Java Code Examples for hudson.security.PermissionGroup#getAll()

/**
 * Attempt to match a given permission to what is defined in the UI.
 * @param id String of the form "Title/Permission" (Look in the UI) for a particular permission
 * @return a matched permission ID
 */
@CheckForNull
public static String findPermissionId(String id) {
    List<PermissionGroup> pgs = PermissionGroup.getAll();
    Matcher m = PERMISSION_PATTERN.matcher(id);
    if(m.matches()) {
        String owner = m.group(1);
        String name = m.group(2);
        for(PermissionGroup pg : pgs) {
            if(pg.owner.equals(Permission.class)) {
                continue;
            }
            if(pg.getId().equals(owner)) {
                return pg.owner.getName() + "." + name;
            }
        }
    }
    return null;
}
 

@Nonnull
@Override
public FolderBasedAuthorizationStrategy newInstance(@Nullable StaplerRequest req, @Nonnull JSONObject formData) {
    AuthorizationStrategy strategy = Jenkins.get().getAuthorizationStrategy();
    if (strategy instanceof FolderBasedAuthorizationStrategy) {
        // this action was invoked from the 'Configure Global Security' page when the
        // old strategy was FolderBasedAuthorizationStrategy; return it back as formData would be empty
        return (FolderBasedAuthorizationStrategy) strategy;
    } else {
        // when this AuthorizationStrategy is selected for the first time, this makes the current
        // user admin (give all permissions) and prevents him/her from getting access denied.
        // The same thing happens in Role Strategy plugin. See RoleBasedStrategy.DESCRIPTOR.newInstance()

        HashSet<PermissionGroup> groups = new HashSet<>(PermissionGroup.getAll());
        groups.remove(PermissionGroup.get(Permission.class));
        Set<PermissionWrapper> adminPermissions = PermissionWrapper.wrapPermissions(
            FolderAuthorizationStrategyManagementLink.getSafePermissions(groups));

        GlobalRole adminRole = new GlobalRole(ADMIN_ROLE_NAME, adminPermissions,
            Collections.singleton(new PrincipalSid(Jenkins.getAuthentication()).getPrincipal()));

        return new FolderBasedAuthorizationStrategy(Collections.singleton(adminRole), Collections.emptySet(),
            Collections.emptySet());
    }
}
 

@Nonnull
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // used by index.jelly
public Set<Permission> getGlobalPermissions() {
    HashSet<PermissionGroup> groups = new HashSet<>(PermissionGroup.getAll());
    groups.remove(PermissionGroup.get(Permission.class));
    return getSafePermissions(groups);
}
 

@Nonnull
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // used by index.jelly
public Set<Permission> getFolderPermissions() {
    HashSet<PermissionGroup> groups = new HashSet<>(PermissionGroup.getAll());
    groups.remove(PermissionGroup.get(Hudson.class));
    groups.remove(PermissionGroup.get(Computer.class));
    groups.remove(PermissionGroup.get(Permission.class));
    return getSafePermissions(groups);
}
 

@Nonnull
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // used by index.jelly
public Set<Permission> getAgentPermissions() {
    HashSet<PermissionGroup> groups = new HashSet<>(PermissionGroup.getAll());
    groups.remove(PermissionGroup.get(Run.class));
    groups.remove(PermissionGroup.get(SCM.class));
    groups.remove(PermissionGroup.get(View.class));
    groups.remove(PermissionGroup.get(Item.class));
    groups.remove(PermissionGroup.get(Hudson.class));
    groups.remove(PermissionGroup.get(Permission.class));
    return getSafePermissions(groups);
}