Skip to content

Commit

Permalink
Use Jenkins.READ permission check for all list box models.
Browse files Browse the repository at this point in the history 
Additionally, use permissions for a `BuildableItem` in all validations.
  • Loading branch information
@uhafner
uhafner committed Nov 14, 2023
1 parent 63c2c32 commit de9cee8
Show file tree
Hide file tree
Showing 13 changed files with 87 additions and 81 deletions.
6 changes: 3 additions & 3 deletions plugin/src/main/java/io/jenkins/plugins/analysis/core/filter/RegexpFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.verb.POST;
import hudson.model.AbstractDescribableImpl;
import hudson.model.AbstractProject;
import hudson.model.BuildableItem;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.util.FormValidation;
Expand Down Expand Up @@ -80,7 +80,7 @@ public RegexpFilterDescriptor() {
}

/**
* Performs on-the-fly validation on threshold for high warnings.
* Performs on-the-fly validation of the regexp pattern.
*
* @param project
* the project that is configured
Expand All @@ -90,7 +90,7 @@ public RegexpFilterDescriptor() {
* @return the validation result
*/
@POST
public FormValidation doCheckPattern(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckPattern(@AncestorInPath final BuildableItem project,
@QueryParameter final String pattern) {
if (!jenkinsFacade.hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand Down
19 changes: 9 additions & 10 deletions plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ReportScanningTool.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,13 @@
import org.kohsuke.stapler.verb.POST;
import hudson.FilePath;
import hudson.model.AbstractProject;
import hudson.model.BuildableItem;
import hudson.model.Item;
import hudson.model.Run;
import hudson.model.TaskListener;
import hudson.util.ComboBoxModel;
import hudson.util.FormValidation;
import jenkins.model.Jenkins;

import io.jenkins.plugins.analysis.core.model.AnalysisModelParser.AnalysisModelParserDescriptor;
import io.jenkins.plugins.analysis.core.util.ConsoleLogReaderFactory;
Expand Down Expand Up @@ -257,14 +259,11 @@ protected ReportScanningToolDescriptor(final String id) {
/**
* Returns a model with all available charsets.
*
* @param project
* the project that is configured
*
* @return a model with all available charsets
*/
@POST
public ComboBoxModel doFillReportEncodingItems(@AncestorInPath final AbstractProject<?, ?> project) {
if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
public ComboBoxModel doFillReportEncodingItems() {
if (JENKINS.hasPermission(Jenkins.READ)) {
return VALIDATION_UTILITIES.getAllCharsets();
}
return new ComboBoxModel();
Expand All @@ -281,9 +280,9 @@ public ComboBoxModel doFillReportEncodingItems(@AncestorInPath final AbstractPro
* @return the validation result
*/
@POST
public FormValidation doCheckReportEncoding(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckReportEncoding(@AncestorInPath final BuildableItem project,
@QueryParameter final String reportEncoding) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
if (!JENKINS.hasPermission(Jenkins.READ)) {
return FormValidation.ok();
}

Expand Down Expand Up @@ -328,7 +327,7 @@ public boolean hasDefaultPattern() {
}

/**
* Returns whether this parser can scan the console log. Typically, only line based parsers can scan the console
* Returns whether this parser can scan the console log. Typically, only line-based parsers can scan the console
* log. XML parsers should always parse a given file only.
*
* @return the parser to use
Expand All @@ -338,8 +337,8 @@ public boolean canScanConsoleLog() {
}

/**
* Returns the default filename pattern for this tool. Override if your typically works on a specific file.
* Note: if you provide a default pattern then it is not possible to scan Jenkins console log of a build.
* Returns the default filename pattern for this tool. Override if your parser typically works on a specific file.
* Note: if you provide a default pattern, then it is not possible to scan Jenkins' console log of a build.
*
* @return the default pattern
*/
Expand Down
4 changes: 2 additions & 2 deletions plugin/src/main/java/io/jenkins/plugins/analysis/core/model/Tool.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
import org.jenkinsci.Symbol;
import hudson.FilePath;
import hudson.model.AbstractDescribableImpl;
import hudson.model.AbstractProject;
import hudson.model.BuildableItem;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.model.Run;
Expand Down Expand Up @@ -197,7 +197,7 @@ protected ToolDescriptor(final String defaultId) {
* @return the validation result
*/
@POST
public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckId(@AncestorInPath final BuildableItem project,
@QueryParameter final String id) {
if (!new JenkinsFacade().hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand Down
6 changes: 3 additions & 3 deletions plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ToolSelection.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
import org.kohsuke.stapler.verb.POST;
import hudson.Extension;
import hudson.model.AbstractDescribableImpl;
import hudson.model.AbstractProject;
import hudson.model.BuildableItem;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.util.ComboBoxModel;
Expand Down Expand Up @@ -113,7 +113,7 @@ static void setJenkinsFacade(final JenkinsFacade facade) {
* @return a model with all static analysis tool IDs of all jobs
*/
@POST
public ComboBoxModel doFillIdItems(@AncestorInPath final AbstractProject<?, ?> project) {
public ComboBoxModel doFillIdItems(@AncestorInPath final BuildableItem project) {
ComboBoxModel model = new ComboBoxModel();
if (jenkinsFacade.hasPermission(Item.CONFIGURE, project)) {
model.addAll(collectAvailableIds());
Expand All @@ -139,7 +139,7 @@ private Set<String> collectAvailableIds() {
* @return the validation result
*/
@POST
public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckId(@AncestorInPath final BuildableItem project,
@QueryParameter final String id) {
if (!new JenkinsFacade().hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand Down
15 changes: 6 additions & 9 deletions plugin/src/main/java/io/jenkins/plugins/analysis/core/steps/AnalysisStepDescriptor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
import hudson.util.ComboBoxModel;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import jenkins.model.Jenkins;

import io.jenkins.plugins.analysis.core.util.ModelValidation;
import io.jenkins.plugins.util.JenkinsFacade;
Expand Down Expand Up @@ -87,13 +88,11 @@ public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final BuildableI
/**
* Returns a model with all available severity filters.
*
* @param project
* the project that is configured
* @return a model with all available severity filters
*/
@POST
public ListBoxModel doFillMinimumSeverityItems(@AncestorInPath final BuildableItem project) {
if (JENKINS.hasPermission(Item.READ, project)) {
public ListBoxModel doFillMinimumSeverityItems() {
if (JENKINS.hasPermission(Jenkins.READ)) {
return model.getAllSeverityFilters();
}
return new ListBoxModel();
Expand Down Expand Up @@ -162,13 +161,11 @@ public FormValidation doCheckUnhealthy(@AncestorInPath final BuildableItem proje
/**
* Returns a model with all aggregation trend chart positions.
*
* @param project
* the project that is configured
* @return a model with all aggregation trend chart positions
* @return a model with all aggregation trend chart positions
*/
@POST
public ListBoxModel doFillTrendChartTypeItems(@AncestorInPath final BuildableItem project) {
if (JENKINS.hasPermission(Item.READ, project)) {
public ListBoxModel doFillTrendChartTypeItems() {
if (JENKINS.hasPermission(Jenkins.READ)) {
return model.getAllTrendChartTypes();
}
return new ListBoxModel();
Expand Down
28 changes: 13 additions & 15 deletions plugin/src/main/java/io/jenkins/plugins/analysis/core/steps/IssuesRecorder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
import hudson.model.AbstractProject;
import hudson.model.Action;
import hudson.model.BuildListener;
import hudson.model.BuildableItem;
import hudson.model.Item;
import hudson.model.Result;
import hudson.model.Run;
Expand All @@ -41,6 +42,7 @@
import hudson.util.ComboBoxModel;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import jenkins.model.Jenkins;

import io.jenkins.plugins.analysis.core.filter.RegexpFilter;
import io.jenkins.plugins.analysis.core.model.AnalysisResult;
Expand Down Expand Up @@ -907,7 +909,7 @@ public boolean isApplicable(final Class<? extends AbstractProject> jobType) {
* @return the validation result
*/
@POST
public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckId(@AncestorInPath final BuildableItem project,
@QueryParameter final String id) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand All @@ -924,7 +926,7 @@ public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> proj
* @return a model with all available charsets
*/
@POST
public ComboBoxModel doFillSourceCodeEncodingItems(@AncestorInPath final AbstractProject<?, ?> project) {
public ComboBoxModel doFillSourceCodeEncodingItems(@AncestorInPath final BuildableItem project) {
if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
return VALIDATION_UTILITIES.getAllCharsets();
}
Expand All @@ -934,13 +936,11 @@ public ComboBoxModel doFillSourceCodeEncodingItems(@AncestorInPath final Abstrac
/**
* Returns a model with all available severity filters.
*
* @param project
* the project that is configured
* @return a model with all available severity filters
*/
@POST
public ListBoxModel doFillMinimumSeverityItems(@AncestorInPath final AbstractProject<?, ?> project) {
if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
public ListBoxModel doFillMinimumSeverityItems() {
if (JENKINS.hasPermission(Jenkins.READ)) {
return model.getAllSeverityFilters();
}
return new ListBoxModel();
Expand All @@ -957,7 +957,7 @@ public ListBoxModel doFillMinimumSeverityItems(@AncestorInPath final AbstractPro
* @return the validation result
*/
@POST
public FormValidation doCheckReportEncoding(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckReportEncoding(@AncestorInPath final BuildableItem project,
@QueryParameter final String reportEncoding) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand All @@ -977,7 +977,7 @@ public FormValidation doCheckReportEncoding(@AncestorInPath final AbstractProjec
* @return the validation result
*/
@POST
public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final BuildableItem project,
@QueryParameter final String sourceCodeEncoding) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand All @@ -999,7 +999,7 @@ public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final AbstractPr
* @return the validation result
*/
@POST
public FormValidation doCheckHealthy(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckHealthy(@AncestorInPath final BuildableItem project,
@QueryParameter final int healthy, @QueryParameter final int unhealthy) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand All @@ -1020,7 +1020,7 @@ public FormValidation doCheckHealthy(@AncestorInPath final AbstractProject<?, ?>
* @return the validation result
*/
@POST
public FormValidation doCheckUnhealthy(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckUnhealthy(@AncestorInPath final BuildableItem project,
@QueryParameter final int healthy, @QueryParameter final int unhealthy) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand All @@ -1031,13 +1031,11 @@ public FormValidation doCheckUnhealthy(@AncestorInPath final AbstractProject<?,
/**
* Returns a model with all aggregation trend chart positions.
*
* @param project
* the project that is configured
* @return a model with all aggregation trend chart positions
* @return a model with all aggregation trend chart positions
*/
@POST
public ListBoxModel doFillTrendChartTypeItems(@AncestorInPath final AbstractProject<?, ?> project) {
if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
public ListBoxModel doFillTrendChartTypeItems() {
if (JENKINS.hasPermission(Jenkins.READ)) {
return model.getAllTrendChartTypes();
}
return new ListBoxModel();
Expand Down
12 changes: 5 additions & 7 deletions plugin/src/main/java/io/jenkins/plugins/analysis/core/util/QualityGate.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,12 @@
import org.kohsuke.stapler.verb.POST;
import hudson.Extension;
import hudson.model.AbstractDescribableImpl;
import hudson.model.AbstractProject;
import hudson.model.BuildableItem;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.util.FormValidation;
import hudson.util.ListBoxModel;
import jenkins.model.Jenkins;

import io.jenkins.plugins.analysis.core.util.IssuesStatistics.StatisticProperties;
import io.jenkins.plugins.util.JenkinsFacade;
Expand Down Expand Up @@ -248,15 +249,13 @@ public QualityGateDescriptor() {
/**
* Return the model for the select widget.
*
* @param project
* the project that is configured
* @return the quality gate types
*/
@POST
public ListBoxModel doFillTypeItems(@AncestorInPath final AbstractProject<?, ?> project) {
public ListBoxModel doFillTypeItems() {
ListBoxModel model = new ListBoxModel();

if (jenkins.hasPermission(Item.CONFIGURE, project)) {
if (jenkins.hasPermission(Jenkins.READ)) {
for (QualityGateType qualityGateType : QualityGateType.values()) {
model.add(qualityGateType.getDisplayName(), qualityGateType.name());
}
Expand All @@ -275,9 +274,8 @@ public ListBoxModel doFillTypeItems(@AncestorInPath final AbstractProject<?, ?>
*
* @return the validation result
*/
@SuppressWarnings("WeakerAccess")
@POST
public FormValidation doCheckThreshold(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckThreshold(@AncestorInPath final BuildableItem project,
@QueryParameter final int threshold) {
if (!jenkins.hasPermission(Item.CONFIGURE, project)) {
return FormValidation.ok();
Expand Down
10 changes: 5 additions & 5 deletions plugin/src/main/java/io/jenkins/plugins/analysis/warnings/DuplicateCodeScanner.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.verb.POST;
import hudson.model.AbstractProject;
import hudson.model.BuildableItem;
import hudson.model.Item;
import hudson.model.Run;
import hudson.util.FormValidation;
Expand Down Expand Up @@ -178,7 +178,7 @@ abstract static class DuplicateCodeDescriptor extends AnalysisModelParserDescrip
}

/**
* Performs on-the-fly validation on threshold for high warnings.
* Performs on-the-fly validation of the threshold for high warnings.
*
* @param project
* the project that is configured
Expand All @@ -190,7 +190,7 @@ abstract static class DuplicateCodeDescriptor extends AnalysisModelParserDescrip
* @return the validation result
*/
@POST
public FormValidation doCheckHighThreshold(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckHighThreshold(@AncestorInPath final BuildableItem project,
@QueryParameter("highThreshold") final int highThreshold,
@QueryParameter("normalThreshold") final int normalThreshold) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
Expand All @@ -200,7 +200,7 @@ public FormValidation doCheckHighThreshold(@AncestorInPath final AbstractProject
}

/**
* Performs on-the-fly validation on threshold for normal warnings.
* Performs on-the-fly validation of the threshold for normal warnings.
*
* @param project
* the project that is configured
Expand All @@ -212,7 +212,7 @@ public FormValidation doCheckHighThreshold(@AncestorInPath final AbstractProject
* @return the validation result
*/
@POST
public FormValidation doCheckNormalThreshold(@AncestorInPath final AbstractProject<?, ?> project,
public FormValidation doCheckNormalThreshold(@AncestorInPath final BuildableItem project,
@QueryParameter("highThreshold") final int highThreshold,
@QueryParameter("normalThreshold") final int normalThreshold) {
if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
Expand Down
Loading

0 comments on commit de9cee8

Please sign in to comment.