Java Code Examples for hudson.model.Item#hasPermission()

public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item) {
    if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
        item != null && !item.hasPermission(Item.EXTENDED_READ)) {
        return new StandardListBoxModel();
    }
    // TODO may also need to specify a specific authentication and domain requirements
    return new StandardListBoxModel()
            .withEmptySelection()
            .withMatching(AuthenticationTokens.matcher(DockerRegistryToken.class),
                    CredentialsProvider.lookupCredentials(
                            StandardCredentials.class,
                            item,
                            null,
                            Collections.<DomainRequirement>emptyList()
                    )
            );
}
 

@SuppressWarnings("deprecation")
public ListBoxModel doFillCredentialsIdItems(
    @AncestorInPath Item context,
    @QueryParameter String remote,
    @QueryParameter String credentialsId) {
  if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER)
      || context != null && !context.hasPermission(Item.EXTENDED_READ)) {
    return new StandardListBoxModel().includeCurrentValue(credentialsId);
  }
  return new StandardListBoxModel()
      .includeEmptyValue()
      .includeMatchingAs(
          context instanceof Queue.Task
              ? Tasks.getAuthenticationOf((Queue.Task) context)
              : ACL.SYSTEM,
          context,
          StandardUsernameCredentials.class,
          URIRequirementBuilder.fromUri(remote).build(),
          GitClient.CREDENTIALS_MATCHER)
      .includeCurrentValue(credentialsId);
}
 

public static FormValidation doCheckFillCredentialsId(
    final Item item, final String credentialsId, final String uri) {
  if (item == null) {
    if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
      return FormValidation.ok();
    }
  } else {
    if (!item.hasPermission(Item.EXTENDED_READ)
        && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
      return FormValidation.ok();
    }
  }
  if (isNullOrEmpty(credentialsId)) {
    return FormValidation.ok();
  }
  if (!findCredentials(item, credentialsId, uri).isPresent()) {
    return FormValidation.error("Cannot find currently selected credentials");
  }
  return FormValidation.ok();
}
 

@SuppressFBWarnings("NP_NULL_PARAM_DEREF")
public static ListBoxModel doFillCredentialsIdItems(
    final Item item, final String credentialsId, final String uri) {
  final StandardListBoxModel result = new StandardListBoxModel();
  if (item == null) {
    if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
      return result.includeCurrentValue(credentialsId);
    }
  } else {
    if (!item.hasPermission(Item.EXTENDED_READ)
        && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
      return result.includeCurrentValue(credentialsId);
    }
  }
  return result //
      .includeEmptyValue() //
      .includeMatchingAs(
          item instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) item) : ACL.SYSTEM,
          item,
          StandardCredentials.class,
          URIRequirementBuilder.fromUri(uri).build(),
          CredentialsMatchers.anyOf(
              CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class),
              CredentialsMatchers.instanceOf(StringCredentials.class)))
      .includeCurrentValue(credentialsId);
}
 

/**
 * Form completion.
 *
 * @param context       the context.
 * @param apiUri        the server url.
 * @param credentialsId the current selection.
 * @return the form items.
 */
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // stapler form binding
public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
                                             @QueryParameter String apiUri,
                                             @QueryParameter String credentialsId) {
    if (context == null
            ? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
            : !context.hasPermission(Item.EXTENDED_READ)) {
        return new StandardListBoxModel().includeCurrentValue(credentialsId);
    }
    StandardListBoxModel result = new StandardListBoxModel();
    result.add(Messages.SSHCheckoutTrait_useAgentKey(), "");
    return result.includeMatchingAs(
            context instanceof Queue.Task
                    ? ((Queue.Task) context).getDefaultAuthentication()
                    : ACL.SYSTEM,
            context,
            StandardUsernameCredentials.class,
            Connector.githubDomainRequirements(apiUri),
            CredentialsMatchers.instanceOf(SSHUserPrivateKey.class)
    );
}
 

/**
 * Validates the credentials id.
 *
 * @param item context for validation
 * @param value to validate
 * @return FormValidation
 */
public FormValidation doCheckCredentialsId(@AncestorInPath Item item, @QueryParameter String value) {
    if (item == null) {
        if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
            return FormValidation.ok();
        }
    } else {
        if (!item.hasPermission(Item.EXTENDED_READ)
                && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
            return FormValidation.ok();
        }
    }
    if (StringUtils.isEmpty(value)) {
        return FormValidation.ok();
    }
    if (null == getCredentials(UsernamePasswordCredentials.class, value)) {
        return FormValidation.error("Cannot find currently selected credentials");
    }
    return FormValidation.ok();
}
 

public ListBoxModel doFillGApiKeyIDItems(
        @AncestorInPath Item item) {
    StandardListBoxModel result = new StandardListBoxModel();
    if (item == null) {
        if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
            return result.includeCurrentValue(gApiKeyID);
        }
    } else {
        if (!item.hasPermission(Item.EXTENDED_READ)
                && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
            return result.includeCurrentValue(gApiKeyID);
        }
    }
    if (gApiKeyID != null) {
        result.includeMatchingAs(ACL.SYSTEM, Jenkins.getInstance(), StringCredentials.class,
                Collections.<DomainRequirement> emptyList(), CredentialsMatchers.allOf(CredentialsMatchers.withId(gApiKeyID)));
    }
    return result
            .includeMatchingAs(ACL.SYSTEM, Jenkins.getInstance(), StringCredentials.class,
                    Collections.<DomainRequirement> emptyList(), CredentialsMatchers.allOf(CredentialsMatchers.instanceOf(StringCredentials.class)));
}
 

public FormValidation doCheckCredentialsId(@AncestorInPath Item item,
    final @QueryParameter String credentialsId,
    final @QueryParameter String url) {

  if (item == null) {
    if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
      return FormValidation.ok();
    }
  } else if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
    return FormValidation.ok();
  }
  if (StringUtils.isBlank(credentialsId)) {
    return FormValidation.warning(Messages.Site_emptyCredentialsId());
  }

  List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(url).build();
  if (CredentialsProvider.listCredentials(StandardUsernameCredentials.class, item, getAuthentication(item), domainRequirements, CredentialsMatchers.withId(credentialsId)).isEmpty()) {
    return FormValidation.error(Messages.Site_invalidCredentialsId());
  }
  return FormValidation.ok();
}
 

public static FormValidation doCheckFillCredentialsId(
    final Item item, final String credentialsId, final String uri) {
  if (item == null) {
    if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
      return FormValidation.ok();
    }
  } else {
    if (!item.hasPermission(Item.EXTENDED_READ)
        && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
      return FormValidation.ok();
    }
  }
  if (isNullOrEmpty(credentialsId)) {
    return FormValidation.ok();
  }
  if (!findCredentials(item, credentialsId, uri).isPresent()) {
    return FormValidation.error("Cannot find currently selected credentials");
  }
  return FormValidation.ok();
}
 

@SuppressFBWarnings("NP_NULL_PARAM_DEREF")
public static ListBoxModel doFillCredentialsIdItems(
    final Item item, final String credentialsId, final String uri) {
  final StandardListBoxModel result = new StandardListBoxModel();
  if (item == null) {
    if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
      return result.includeCurrentValue(credentialsId);
    }
  } else {
    if (!item.hasPermission(Item.EXTENDED_READ)
        && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
      return result.includeCurrentValue(credentialsId);
    }
  }
  return result //
      .includeEmptyValue() //
      .includeMatchingAs(
          item instanceof Queue.Task ? Tasks.getAuthenticationOf((Queue.Task) item) : ACL.SYSTEM,
          item,
          StandardCredentials.class,
          URIRequirementBuilder.fromUri(uri).build(),
          CredentialsMatchers.anyOf(
              CredentialsMatchers.instanceOf(StandardUsernamePasswordCredentials.class),
              CredentialsMatchers.instanceOf(StringCredentials.class)))
      .includeCurrentValue(credentialsId);
}
 

/**
 * Populates the drop-down list of credentials.
 *
 * @param context the context.
 * @param apiUri  the end-point.
 * @param credentialsId the existing selection;
 * @return the drop-down list.
 * @since 2.2.0
 */
@Restricted(NoExternalUse.class) // stapler
public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
                                             @QueryParameter String apiUri,
                                             @QueryParameter String credentialsId) {
    if (context == null
            ? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
            : !context.hasPermission(Item.EXTENDED_READ)) {
        return new StandardListBoxModel().includeCurrentValue(credentialsId);
    }
    return Connector.listScanCredentials(context, apiUri);
}
 

public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item item, @QueryParameter String uri) {
    if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
        item != null && !item.hasPermission(Item.EXTENDED_READ)) {
        return new StandardListBoxModel();
    }
    List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(uri).build();
    domainRequirements.add(new DockerServerDomainRequirement());
    return new StandardListBoxModel()
            .withEmptySelection()
            .withMatching(
                    AuthenticationTokens.matcher(KeyMaterialFactory.class),
                    CredentialsProvider
                            .lookupCredentials(BASE_CREDENTIAL_TYPE, item, null, domainRequirements)
            );
}
 

public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
                                             @QueryParameter String apiUri,
                                             @QueryParameter String credentialsId) {
    if (context == null
            ? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
            : !context.hasPermission(Item.EXTENDED_READ)) {
        return new StandardListBoxModel().includeCurrentValue(credentialsId);
    }
    return Connector.listScanCredentials(context, apiUri);
}
 

public ListBoxModel doFillCredentialsIdItems(final @AncestorInPath Item item,
    @QueryParameter String credentialsId,
    final @QueryParameter String url) {

  StandardListBoxModel result = new StandardListBoxModel();

  credentialsId = StringUtils.trimToEmpty(credentialsId);
  if (item == null) {
    if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
      return result.includeCurrentValue(credentialsId);
    }
  } else {
    if (!item.hasPermission(Item.EXTENDED_READ) && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
      return result.includeCurrentValue(credentialsId);
    }
  }

  Authentication authentication = getAuthentication(item);
  List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(url).build();
  CredentialsMatcher always = CredentialsMatchers.always();
  Class<? extends StandardUsernameCredentials> type = UsernamePasswordCredentialsImpl.class;

  result.includeEmptyValue();
  if (item != null) {
    result.includeMatchingAs(authentication, item, type, domainRequirements, always);
  } else {
    result.includeMatchingAs(authentication, Jenkins.get(), type, domainRequirements, always);
  }
  return result;
}
 

/**
 * Validation for checkout credentials.
 *
 * @param context   the context.
 * @param serverUrl the server url.
 * @param value     the current selection.
 * @return the validation results
 */
@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // stapler form binding
public FormValidation doCheckCredentialsId(@CheckForNull @AncestorInPath Item context,
                                           @QueryParameter String serverUrl,
                                           @QueryParameter String value) {
    if (context == null
            ? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
            : !context.hasPermission(Item.EXTENDED_READ)) {
        return FormValidation.ok();
    }
    if (StringUtils.isBlank(value)) {
        // use agent key
        return FormValidation.ok();
    }
    if (CredentialsMatchers.firstOrNull(CredentialsProvider
                    .lookupCredentials(SSHUserPrivateKey.class, context, context instanceof Queue.Task
                            ? ((Queue.Task) context).getDefaultAuthentication()
                            : ACL.SYSTEM, URIRequirementBuilder.fromUri(serverUrl).build()),
            CredentialsMatchers.withId(value)) != null) {
        return FormValidation.ok();
    }
    if (CredentialsMatchers.firstOrNull(CredentialsProvider
                    .lookupCredentials(StandardUsernameCredentials.class, context, context instanceof Queue.Task
                            ? ((Queue.Task) context).getDefaultAuthentication()
                            : ACL.SYSTEM, URIRequirementBuilder.fromUri(serverUrl).build()),
            CredentialsMatchers.withId(value)) != null) {
        return FormValidation.error(Messages.SSHCheckoutTrait_incompatibleCredentials());
    }
    return FormValidation.warning(Messages.SSHCheckoutTrait_missingCredentials());
}
 

@Restricted(NoExternalUse.class)
@SuppressWarnings("unused") // stapler form binding
public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item context,
                                             @QueryParameter String serverUrl,
                                             @QueryParameter String credentialsId) {
    StandardListBoxModel result = new StandardListBoxModel();
    if (context == null) {
        if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
            // must have admin if you want the list without a context
            result.includeCurrentValue(credentialsId);
            return result;
        }
    } else {
        if (!context.hasPermission(Item.EXTENDED_READ)
                && !context.hasPermission(CredentialsProvider.USE_ITEM)) {
            // must be able to read the configuration or use the item credentials if you want the list
            result.includeCurrentValue(credentialsId);
            return result;
        }
    }
    result.add(Messages.SSHCheckoutTrait_useAgentKey(), "");
    result.includeMatchingAs(
            context instanceof Queue.Task ?
                    ((Queue.Task) context).getDefaultAuthentication()
                    : ACL.SYSTEM,
            context,
            StandardUsernameCredentials.class,
            URIRequirementBuilder.fromUri(serverUrl).build(),
            CredentialsMatchers.instanceOf(SSHUserPrivateKey.class)
    );
    return result;
}
 

/**
 * Checks whether valid credentials are given.
 *
 * @param item
 *         jenkins configuration
 * @param credentialsId
 *         id of the stored credentials pair
 *
 * @return {@link FormValidation#ok()} if credentials exist and are valid
 */
public FormValidation doCheckCredentialsId(
        @AncestorInPath final Item item, @QueryParameter final String credentialsId) {
    if (StringUtils.isBlank(credentialsId)) {
        return FormValidation.error("You have to provide credentials.");
    }
    if (item == null) {
        if (!new JenkinsFacade().hasPermission(Jenkins.ADMINISTER)) {
            return FormValidation.ok();
        }
    }
    else {
        if (!item.hasPermission(Item.EXTENDED_READ)
                && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
            return FormValidation.ok();
        }
    }

    if (CredentialsMatchers.firstOrNull(
            CredentialsProvider.lookupCredentials(
                    StandardUsernamePasswordCredentials.class,
                    item,
                    ACL.SYSTEM,
                    Collections.emptyList()),
            CredentialsMatchers.withId(credentialsId))
            == null) {
        return FormValidation.error("Cannot find currently selected credentials.");
    }
    return FormValidation.ok();
}
 

public ListBoxModel doFillPullCredentialsIdItems(@AncestorInPath Item item,
        @QueryParameter String pullCredentialsId) {
    if (item == null && !Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)
            || item != null && !item.hasPermission(Item.EXTENDED_READ)) {
        return new StandardListBoxModel();
    }

    final DockerRegistryEndpoint.DescriptorImpl descriptor = (DockerRegistryEndpoint.DescriptorImpl) Jenkins
            .getInstance().getDescriptorOrDie(DockerRegistryEndpoint.class);
    return descriptor.doFillCredentialsIdItems(item);
}
 

private boolean hasPermission(Item context) {
    if (context != null) {
        return context.hasPermission(Item.CONFIGURE);
    }
    return Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER);
}
 

@SuppressWarnings("deprecation")
public FormValidation doCheckCredentialsId(
    @AncestorInPath Item context, @QueryParameter String remote, @QueryParameter String value) {
  if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER)
      || context != null && !context.hasPermission(Item.EXTENDED_READ)) {
    return FormValidation.ok();
  }

  value = Util.fixEmptyAndTrim(value);
  if (value == null) {
    return FormValidation.ok();
  }

  remote = Util.fixEmptyAndTrim(remote);
  if (remote == null)
  // not set, can't check
  {
    return FormValidation.ok();
  }

  for (ListBoxModel.Option o :
      CredentialsProvider.listCredentials(
          StandardUsernameCredentials.class,
          context,
          context instanceof Queue.Task
              ? Tasks.getAuthenticationOf((Queue.Task) context)
              : ACL.SYSTEM,
          URIRequirementBuilder.fromUri(remote).build(),
          GitClient.CREDENTIALS_MATCHER)) {
    if (StringUtils.equals(value, o.value)) {
      // TODO check if this type of credential is acceptable to the Git client or does it merit
      // warning
      // NOTE: we would need to actually lookup the credential to do the check, which may
      // require
      // fetching the actual credential instance from a remote credentials store. Perhaps this
      // is
      // not required
      return FormValidation.ok();
    }
  }
  // no credentials available, can't check
  return FormValidation.warning("Cannot find any credentials with id " + value);
}