下面列出了hudson.model.Item#hasPermission ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item) {
if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
item != null && !item.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel();
}
// TODO may also need to specify a specific authentication and domain requirements
return new StandardListBoxModel()
.withEmptySelection()
.withMatching(AuthenticationTokens.matcher(DockerRegistryToken.class),
CredentialsProvider.lookupCredentials(
StandardCredentials.class,
item,
null,
Collections.<DomainRequirement>emptyList()
)
);
}
@SuppressWarnings("deprecation")
public ListBoxModel doFillCredentialsIdItems(
@AncestorInPath Item context,
@QueryParameter String remote,
@QueryParameter String credentialsId) {
if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER)
|| context != null && !context.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel().includeCurrentValue(credentialsId);
}
return new StandardListBoxModel()
.includeEmptyValue()
.includeMatchingAs(
context instanceof Queue.Task
? Tasks.getAuthenticationOf((Queue.Task) context)
: ACL.SYSTEM,
context,
StandardUsernameCredentials.class,
URIRequirementBuilder.fromUri(remote).build(),
GitClient.CREDENTIALS_MATCHER)
.includeCurrentValue(credentialsId);
}
/**
* Validates the credentials id.
*
* @param item context for validation
* @param value to validate
* @return FormValidation
*/
public FormValidation doCheckCredentialsId(@AncestorInPath Item item, @QueryParameter String value) {
if (item == null) {
if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
return FormValidation.ok();
}
} else {
if (!item.hasPermission(Item.EXTENDED_READ)
&& !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return FormValidation.ok();
}
}
if (StringUtils.isEmpty(value)) {
return FormValidation.ok();
}
if (null == getCredentials(UsernamePasswordCredentials.class, value)) {
return FormValidation.error("Cannot find currently selected credentials");
}
return FormValidation.ok();
}
public ListBoxModel doFillGApiKeyIDItems(
@AncestorInPath Item item) {
StandardListBoxModel result = new StandardListBoxModel();
if (item == null) {
if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
return result.includeCurrentValue(gApiKeyID);
}
} else {
if (!item.hasPermission(Item.EXTENDED_READ)
&& !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return result.includeCurrentValue(gApiKeyID);
}
}
if (gApiKeyID != null) {
result.includeMatchingAs(ACL.SYSTEM, Jenkins.getInstance(), StringCredentials.class,
Collections.<DomainRequirement> emptyList(), CredentialsMatchers.allOf(CredentialsMatchers.withId(gApiKeyID)));
}
return result
.includeMatchingAs(ACL.SYSTEM, Jenkins.getInstance(), StringCredentials.class,
Collections.<DomainRequirement> emptyList(), CredentialsMatchers.allOf(CredentialsMatchers.instanceOf(StringCredentials.class)));
}
public FormValidation doCheckCredentialsId(@AncestorInPath Item item,
final @QueryParameter String credentialsId,
final @QueryParameter String url) {
if (item == null) {
if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
return FormValidation.ok();
}
} else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return FormValidation.ok();
}
if (StringUtils.isBlank(credentialsId)) {
return FormValidation.warning(Messages.Site_emptyCredentialsId());
}
List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(url).build();
if (CredentialsProvider.listCredentials(StandardUsernameCredentials.class, item, getAuthentication(item), domainRequirements, CredentialsMatchers.withId(credentialsId)).isEmpty()) {
return FormValidation.error(Messages.Site_invalidCredentialsId());
}
return FormValidation.ok();
}
@SuppressFBWarnings("NP_NULL_PARAM_DEREF")
public static ListBoxModel doFillCredentialsIdItems(
final Item item, final String credentialsId, final String uri) {
final StandardListBoxModel result = new StandardListBoxModel();
if (item == null) {
if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
return result.includeCurrentValue(credentialsId);
}
} else {
if (!item.hasPermission(Item.EXTENDED_READ)
&& !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return result.includeCurrentValue(credentialsId);
}
}
return result //
.includeEmptyValue() //
.includeMatchingAs(
item instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) item) : ACL.SYSTEM,
item,
StandardCredentials.class,
URIRequirementBuilder.fromUri(uri).build(),
CredentialsMatchers.anyOf(
CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class),
CredentialsMatchers.instanceOf(StringCredentials.class)))
.includeCurrentValue(credentialsId);
}
public static FormValidation doCheckFillCredentialsId(
final Item item, final String credentialsId, final String uri) {
if (item == null) {
if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
return FormValidation.ok();
}
} else {
if (!item.hasPermission(Item.EXTENDED_READ)
&& !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return FormValidation.ok();
}
}
if (isNullOrEmpty(credentialsId)) {
return FormValidation.ok();
}
if (!findCredentials(item, credentialsId, uri).isPresent()) {
return FormValidation.error("Cannot find currently selected credentials");
}
return FormValidation.ok();
}
/**
* Form completion.
*
* @param context the context.
* @param apiUri the server url.
* @param credentialsId the current selection.
* @return the form items.
*/
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // stapler form binding
public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
@QueryParameter String apiUri,
@QueryParameter String credentialsId) {
if (context == null
? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
: !context.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel().includeCurrentValue(credentialsId);
}
StandardListBoxModel result = new StandardListBoxModel();
result.add(Messages.SSHCheckoutTrait_useAgentKey(), "");
return result.includeMatchingAs(
context instanceof Queue.Task
? ((Queue.Task) context).getDefaultAuthentication()
: ACL.SYSTEM,
context,
StandardUsernameCredentials.class,
Connector.githubDomainRequirements(apiUri),
CredentialsMatchers.instanceOf(SSHUserPrivateKey.class)
);
}
@SuppressFBWarnings("NP_NULL_PARAM_DEREF")
public static ListBoxModel doFillCredentialsIdItems(
final Item item, final String credentialsId, final String uri) {
final StandardListBoxModel result = new StandardListBoxModel();
if (item == null) {
if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
return result.includeCurrentValue(credentialsId);
}
} else {
if (!item.hasPermission(Item.EXTENDED_READ)
&& !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return result.includeCurrentValue(credentialsId);
}
}
return result //
.includeEmptyValue() //
.includeMatchingAs(
item instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) item) : ACL.SYSTEM,
item,
StandardCredentials.class,
URIRequirementBuilder.fromUri(uri).build(),
CredentialsMatchers.anyOf(
CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class),
CredentialsMatchers.instanceOf(StringCredentials.class)))
.includeCurrentValue(credentialsId);
}
public static FormValidation doCheckFillCredentialsId(
final Item item, final String credentialsId, final String uri) {
if (item == null) {
if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
return FormValidation.ok();
}
} else {
if (!item.hasPermission(Item.EXTENDED_READ)
&& !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return FormValidation.ok();
}
}
if (isNullOrEmpty(credentialsId)) {
return FormValidation.ok();
}
if (!findCredentials(item, credentialsId, uri).isPresent()) {
return FormValidation.error("Cannot find currently selected credentials");
}
return FormValidation.ok();
}
public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String uri) {
if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
item != null && !item.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel();
}
List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(uri).build();
domainRequirements.add(new DockerServerDomainRequirement());
return new StandardListBoxModel()
.withEmptySelection()
.withMatching(
AuthenticationTokens.matcher(KeyMaterialFactory.class),
CredentialsProvider
.lookupCredentials(BASE_CREDENTIAL_TYPE, item, null, domainRequirements)
);
}
public ListBoxModel doFillPullCredentialsIdItems(@AncestorInPath Item item,
@QueryParameter String pullCredentialsId) {
if (item == null && !Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)
|| item != null && !item.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel();
}
final DockerRegistryEndpoint.DescriptorImpl descriptor = (DockerRegistryEndpoint.DescriptorImpl) Jenkins
.getInstance().getDescriptorOrDie(DockerRegistryEndpoint.class);
return descriptor.doFillCredentialsIdItems(item);
}
/**
* Checks whether valid credentials are given.
*
* @param item
* jenkins configuration
* @param credentialsId
* id of the stored credentials pair
*
* @return {@link FormValidation#ok()} if credentials exist and are valid
*/
public FormValidation doCheckCredentialsId(
@AncestorInPath final Item item, @QueryParameter final String credentialsId) {
if (StringUtils.isBlank(credentialsId)) {
return FormValidation.error("You have to provide credentials.");
}
if (item == null) {
if (!new JenkinsFacade().hasPermission(Jenkins.ADMINISTER)) {
return FormValidation.ok();
}
}
else {
if (!item.hasPermission(Item.EXTENDED_READ)
&& !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return FormValidation.ok();
}
}
if (CredentialsMatchers.firstOrNull(
CredentialsProvider.lookupCredentials(
StandardUsernamePasswordCredentials.class,
item,
ACL.SYSTEM,
Collections.emptyList()),
CredentialsMatchers.withId(credentialsId))
== null) {
return FormValidation.error("Cannot find currently selected credentials.");
}
return FormValidation.ok();
}
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // stapler form binding
public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
@QueryParameter String serverUrl,
@QueryParameter String credentialsId) {
StandardListBoxModel result = new StandardListBoxModel();
if (context == null) {
if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
// must have admin if you want the list without a context
result.includeCurrentValue(credentialsId);
return result;
}
} else {
if (!context.hasPermission(Item.EXTENDED_READ)
&& !context.hasPermission(CredentialsProvider.USE_ITEM)) {
// must be able to read the configuration or use the item credentials if you want the list
result.includeCurrentValue(credentialsId);
return result;
}
}
result.add(Messages.SSHCheckoutTrait_useAgentKey(), "");
result.includeMatchingAs(
context instanceof Queue.Task ?
((Queue.Task) context).getDefaultAuthentication()
: ACL.SYSTEM,
context,
StandardUsernameCredentials.class,
URIRequirementBuilder.fromUri(serverUrl).build(),
CredentialsMatchers.instanceOf(SSHUserPrivateKey.class)
);
return result;
}
/**
* Validation for checkout credentials.
*
* @param context the context.
* @param serverUrl the server url.
* @param value the current selection.
* @return the validation results
*/
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // stapler form binding
public FormValidation doCheckCredentialsId(@CheckForNull @AncestorInPath Item context,
@QueryParameter String serverUrl,
@QueryParameter String value) {
if (context == null
? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
: !context.hasPermission(Item.EXTENDED_READ)) {
return FormValidation.ok();
}
if (StringUtils.isBlank(value)) {
// use agent key
return FormValidation.ok();
}
if (CredentialsMatchers.firstOrNull(CredentialsProvider
.lookupCredentials(SSHUserPrivateKey.class, context, context instanceof Queue.Task
? ((Queue.Task) context).getDefaultAuthentication()
: ACL.SYSTEM, URIRequirementBuilder.fromUri(serverUrl).build()),
CredentialsMatchers.withId(value)) != null) {
return FormValidation.ok();
}
if (CredentialsMatchers.firstOrNull(CredentialsProvider
.lookupCredentials(StandardUsernameCredentials.class, context, context instanceof Queue.Task
? ((Queue.Task) context).getDefaultAuthentication()
: ACL.SYSTEM, URIRequirementBuilder.fromUri(serverUrl).build()),
CredentialsMatchers.withId(value)) != null) {
return FormValidation.error(Messages.SSHCheckoutTrait_incompatibleCredentials());
}
return FormValidation.warning(Messages.SSHCheckoutTrait_missingCredentials());
}
public ListBoxModel doFillCredentialsIdItems(final @AncestorInPath Item item,
@QueryParameter String credentialsId,
final @QueryParameter String url) {
StandardListBoxModel result = new StandardListBoxModel();
credentialsId = StringUtils.trimToEmpty(credentialsId);
if (item == null) {
if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
return result.includeCurrentValue(credentialsId);
}
} else {
if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
return result.includeCurrentValue(credentialsId);
}
}
Authentication authentication = getAuthentication(item);
List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(url).build();
CredentialsMatcher always = CredentialsMatchers.always();
Class<? extends StandardUsernameCredentials> type = UsernamePasswordCredentialsImpl.class;
result.includeEmptyValue();
if (item != null) {
result.includeMatchingAs(authentication, item, type, domainRequirements, always);
} else {
result.includeMatchingAs(authentication, Jenkins.get(), type, domainRequirements, always);
}
return result;
}
public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
@QueryParameter String apiUri,
@QueryParameter String credentialsId) {
if (context == null
? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
: !context.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel().includeCurrentValue(credentialsId);
}
return Connector.listScanCredentials(context, apiUri);
}
/**
* Populates the drop-down list of credentials.
*
* @param context the context.
* @param apiUri the end-point.
* @param credentialsId the existing selection;
* @return the drop-down list.
* @since 2.2.0
*/
@Restricted(NoExternalUse.class) // stapler
public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
@QueryParameter String apiUri,
@QueryParameter String credentialsId) {
if (context == null
? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
: !context.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel().includeCurrentValue(credentialsId);
}
return Connector.listScanCredentials(context, apiUri);
}
@SuppressWarnings("deprecation")
public FormValidation doCheckCredentialsId(
@AncestorInPath Item context, @QueryParameter String remote, @QueryParameter String value) {
if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER)
|| context != null && !context.hasPermission(Item.EXTENDED_READ)) {
return FormValidation.ok();
}
value = Util.fixEmptyAndTrim(value);
if (value == null) {
return FormValidation.ok();
}
remote = Util.fixEmptyAndTrim(remote);
if (remote == null)
// not set, can't check
{
return FormValidation.ok();
}
for (ListBoxModel.Option o :
CredentialsProvider.listCredentials(
StandardUsernameCredentials.class,
context,
context instanceof Queue.Task
? Tasks.getAuthenticationOf((Queue.Task) context)
: ACL.SYSTEM,
URIRequirementBuilder.fromUri(remote).build(),
GitClient.CREDENTIALS_MATCHER)) {
if (StringUtils.equals(value, o.value)) {
// TODO check if this type of credential is acceptable to the Git client or does it merit
// warning
// NOTE: we would need to actually lookup the credential to do the check, which may
// require
// fetching the actual credential instance from a remote credentials store. Perhaps this
// is
// not required
return FormValidation.ok();
}
}
// no credentials available, can't check
return FormValidation.warning("Cannot find any credentials with id " + value);
}
private boolean hasPermission(Item context) {
if (context != null) {
return context.hasPermission(Item.CONFIGURE);
}
return Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER);
}