Merge pull request #1642 from jenkinsci/permission-reset-quality-gate

[JENKINS-72305] Fix permission for reset quality gate action
jenkinsci · Dec 22, 2023 · ac43b35 · ac43b35
2 parents 4073e96 + 761589a
commit ac43b35
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 71 deletions.
diff --git a/plugin/pom.xml b/plugin/pom.xml
@@ -548,37 +548,7 @@
         <groupId>org.revapi</groupId>
         <artifactId>revapi-maven-plugin</artifactId>
         <configuration>
-          <failBuildOnProblemsFound>false</failBuildOnProblemsFound>
-          <analysisConfiguration>
-            <revapi.differences id="manually-vetted">
-              <differences combine.children="append">
-                <item>
-                  <ignore>true</ignore>
-                  <regex>true</regex>
-                  <classQualifiedName>(org.jenkinsci.*|com.google.*)</classQualifiedName>
-                  <code>java.annotation.*</code>
-                </item>
-                <item>
-                  <ignore>true</ignore>
-                  <regex>true</regex>
-                  <classQualifiedName>jenkins.model.*</classQualifiedName>
-                  <code>java.field.removed</code>
-                </item>
-                <item>
-                  <ignore>true</ignore>
-                  <regex>true</regex>
-                  <classQualifiedName>jenkins.model.*</classQualifiedName>
-                  <code>java.class.externalClassExposedInAPI</code>
-                </item>
-                <item>
-                  <ignore>true</ignore>
-                  <regex>true</regex>
-                  <classQualifiedName>io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor</classQualifiedName>
-                  <code>java.method.parameterTypeChanged</code>
-                </item>
-              </differences>
-            </revapi.differences>
-          </analysisConfiguration>
+          <skip>true</skip>
         </configuration>
       </plugin>
     </plugins>

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ResetQualityGateCommand.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ResetQualityGateCommand.java
@@ -79,7 +79,8 @@ public void resetReferenceBuild(final Run<?, ?> selectedBuild, final String id)
      * @return {@code true} if the command is enabled, {@code false} otherwise
      */
     public boolean isEnabled(final Run<?, ?> selectedBuild, final String id) {
-        if (!selectedBuild.hasPermission(Item.CONFIGURE) && !jenkinsFacade.hasPermission(Item.CONFIGURE)) {
+        if (!selectedBuild.hasPermission(Item.CONFIGURE)
+                && !jenkinsFacade.hasPermission(Item.CONFIGURE, selectedBuild.getParent())) {
             return false;
         }
 
@@ -96,7 +97,7 @@ public boolean isEnabled(final Run<?, ?> selectedBuild, final String id) {
                 .stream()
                 .filter(action -> action.getId().equals(id))
                 .findAny();
-        if (!resultAction.isPresent()) {
+        if (resultAction.isEmpty()) {
             return false;
         }
 

diff --git a/plugin/src/test/java/io/jenkins/plugins/analysis/core/model/ResetQualityGateCommandTest.java b/plugin/src/test/java/io/jenkins/plugins/analysis/core/model/ResetQualityGateCommandTest.java
@@ -5,8 +5,12 @@
 
 import org.assertj.core.util.Lists;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.EnumSource;
+import org.junit.jupiter.params.provider.ValueSource;
 
 import hudson.model.FreeStyleBuild;
+import hudson.model.FreeStyleProject;
 import hudson.model.Item;
 
 import io.jenkins.plugins.analysis.core.util.QualityGateStatus;
@@ -23,51 +27,38 @@
 class ResetQualityGateCommandTest {
     private static final String ID = "id";
 
-    @Test
-    void shouldBeEnabledIfAllConditionsAreSatisfied() {
-        verifyEnabledWithQualityGateStatus(QualityGateStatus.WARNING);
-        verifyEnabledWithQualityGateStatus(QualityGateStatus.FAILED);
-    }
-
-    private void verifyEnabledWithQualityGateStatus(final QualityGateStatus status) {
-        ResetQualityGateCommand command = new ResetQualityGateCommand();
-
-        command.setJenkinsFacade(configureCorrectUserRights(true));
-        ResultAction resultAction = createResultAction(status, ID);
-        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction);
-
-        assertThat(command.isEnabled(selectedBuild, ID)).isTrue();
-    }
-
-    @Test
-    void shouldBeEnabledIfUserHasLocalConfigureRights() {
+    @ParameterizedTest @EnumSource(value = QualityGateStatus.class, names = {"WARNING", "FAILED"})
+    void shouldBeEnabledIfAllConditionsAreSatisfied(final QualityGateStatus qualityGateStatus) {
         ResetQualityGateCommand command = new ResetQualityGateCommand();
 
-        command.setJenkinsFacade(configureCorrectUserRights(false));
-        ResultAction resultAction = createResultAction(QualityGateStatus.WARNING, ID);
-        FreeStyleBuild selectedBuild = attachReferenceBuild(true, true, resultAction);
+        FreeStyleProject parent = mock(FreeStyleProject.class);
+        command.setJenkinsFacade(configureCorrectUserRights(true, parent));
+        ResultAction resultAction = createResultAction(qualityGateStatus, ID);
+        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction, parent);
 
         assertThat(command.isEnabled(selectedBuild, ID)).isTrue();
     }
 
-    @Test
-    void shouldBeDisabledIfUserHasNoConfigureRightsAtAll() {
+    @ParameterizedTest @ValueSource(booleans = {true, false})
+    void shouldBeEnabledIfUserHasLocalConfigureRights(final boolean hasConfigureRightOnBuild) {
         ResetQualityGateCommand command = new ResetQualityGateCommand();
 
-        command.setJenkinsFacade(configureCorrectUserRights(false));
+        FreeStyleProject parent = mock(FreeStyleProject.class);
+        command.setJenkinsFacade(configureCorrectUserRights(false, parent));
         ResultAction resultAction = createResultAction(QualityGateStatus.WARNING, ID);
-        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction);
+        FreeStyleBuild selectedBuild = attachReferenceBuild(true, hasConfigureRightOnBuild, resultAction, parent);
 
-        assertThat(command.isEnabled(selectedBuild, ID)).isFalse();
+        assertThat(command.isEnabled(selectedBuild, ID)).isEqualTo(hasConfigureRightOnBuild);
     }
 
     @Test
     void shouldBeDisabledIfActionAlreadyExists() {
         ResetQualityGateCommand command = new ResetQualityGateCommand();
 
-        command.setJenkinsFacade(configureCorrectUserRights(true));
+        FreeStyleProject parent = mock(FreeStyleProject.class);
+        command.setJenkinsFacade(configureCorrectUserRights(true, parent));
         ResultAction resultAction = createResultAction(QualityGateStatus.WARNING, ID);
-        FreeStyleBuild selectedBuild = attachReferenceBuild(false, false, resultAction);
+        FreeStyleBuild selectedBuild = attachReferenceBuild(false, false, resultAction, parent);
         when(selectedBuild.getActions(ResultAction.class)).thenReturn(Lists.list(resultAction));
 
         assertThat(command.isEnabled(selectedBuild, ID)).isFalse();
@@ -77,9 +68,10 @@ void shouldBeDisabledIfActionAlreadyExists() {
     void shouldBeDisabledIfQualityGateIsSuccessful() {
         ResetQualityGateCommand command = new ResetQualityGateCommand();
 
-        command.setJenkinsFacade(configureCorrectUserRights(true));
+        FreeStyleProject parent = mock(FreeStyleProject.class);
+        command.setJenkinsFacade(configureCorrectUserRights(true, parent));
         ResultAction resultAction = createResultAction(QualityGateStatus.PASSED, ID);
-        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction);
+        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction, parent);
         when(selectedBuild.getActions(ResultAction.class)).thenReturn(Lists.list(resultAction));
 
         assertThat(command.isEnabled(selectedBuild, ID)).isFalse();
@@ -89,7 +81,8 @@ void shouldBeDisabledIfQualityGateIsSuccessful() {
     void shouldBeDisabledIfNoResultAction() {
         ResetQualityGateCommand command = new ResetQualityGateCommand();
 
-        command.setJenkinsFacade(configureCorrectUserRights(true));
+        FreeStyleProject parent = mock(FreeStyleProject.class);
+        command.setJenkinsFacade(configureCorrectUserRights(true, parent));
         FreeStyleBuild selectedBuild = mock(FreeStyleBuild.class);
         when(selectedBuild.getActions(ResetReferenceAction.class)).thenReturn(
                 Lists.list(new ResetReferenceAction("other")));
@@ -102,9 +95,10 @@ void shouldBeDisabledIfNoResultAction() {
     void shouldBeDisabledIfOtherResultAction() {
         ResetQualityGateCommand command = new ResetQualityGateCommand();
 
-        command.setJenkinsFacade(configureCorrectUserRights(true));
+        FreeStyleProject parent = mock(FreeStyleProject.class);
+        command.setJenkinsFacade(configureCorrectUserRights(true, parent));
         ResultAction resultAction = createResultAction(QualityGateStatus.WARNING, "other");
-        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction);
+        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction, parent);
         when(selectedBuild.getActions(ResultAction.class)).thenReturn(Lists.list(resultAction));
 
         assertThat(command.isEnabled(selectedBuild, ID)).isFalse();
@@ -114,18 +108,19 @@ void shouldBeDisabledIfOtherResultAction() {
     void shouldBeDisabledIfNotLastResultAction() {
         ResetQualityGateCommand command = new ResetQualityGateCommand();
 
-        command.setJenkinsFacade(configureCorrectUserRights(true));
+        FreeStyleProject parent = mock(FreeStyleProject.class);
+        command.setJenkinsFacade(configureCorrectUserRights(true, parent));
         ResultAction resultAction = createResultAction(QualityGateStatus.WARNING, ID);
-        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction);
+        FreeStyleBuild selectedBuild = attachReferenceBuild(true, false, resultAction, parent);
         FreeStyleBuild next = mock(FreeStyleBuild.class);
         when(selectedBuild.getNextBuild()).thenReturn(next);
 
         assertThat(command.isEnabled(selectedBuild, ID)).isFalse();
     }
 
-    private JenkinsFacade configureCorrectUserRights(final boolean hasRight) {
+    private JenkinsFacade configureCorrectUserRights(final boolean hasRight, final FreeStyleProject parent) {
         JenkinsFacade jenkins = mock(JenkinsFacade.class);
-        when(jenkins.hasPermission(Item.CONFIGURE)).thenReturn(hasRight);
+        when(jenkins.hasPermission(Item.CONFIGURE, parent)).thenReturn(hasRight);
         return jenkins;
     }
 
@@ -145,13 +140,15 @@ private ResultAction createResultAction(final QualityGateStatus status, final St
     }
 
     private FreeStyleBuild attachReferenceBuild(final boolean hasNoReferenceBuild,
-            final boolean hasConfigurePermission, final ResultAction resultAction) {
+            final boolean hasConfigurePermission, final ResultAction resultAction, final FreeStyleProject parent) {
         FreeStyleBuild selectedBuild = mock(FreeStyleBuild.class);
         when(selectedBuild.getActions(ResetReferenceAction.class)).thenReturn(
                 Lists.list(new ResetReferenceAction(hasNoReferenceBuild ? "other" : ID)));
         when(selectedBuild.getActions(ResultAction.class)).thenReturn(Lists.list(resultAction));
         when(selectedBuild.getAction(ResultAction.class)).thenReturn(resultAction);
         when(selectedBuild.hasPermission(Item.CONFIGURE)).thenReturn(hasConfigurePermission);
+        when(selectedBuild.getParent()).thenReturn(parent);
+
         return selectedBuild;
     }
 }