@Test
  public void shouldNotContinueWithConfigSaveIfUserIsUnauthorized() {
    when(goConfigService.isUserAdmin(currentUser)).thenReturn(false);
    when(goConfigService.isGroupAdministrator(currentUser.getUsername())).thenReturn(false);

    SCM updatedScm =
        new SCM(
            "id",
            new PluginConfiguration("plugin-id", "1"),
            new Configuration(
                new ConfigurationProperty(
                    new ConfigurationKey("key1"), new ConfigurationValue("value1"))));
    UpdateSCMConfigCommand command =
        new UpdateSCMConfigCommand(
            updatedScm,
            pluggableScmService,
            goConfigService,
            currentUser,
            result,
            "md5",
            entityHashingService);

    assertThat(command.canContinue(cruiseConfig), is(false));
    assertThat(result.toString(), containsString("UNAUTHORIZED_TO_EDIT"));
  }
  @Test
  public void shouldNotContinueWithConfigSaveIfObjectNotFound() {
    when(goConfigService.isUserAdmin(currentUser)).thenReturn(true);
    when(goConfigService.isGroupAdministrator(currentUser.getUsername())).thenReturn(false);

    SCM updatedScm =
        new SCM(
            "non-existent-id",
            new PluginConfiguration("plugin-id", "1"),
            new Configuration(
                new ConfigurationProperty(
                    new ConfigurationKey("key1"), new ConfigurationValue("value1"))));
    UpdateSCMConfigCommand command =
        new UpdateSCMConfigCommand(
            updatedScm,
            pluggableScmService,
            goConfigService,
            currentUser,
            result,
            "md5",
            entityHashingService);

    thrown.expect(NullPointerException.class);
    thrown.expectMessage("The pluggable scm material with id 'non-existent-id' is not found.");
    assertThat(command.canContinue(cruiseConfig), is(false));
  }
  @Test
  public void shouldNotContinueWithConfigSaveIfRequestIsNotFresh() {
    when(goConfigService.isUserAdmin(currentUser)).thenReturn(true);
    when(goConfigService.isGroupAdministrator(currentUser.getUsername())).thenReturn(false);

    SCM updatedScm =
        new SCM(
            "id",
            new PluginConfiguration("plugin-id", "1"),
            new Configuration(
                new ConfigurationProperty(
                    new ConfigurationKey("key1"), new ConfigurationValue("value1"))));
    updatedScm.setName("material");
    when(entityHashingService.md5ForEntity(cruiseConfig.getSCMs().find("id"), "material"))
        .thenReturn("another-md5");
    UpdateSCMConfigCommand command =
        new UpdateSCMConfigCommand(
            updatedScm,
            pluggableScmService,
            goConfigService,
            currentUser,
            result,
            "md5",
            entityHashingService);

    assertThat(command.canContinue(cruiseConfig), is(false));
    assertThat(result.toString(), containsString("STALE_RESOURCE_CONFIG"));
    assertThat(result.toString(), containsString(updatedScm.getName()));
  }
Beispiel #4
0
 public boolean hasViewPermissionForPipeline(Username username, String pipelineName) {
   String groupName =
       goConfigService.findGroupNameByPipeline(new CaseInsensitiveString(pipelineName));
   if (groupName == null) {
     return true;
   }
   return hasViewPermissionForGroup(CaseInsensitiveString.str(username.getUsername()), groupName);
 }
Beispiel #5
0
 public List<CaseInsensitiveString> viewablePipelinesFor(Username username) {
   List<CaseInsensitiveString> pipelines = new ArrayList<CaseInsensitiveString>();
   for (String group : goConfigService.allGroups()) {
     if (hasViewPermissionForGroup(CaseInsensitiveString.str(username.getUsername()), group)) {
       pipelines.addAll(goConfigService.pipelines(group));
     }
   }
   return pipelines;
 }
 private boolean isAuthorized() {
   if (!(goConfigService.isUserAdmin(username)
       || goConfigService.isGroupAdministrator(username.getUsername()))) {
     result.unauthorized(
         LocalizedMessage.string("UNAUTHORIZED_TO_EDIT"), HealthStateType.unauthorised());
     return false;
   }
   return true;
 }
Beispiel #7
0
  public void addUserIfDoesNotExist(Username userName) {
    synchronized (enableUserMutex) {
      User user = new User(CaseInsensitiveString.str(userName.getUsername()));
      if (!(user.isAnonymous() || userExists(user))) {
        assertUnknownUsersAreAllowedToLogin();

        userDao.saveOrUpdate(user);
      }
    }
  }
Beispiel #8
0
 private boolean isAdminOfGroup(
     String toGroupName, Username username, HttpLocalizedOperationResult result) {
   if (!isUserAdminOfGroup(username.getUsername(), toGroupName)) {
     result.unauthorized(
         LocalizedMessage.string("UNAUTHORIZED_TO_EDIT_GROUP", toGroupName),
         HealthStateType.unauthorised());
     return false;
   }
   return true;
 }
Beispiel #9
0
 public List<PipelineConfigs> viewableGroupsFor(Username username) {
   ArrayList<PipelineConfigs> list = new ArrayList<PipelineConfigs>();
   for (PipelineConfigs pipelineConfigs : goConfigService.getCurrentConfig().getGroups()) {
     if (hasViewPermissionForGroup(
         CaseInsensitiveString.str(username.getUsername()), pipelineConfigs.getGroup())) {
       list.add(pipelineConfigs);
     }
   }
   return list;
 }
Beispiel #10
0
 @Override
 public boolean canContinue(CruiseConfig cruiseConfig) {
   if (goConfigService.groups().hasGroup(groupName)
       && !goConfigService.isUserAdminOfGroup(currentUser.getUsername(), groupName)) {
     result.unauthorized(
         LocalizedMessage.string("UNAUTHORIZED_TO_EDIT_GROUP", groupName),
         HealthStateType.unauthorised());
     return false;
   }
   return true;
 }
  @Test
  public void shouldContinueWithConfigSaveIfUserIsGroupAdmin() {
    when(goConfigService.isUserAdmin(currentUser)).thenReturn(false);
    when(goConfigService.isGroupAdministrator(currentUser.getUsername())).thenReturn(true);

    CreatePackageRepositoryCommand command =
        new CreatePackageRepositoryCommand(
            goConfigService, packageRepositoryService, packageRepository, currentUser, result);

    assertThat(command.canContinue(cruiseConfig), is(true));
  }
Beispiel #12
0
 public List<String> modifiableGroupsForUser(Username userName) {
   if (isUserAdmin(userName)) {
     return goConfigService.allGroups();
   }
   List<String> modifiableGroups = new ArrayList<String>();
   for (String group : goConfigService.allGroups()) {
     if (isUserAdminOfGroup(userName.getUsername(), group)) {
       modifiableGroups.add(group);
     }
   }
   return modifiableGroups;
 }
Beispiel #13
0
 public boolean canEditPipeline(
     String pipelineName, Username username, LocalizedOperationResult result, String groupName) {
   if (!doesPipelineExist(pipelineName, result)) {
     return false;
   }
   if (!isUserAdminOfGroup(username.getUsername(), groupName)) {
     result.unauthorized(
         LocalizedMessage.string("UNAUTHORIZED_TO_EDIT_PIPELINE", pipelineName),
         HealthStateType.unauthorisedForPipeline(pipelineName));
     return false;
   }
   return true;
 }
  @Test
  public void shouldContinueWithConfigSaveIfUserIsGroupAdmin() {
    when(goConfigService.isUserAdmin(currentUser)).thenReturn(false);
    when(goConfigService.isGroupAdministrator(currentUser.getUsername())).thenReturn(true);
    when(entityHashingService.md5ForEntity(any(PackageRepository.class))).thenReturn("md5");

    UpdatePackageRepositoryCommand command =
        new UpdatePackageRepositoryCommand(
            goConfigService,
            packageRepositoryService,
            newPackageRepo,
            currentUser,
            "md5",
            entityHashingService,
            result,
            repoId);

    assertThat(command.canContinue(cruiseConfig), is(true));
  }
Beispiel #15
0
 private boolean isUserTemplateAdmin(Username username) {
   return getCurrentConfig().getTemplates().canViewAndEditTemplate(username.getUsername());
 }
Beispiel #16
0
 public boolean isUserGroupAdmin(Username username) {
   return goConfigService.isGroupAdministrator(username.getUsername());
 }
Beispiel #17
0
 public boolean isAuthorizedToEditTemplate(String templateName, Username username) {
   return isUserAdmin(username)
       || getCurrentConfig()
           .getTemplates()
           .canUserEditTemplate(templateName, username.getUsername());
 }
Beispiel #18
0
 public boolean hasViewOrOperatePermissionForPipeline(Username username, String pipelineName) {
   return hasViewPermissionForPipeline(username, pipelineName)
       || hasOperatePermissionForPipeline(username.getUsername(), pipelineName);
 }
Beispiel #19
0
 public boolean isGroupAdministrator(final Username userName) {
   return getCurrentConfig().isGroupAdministrator(userName.getUsername());
 }
Beispiel #20
0
 public boolean isUserAdmin(Username username) {
   return isAdministrator(CaseInsensitiveString.str(username.getUsername()));
 }
Beispiel #21
0
 public boolean isAuthorizedToViewAndEditTemplates(Username username) {
   return getCurrentConfig().getTemplates().canViewAndEditTemplate(username.getUsername());
 }