public PipelineConfigs removePipeline(String pipelineName, CruiseConfig cruiseConfig) {
   String groupName =
       cruiseConfig.getGroups().findGroupNameByPipeline(new CaseInsensitiveString(pipelineName));
   PipelineConfigs groups = cruiseConfig.getGroups().findGroup(groupName);
   groups.remove(cruiseConfig.pipelineConfigByName(new CaseInsensitiveString(pipelineName)));
   return groups;
 }
  @Before
  public void setUp() throws Exception {
    dbHelper.onSetUp();
    configHelper = new GoConfigFileHelper(goConfigDao);
    configHelper.onSetUp();
    configHelper.addPipeline(
        "bar", "stage", MaterialConfigsMother.defaultMaterialConfigs(), "build");

    pipelineConfig =
        configHelper.addPipeline(
            "foo", "stage", MaterialConfigsMother.defaultMaterialConfigs(), "build");
    configHelper.addMingleConfigToPipeline(
        "foo",
        new MingleConfig("https://some-tracking-tool:8443", "project-super-secret", "hello=world"));

    CruiseConfig cruiseConfig = configHelper.load();
    PipelineConfigs group = cruiseConfig.findGroup("defaultGroup");
    group.setAuthorization(
        new Authorization(
            new ViewConfig(new AdminUser(new CaseInsensitiveString("authorized_user")))));
    configHelper.writeConfigFile(cruiseConfig);

    SecurityConfig securityConfig =
        new SecurityConfig(
            new LdapConfig(new GoCipher()), new PasswordFileConfig("/tmp/foo.passwd"), true);
    securityConfig.adminsConfig().add(new AdminUser(new CaseInsensitiveString("admin")));
    configHelper.addSecurity(securityConfig);
  }
  @Test
  public void
      shouldSetViewPermissionByDefaultIfNameIsPresentAndPermissionsAreOff_whileSettingAttributes() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "user1",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, OFF, OFF)),
                m(
                    Authorization.NAME,
                    "role1",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, OFF, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getViewConfig().size(), is(2));
    assertThat(
        authorization.getViewConfig(),
        hasItems(
            (Admin) new AdminRole(new CaseInsensitiveString("role1")),
            (Admin) new AdminUser(new CaseInsensitiveString("user1"))));

    assertThat(authorization.getOperationConfig().size(), is(0));
    assertThat(authorization.getAdminsConfig().size(), is(0));
  }
  @Test
  public void shouldSetToDefaultGroupWithGroupNameIsEmptyString() {
    PipelineConfigs pipelineConfigs = createEmpty();
    pipelineConfigs.setGroup("");

    assertThat(pipelineConfigs.getGroup(), is(BasicPipelineConfigs.DEFAULT_GROUP));
  }
 @Test
 public void shouldGetAllPipelinesList() {
   PipelineConfig pipeline1 = PipelineConfigMother.pipelineConfig("pipeline1");
   PipelineConfig pipeline2 = PipelineConfigMother.pipelineConfig("pipeline2");
   PipelineConfigs group = createWithPipelines(pipeline1, pipeline2);
   assertThat(group.getPipelines(), hasItem(pipeline1));
   assertThat(group.getPipelines(), hasItem(pipeline2));
 }
 @Test
 public void shouldReturnFalseIfPipelineNotExist() {
   PipelineConfigs configs = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
   assertThat(
       "shouldReturnFalseIfPipelineNotExist",
       configs.hasPipeline(new CaseInsensitiveString("not-exist")),
       is(false));
 }
 public void removePipeline(String pipelineName) {
   CruiseConfig cruiseConfig = loadForEdit();
   PipelineConfigs groups = removePipeline(pipelineName, cruiseConfig);
   if (groups.isEmpty()) {
     cruiseConfig.getGroups().remove(groups);
   }
   writeConfigFile(cruiseConfig);
 }
 @Test
 public void shouldReturnIndexOfPipeline() {
   PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
   PipelineConfig pipelineConfig = (PipelineConfig) group.get(0).clone();
   pipelineConfig.setLabelTemplate("blah");
   group.update(group.getGroup(), pipelineConfig, "pipeline1");
   assertThat(group.get(0).getLabelTemplate(), is("blah"));
 }
 @Test
 public void hasViewPermissionDefinedShouldReturnFalseIfAuthorizationIsNotDefined() {
   PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
   assertThat(
       "hasViewPermissionDefinedShouldReturnFalseIfAuthorizationIsNotDefined",
       group.hasViewPermissionDefined(),
       is(false));
 }
 @Test
 public void shouldReturnTrueIfPipelineExist() {
   PipelineConfig pipelineConfig = PipelineConfigMother.pipelineConfig("pipeline1");
   PipelineConfigs configs = createWithPipeline(pipelineConfig);
   assertThat(
       "shouldReturnTrueIfPipelineExist",
       configs.hasPipeline(new CaseInsensitiveString("pipeline1")),
       is(true));
 }
 @Test
 public void shouldReturnIndexOfPipeline_When2Pipelines() {
   PipelineConfigs group =
       createWithPipelines(
           PipelineConfigMother.pipelineConfig("pipeline1"),
           PipelineConfigMother.pipelineConfig("pipeline2"));
   PipelineConfig pipelineConfig = group.findBy(new CaseInsensitiveString("pipeline2"));
   assertThat(group.indexOf(pipelineConfig), is(1));
 }
  @Test
  public void shouldAddPipelineAtIndex() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline0"));

    PipelineConfig p1 = PipelineConfigMother.pipelineConfig("pipeline1");
    group.add(1, p1);

    assertThat(group.get(1), is(p1));
  }
 @Test
 public void hasViewPermissionDefinedShouldReturnTrueIfAuthorizationIsDefined() {
   PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
   group.getAuthorization().getViewConfig().add(new AdminUser(new CaseInsensitiveString("jez")));
   assertThat(
       "hasViewPermissionDefinedShouldReturnTrueIfAuthorizationIsDefined",
       group.hasViewPermissionDefined(),
       is(true));
 }
 @Test
 public void validate_shouldMakeSureTheNameIsAppropriate() {
   PipelineConfigs group = createEmpty();
   group.validate(null);
   assertThat(
       group.errors().on(BasicPipelineConfigs.GROUP),
       is(
           "Invalid group name 'null'. This must be alphanumeric and can contain underscores and periods (however, it cannot start with a period). The maximum allowed length is 255 characters."));
 }
 public void setViewPermissionForGroup(String groupName, String username) {
   CruiseConfig cruiseConfig = loadForEdit();
   PipelineConfigs group = cruiseConfig.getGroups().findGroup(groupName);
   group
       .getAuthorization()
       .getViewConfig()
       .add(new AdminUser(new CaseInsensitiveString(username)));
   writeConfigFile(cruiseConfig);
 }
 @Test
 public void shouldReturnFalseIfViewPermissionIsNotDefined() {
   PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
   group
       .getAuthorization()
       .getOperationConfig()
       .add(new AdminUser(new CaseInsensitiveString("jez")));
   assertThat(group.hasViewPermission(new CaseInsensitiveString("jez"), null), is(false));
 }
  @Test
  public void shouldReInitializeAuthorizationIfWeClearAllPermissions() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "loser",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    "boozer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "gang_of_losers",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(2));
    assertThat(authorization.getOperationConfig().size(), is(2));
    assertThat(authorization.getViewConfig().size(), is(3));

    group.setConfigAttributes(m());

    authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(0));
    assertThat(authorization.getOperationConfig().size(), is(0));
    assertThat(authorization.getViewConfig().size(), is(0));
  }
 public void blockPipelineGroupExceptFor(String pipelineGroupName, String roleName) {
   CruiseConfig config = loadForEdit();
   PipelineConfigs configs = config.getGroups().findGroup(pipelineGroupName);
   Authorization authorization =
       new Authorization(
           new OperationConfig(new AdminRole(new CaseInsensitiveString(roleName))),
           new ViewConfig(new AdminRole(new CaseInsensitiveString(roleName))));
   configs.setAuthorization(authorization);
   writeConfigFile(config);
 }
Exemple #19
0
 public List<PipelineConfigs> viewableGroupsFor(Username username) {
   ArrayList<PipelineConfigs> list = new ArrayList<PipelineConfigs>();
   for (PipelineConfigs pipelineConfigs : goConfigService.getCurrentConfig().getGroups()) {
     if (hasViewPermissionForGroup(
         CaseInsensitiveString.str(username.getUsername()), pipelineConfigs.getGroup())) {
       list.add(pipelineConfigs);
     }
   }
   return list;
 }
  @Test
  public void shouldRemovePipeline() {
    PipelineConfig p0 = PipelineConfigMother.pipelineConfig("pipeline0");
    PipelineConfigs group = createWithPipeline(p0);

    PipelineConfig p1 = PipelineConfigMother.pipelineConfig("pipeline1");
    group.add(1, p1);

    group.remove(p0);

    assertThat(group.get(0), is(p1));
    assertThat(group.size(), is(1));
  }
Exemple #21
0
 public Set<String> rolesThatCanOperateOnStage(
     CruiseConfig cruiseConfig, PipelineConfig pipelineConfig) {
   PipelineConfigs group = cruiseConfig.findGroupOfPipeline(pipelineConfig);
   SortedSet<String> roles = new TreeSet<String>();
   if (group.hasAuthorizationDefined()) {
     if (group.hasOperationPermissionDefined()) {
       roles.addAll(group.getOperateRoleNames());
     }
   } else {
     roles.addAll(allRoleNames(cruiseConfig));
   }
   return roles;
 }
Exemple #22
0
  public boolean hasOperatePermissionForGroup(
      final CaseInsensitiveString username, String groupName) {
    CruiseConfig cruiseConfig = goConfigService.getCurrentConfig();

    if (!cruiseConfig.isSecurityEnabled()) {
      return true;
    }

    if (isUserAdmin(new Username(username))) {
      return true;
    }

    PipelineConfigs group = cruiseConfig.getGroups().findGroup(groupName);
    return isUserAdminOfGroup(username, group)
        || group.hasOperatePermission(
            username, new UserRoleMatcherImpl(cruiseConfig.server().security()));
  }
  @Test
  public void shouldValidateThatPipelineNameIsUnique() {
    PipelineConfig first = PipelineConfigMother.pipelineConfig("first");
    PipelineConfig second = PipelineConfigMother.pipelineConfig("second");
    PipelineConfigs group = createWithPipelines(first, second);
    PipelineConfig duplicate = PipelineConfigMother.pipelineConfig("first");
    group.addWithoutValidation(duplicate);

    group.validate(null);
    assertThat(
        duplicate.errors().on(PipelineConfig.NAME),
        is(
            "You have defined multiple pipelines called 'first'. Pipeline names are case-insensitive and must be unique."));
    assertThat(
        first.errors().on(PipelineConfig.NAME),
        is(
            "You have defined multiple pipelines called 'first'. Pipeline names are case-insensitive and must be unique."));
  }
Exemple #24
0
 public Set<String> usersThatCanOperateOnStage(
     CruiseConfig cruiseConfig, PipelineConfig pipelineConfig) {
   SortedSet<String> users = new TreeSet<String>();
   PipelineConfigs group = cruiseConfig.findGroupOfPipeline(pipelineConfig);
   if (group.hasAuthorizationDefined()) {
     if (group.hasOperationPermissionDefined()) {
       users.addAll(group.getOperateUserNames());
       List<String> roles = group.getOperateRoleNames();
       for (Role role : cruiseConfig.server().security().getRoles()) {
         if (roles.contains(CaseInsensitiveString.str(role.getName()))) {
           users.addAll(role.usersOfRole());
         }
       }
     }
   } else {
     users.addAll(allUsernames());
   }
   return users;
 }
 @Test
 public void shouldValidateGroupNameUniqueness() {
   Map<String, PipelineConfigs> nameToConfig = new HashMap<String, PipelineConfigs>();
   PipelineConfigs group1 = createEmpty();
   group1.setGroup("joe");
   PipelineConfigs group2 = createEmpty();
   group2.setGroup("joe");
   group1.validateNameUniqueness(nameToConfig);
   group2.validateNameUniqueness(nameToConfig);
   assertThat(
       group1.errors().on(PipelineConfigs.GROUP), is("Group with name 'joe' already exists"));
 }
 public void addAuthorizedUserForPipelineGroup(String user) {
   CruiseConfig cruiseConfig = loadForEdit();
   PipelineConfigs group = cruiseConfig.getGroups().first();
   group.getAuthorization().getViewConfig().add(new AdminUser(new CaseInsensitiveString(user)));
   writeConfigFile(cruiseConfig);
 }
  @Test
  public void shouldUpdateAuthorization() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "loser",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    "boozer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "gang_of_losers",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(2));
    assertThat(
        authorization.getAdminsConfig(),
        hasItems(
            new AdminUser(new CaseInsensitiveString("loser")),
            new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getOperationConfig().size(), is(2));
    assertThat(
        authorization.getOperationConfig(),
        hasItems(
            new AdminUser(new CaseInsensitiveString("boozer")),
            new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getViewConfig().size(), is(3));
    assertThat(
        authorization.getViewConfig(),
        hasItems(
            new AdminUser(new CaseInsensitiveString("boozer")),
            new AdminUser(new CaseInsensitiveString("geezer")),
            new AdminRole(new CaseInsensitiveString("gang_of_losers"))));
  }
Exemple #28
0
 protected Object valid() {
   CruiseConfig config = configForEditing();
   PipelineConfigs group = config.findGroup(groupName);
   return group.getCopyForEditing();
 }
Exemple #29
0
 public boolean isUserAdminOfGroup(final CaseInsensitiveString userName, PipelineConfigs group) {
   return group.isUserAnAdmin(userName, rolesForUser(userName));
 }
  @Test
  public void shouldIgnoreBlankUserOrRoleNames_whileSettingAttributes() {
    PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1"));
    group.setConfigAttributes(
        m(
            BasicPipelineConfigs.AUTHORIZATION,
            a(
                m(
                    Authorization.NAME,
                    "",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, DISABLED, DISABLED)),
                m(
                    Authorization.NAME,
                    null,
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(OFF, ON, ON)),
                m(
                    Authorization.NAME,
                    "geezer",
                    Authorization.TYPE,
                    USER.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, OFF, ON)),
                m(
                    Authorization.NAME,
                    "",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(DISABLED, ON, ON)),
                m(
                    Authorization.NAME,
                    null,
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, OFF, ON)),
                m(
                    Authorization.NAME,
                    "blinds",
                    Authorization.TYPE,
                    ROLE.toString(),
                    Authorization.PRIVILEGES,
                    privileges(ON, ON, OFF)))));
    Authorization authorization = group.getAuthorization();

    assertThat(authorization.getAdminsConfig().size(), is(1));
    assertThat(
        authorization.getAdminsConfig(),
        hasItem((Admin) new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getOperationConfig().size(), is(1));
    assertThat(
        authorization.getOperationConfig(),
        hasItem((Admin) new AdminRole(new CaseInsensitiveString("blinds"))));

    assertThat(authorization.getViewConfig().size(), is(1));
    assertThat(
        authorization.getViewConfig(),
        hasItem((Admin) new AdminUser(new CaseInsensitiveString("geezer"))));
  }