotFoundException
- when user is not found
-
getRolesForAuth
@NonNull @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public Set<String> getRolesForAuth(org.springframework.security.core.Authentication auth) Get all roles associated with the given Authentication.- Parameters:
auth
- The Authentication for which to get the roles- Returns:
- a set of roles
-
newMatchingRoleMap
- Parameters:
itemNamePrefix
- the name of theAbstractItem
orComputer
- Returns:
- A
RoleMap
containing roles that are applicable on the itemNamePrefix
-
getMatchingJobNames
Deprecated.No replacement available. It was never intended for public usage.Get all job names matching the given pattern, viewable to the requesting user.- Parameters:
pattern
- Pattern to match againstmaxJobs
- Max matching jobs to look for- Returns:
- List of matching job names
-
getMatchingAgentNames
Deprecated.No replacement available. It was never intended for public usage.Get all agent names matching the given pattern, viewable to the requesting user.- Parameters:
pattern
- Pattern to match againstmaxAgents
- Max matching agents to look for- Returns:
- List of matching agent names
-
assignRole(Role, PermissionEntry)