Пример #1
0
  @Test
  public void testConfigurationAuthentication() throws Exception {
    prepareSecurity();

    FreeStyleProject p = j.createFreeStyleProject();

    WebClient wc = j.createWebClient();
    wc.login("test1");

    // Reauthentication is not required if No need for re-authentication is checked
    p.addProperty(
        new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", true)));
    j.submit(wc.getPage(p, "configure").getFormByName("config"));

    // Reauthentication is required if No need for re-authentication is checked
    p.removeProperty(AuthorizeProjectProperty.class);
    p.addProperty(
        new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", false)));
    try {
      j.submit(wc.getPage(p, "configure").getFormByName("config"));
      fail();
    } catch (FailingHttpStatusCodeException e) {
      assertEquals(400, e.getStatusCode());
    }

    // No authentication is required if oneself.
    {
      HtmlPage page = wc.getPage(p, "configure");
      HtmlTextInput userid =
          page.<HtmlTextInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'userid') and @type='text']");
      userid.setValueAttribute("test1");
      j.submit(page.getFormByName("config"));

      assertEquals(
          "test1",
          ((SpecificUsersAuthorizationStrategy)
                  p.getProperty(AuthorizeProjectProperty.class).getStrategy())
              .getUserid());
    }

    // Reauthentication is required to change userid even if No need for re-authentication is
    // checked
    p.addProperty(
        new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", true)));
    {
      HtmlPage page = wc.getPage(p, "configure");
      HtmlTextInput userid =
          page.<HtmlTextInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'userid') and @type='text']");
      userid.setValueAttribute("test2");
      try {
        j.submit(page.getFormByName("config"));
        fail();
      } catch (FailingHttpStatusCodeException e) {
        assertEquals(400, e.getStatusCode());
      }
    }
  }
Пример #2
0
    @Test public void deleteView() throws Exception {
        WebClient wc = j.createWebClient();

        ListView v = listView("list");
        HtmlPage delete = wc.getPage(v, "delete");
        j.submit(delete.getFormByName("delete"));
        assertNull(j.jenkins.getView("list"));

        User user = User.get("user", true);
        MyViewsProperty p = user.getProperty(MyViewsProperty.class);
        v = new ListView("list", p);
        p.addView(v);
        delete = wc.getPage(v, "delete");
        j.submit(delete.getFormByName("delete"));
        assertNull(p.getView("list"));

    }
Пример #3
0
  @Test
  public void testRestInterfaceSuccess() throws Exception {
    prepareSecurity();

    FreeStyleProject srcProject = j.createFreeStyleProject();
    srcProject.addProperty(
        new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("test1", false)));
    srcProject.save();

    WebClient wc = j.createWebClient();
    wc.login("test1", "test1");

    // GET config.xml of srcProject (userid is set to test1)
    String configXml =
        getConfigXml(wc.goToXml(String.format("%s/config.xml", srcProject.getUrl())));

    // POST config.xml of srcProject (userid is set to test1) to a new project.
    // This should success.
    FreeStyleProject destProject = j.createFreeStyleProject();
    destProject.save();
    String projectName = destProject.getFullName();

    WebRequestSettings req =
        new WebRequestSettings(
            wc.createCrumbedUrl(String.format("%s/config.xml", destProject.getUrl())),
            HttpMethod.POST);
    req.setRequestBody(configXml);
    wc.getPage(req);

    {
      FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
      assertNotNull(p);
      AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
      assertNotNull(prop);
      assertEquals(SpecificUsersAuthorizationStrategy.class, prop.getStrategy().getClass());
      SpecificUsersAuthorizationStrategy strategy =
          (SpecificUsersAuthorizationStrategy) prop.getStrategy();
      assertEquals("test1", strategy.getUserid());
    }

    j.jenkins.reload();

    {
      FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
      assertNotNull(p);
      AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
      assertNotNull(prop);
      assertEquals(SpecificUsersAuthorizationStrategy.class, prop.getStrategy().getClass());
      SpecificUsersAuthorizationStrategy strategy =
          (SpecificUsersAuthorizationStrategy) prop.getStrategy();
      assertEquals("test1", strategy.getUserid());
    }
  }
Пример #4
0
  @Test
  public void testRestInterfaceFailure() throws Exception {
    prepareSecurity();

    FreeStyleProject srcProject = j.createFreeStyleProject();
    srcProject.addProperty(
        new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("admin", false)));
    srcProject.save();

    WebClient wc = j.createWebClient();
    wc.login("test1", "test1");

    // GET config.xml of srcProject (userid is set to admin)
    String configXml =
        getConfigXml(wc.goToXml(String.format("%s/config.xml", srcProject.getUrl())));

    // POST config.xml of srcProject (userid is set to admin) to a new project.
    // This should fail.
    FreeStyleProject destProject = j.createFreeStyleProject();
    destProject.save();
    String projectName = destProject.getFullName();

    WebRequestSettings req =
        new WebRequestSettings(
            wc.createCrumbedUrl(String.format("%s/config.xml", destProject.getUrl())),
            HttpMethod.POST);
    req.setRequestBody(configXml);

    try {
      wc.getPage(req);
      fail();
    } catch (FailingHttpStatusCodeException e) {
    }

    {
      FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
      assertNotNull(p);
      AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
      assertTrue(prop == null || prop.getStrategy() == null);
    }

    j.jenkins.reload();

    {
      FreeStyleProject p = j.jenkins.getItemByFullName(projectName, FreeStyleProject.class);
      assertNotNull(p);
      AuthorizeProjectProperty prop = p.getProperty(AuthorizeProjectProperty.class);
      assertTrue(prop == null || prop.getStrategy() == null);
    }
  }
Пример #5
0
 @Issue("JENKINS-17302")
 @Test public void doConfigDotXml() throws Exception {
     ListView view = listView("v");
     view.description = "one";
     WebClient wc = j.createWebClient();
     String xml = wc.goToXml("view/v/config.xml").getContent();
     assertTrue(xml, xml.contains("<description>one</description>"));
     xml = xml.replace("<description>one</description>", "<description>two</description>");
     WebRequestSettings req = new WebRequestSettings(wc.createCrumbedUrl("view/v/config.xml"), HttpMethod.POST);
     req.setRequestBody(xml);
     wc.getPage(req);
     assertEquals("two", view.getDescription());
     xml = new XmlFile(Jenkins.XSTREAM, new File(j.jenkins.getRootDir(), "config.xml")).asString();
     assertTrue(xml, xml.contains("<description>two</description>"));
 }
Пример #6
0
  @Test
  @Issue("JENKINS-11543")
  public void unicodeParametersArePresetCorrectly() throws Exception {
    final FreeStyleProject p = j.createFreeStyleProject();
    ParametersDefinitionProperty pdb =
        new ParametersDefinitionProperty(
            new StringParameterDefinition("sname:a¶‱ﻷ", "svalue:a¶‱ﻷ", "sdesc:a¶‱ﻷ"),
            new FileParameterDefinition("fname:a¶‱ﻷ", "fdesc:a¶‱ﻷ"));
    p.addProperty(pdb);

    WebClient wc = j.createWebClient();
    wc.setThrowExceptionOnFailingStatusCode(false); // Ignore 405
    HtmlPage page = wc.getPage(p, "build");

    // java.lang.IllegalArgumentException: No such parameter definition: <gibberish>.
    wc.setThrowExceptionOnFailingStatusCode(true);
    final HtmlForm form = page.getFormByName("parameters");
    form.submit(form.getButtonByCaption("Build"));
  }
Пример #7
0
  @LocalData
  @Test
  public void basic() throws Exception {
    FreeStyleBuild build = project.scheduleBuild2(0).get(10, TimeUnit.SECONDS);

    assertTestResults(build);

    WebClient wc = j.new WebClient();
    wc.getPage(project); // project page
    wc.getPage(build); // build page
    wc.getPage(build, "testReport"); // test report
    wc.getPage(build, "testReport/hudson.security"); // package
    wc.getPage(build, "testReport/hudson.security/HudsonPrivateSecurityRealmTest/"); // class
    wc.getPage(
        build,
        "testReport/hudson.security/HudsonPrivateSecurityRealmTest/testDataCompatibilityWith1_282/"); // method
  }
Пример #8
0
  @Test
  public void testConfigureApitoken() throws Exception {
    prepareSecurity();

    FreeStyleProject p = j.createFreeStyleProject();
    p.addProperty(
        new AuthorizeProjectProperty(new SpecificUsersAuthorizationStrategy("test2", false)));

    WebClient wc = j.createWebClient();
    wc.login("test1");

    String apitokenForTest2 = User.get("test2").getProperty(ApiTokenProperty.class).getApiToken();
    assertNotNull(apitokenForTest2);
    assertNotEquals("", apitokenForTest2);

    // authentication fails without apitoken
    {
      HtmlPage page = wc.getPage(p, "configure");
      HtmlCheckBoxInput useApitoken =
          page.<HtmlCheckBoxInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
      useApitoken.setChecked(true);
      try {
        j.submit(page.getFormByName("config"));
        fail();
      } catch (FailingHttpStatusCodeException e) {
        assertEquals(400, e.getStatusCode());
      }
    }

    // authentication succeeds with the good apitoken
    {
      HtmlPage page = wc.getPage(p, "configure");
      HtmlCheckBoxInput useApitoken =
          page.<HtmlCheckBoxInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
      useApitoken.setChecked(true);
      HtmlTextInput apitoken =
          page.<HtmlTextInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'apitoken') and @type='text']");
      apitoken.setValueAttribute(apitokenForTest2);
      j.submit(page.getFormByName("config"));

      assertEquals(
          "test2",
          ((SpecificUsersAuthorizationStrategy)
                  p.getProperty(AuthorizeProjectProperty.class).getStrategy())
              .getUserid());
    }

    // authentication fails with a bad apitoken
    {
      HtmlPage page = wc.getPage(p, "configure");
      HtmlCheckBoxInput useApitoken =
          page.<HtmlCheckBoxInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
      useApitoken.setChecked(true);
      HtmlTextInput apitoken =
          page.<HtmlTextInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'apitoken') and @type='text']");
      apitoken.setValueAttribute(apitokenForTest2 + "xxx");
      try {
        j.submit(page.getFormByName("config"));
        fail();
      } catch (FailingHttpStatusCodeException e) {
        assertEquals(400, e.getStatusCode());
      }
    }

    // authentication fails if the apitoken is used for password
    {
      HtmlPage page = wc.getPage(p, "configure");
      HtmlCheckBoxInput useApitoken =
          page.<HtmlCheckBoxInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'useApitoken') and @type='checkbox']");
      useApitoken.setChecked(false);
      HtmlPasswordInput password =
          page.<HtmlPasswordInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'password') and @type='password']");
      password.setValueAttribute(apitokenForTest2);
      HtmlTextInput apitoken =
          page.<HtmlTextInput>getFirstByXPath(
              "//*[contains(@class, 'specific-user-authorization')]//input[contains(@name, 'apitoken') and @type='text']");
      apitoken.setValueAttribute(apitokenForTest2);
      try {
        j.submit(page.getFormByName("config"));
        fail();
      } catch (FailingHttpStatusCodeException e) {
        assertEquals(400, e.getStatusCode());
      }
    }
  }