Java Code Examples for hudson.security.HudsonPrivateSecurityRealm#createAccount()

The following examples show how to use hudson.security.HudsonPrivateSecurityRealm#createAccount() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: UserCreationListenerTest.java    From audit-log-plugin with MIT License 6 votes vote down vote up
@Issue("JENKINS-54088")
@Test
@Parameters({
        "1, alice, alicePassword",
        "1, bob, bobPassword",
        "1, charlie, charliePassword",
        "1, debbie, debbiePassword"
})
public void testUserCreationFromRealm(int expectedCount, String username, String password) throws Exception {
    assertEventCount(app.getEvents(), 0);

    HudsonPrivateSecurityRealm realm = new HudsonPrivateSecurityRealm(false, false, null);
    j.jenkins.setSecurityRealm(realm);

    User user = realm.createAccount(username, password);
    user.save();

    assertEventCount(app.getEvents(), expectedCount);
}
 
Example 2
Source File: HudsonPrivateSecurityRealmConfigurator.java    From configuration-as-code-plugin with MIT License 6 votes vote down vote up
private static User createAccount(HudsonPrivateSecurityRealm target, UserWithPassword user)
    throws IOException {
    User updatedUser;
    if (StringUtils.isNotBlank(user.password)) {
        if (StringUtils.startsWith(user.password, HASHED_PASSWORD_PREFIX)) {
            try {
                updatedUser = target
                    .createAccountWithHashedPassword(user.id, user.password);
            } catch (IllegalArgumentException | IOException e) {
                logger.log(Level.WARNING,
                    "Failed to create user with presumed hashed password", e);
                // fallback, just create the account as is
                updatedUser = target.createAccount(user.id, user.password);
            }
        } else {
            updatedUser = target.createAccount(user.id, user.password);
        }
    } else {
        updatedUser = User.getById(user.id, true);
    }
    return updatedUser;
}
 
Example 3
Source File: ProfileApiTest.java    From blueocean-plugin with MIT License 6 votes vote down vote up
@Test
public void shouldFailForAnonymousRead() throws IOException {
    HudsonPrivateSecurityRealm realm = new HudsonPrivateSecurityRealm(false);
    realm.createAccount("alice","alice");
    j.jenkins.setSecurityRealm(realm);

    GlobalMatrixAuthorizationStrategy as = new GlobalMatrixAuthorizationStrategy();
    j.jenkins.setAuthorizationStrategy(as);
    as.add(Hudson.READ,"alice");

    Map resp = new RequestBuilder(baseUrl)
            .status(403)
            .get("/users/")
            .build(Map.class);
    assertEquals(403, resp.get("code"));
}
 
Example 4
Source File: ProfileApiTest.java    From blueocean-plugin with MIT License 6 votes vote down vote up
@Test
public void shouldSucceedForAnonymousRead() throws IOException {
    HudsonPrivateSecurityRealm realm = new HudsonPrivateSecurityRealm(false);
    realm.createAccount("alice","alice");
    j.jenkins.setSecurityRealm(realm);

    GlobalMatrixAuthorizationStrategy as = new GlobalMatrixAuthorizationStrategy();
    j.jenkins.setAuthorizationStrategy(as);
    as.add(Hudson.READ,"anonymous");

    List resp = new RequestBuilder(baseUrl)
            .status(200)
            .get("/users/")
            .build(List.class);
    assertEquals(1, resp.size());
}
 
Example 5
Source File: ProfileApiTest.java    From blueocean-plugin with MIT License 6 votes vote down vote up
@Test
public void shouldFailForUnauthorizedUser() throws IOException, UnirestException {
    HudsonPrivateSecurityRealm realm = new HudsonPrivateSecurityRealm(false);
    realm.createAccount("alice","alice");
    realm.createAccount("bob","bob");
    j.jenkins.setSecurityRealm(realm);

    GlobalMatrixAuthorizationStrategy as = new GlobalMatrixAuthorizationStrategy();
    j.jenkins.setAuthorizationStrategy(as);
    as.add(Hudson.READ,"alice");

    Map resp = new RequestBuilder(baseUrl)
            .status(403)
            .auth("bob", "bob")
            .get("/users/")
            .build(Map.class);
    assertEquals(403, resp.get("code"));
}
 
Example 6
Source File: UserCreationListenerTest.java    From audit-log-plugin with MIT License 5 votes vote down vote up
@Issue("JENKINS-54088")
@Test
public void testUserCreationAndLoginFromRealm() throws Exception {
    assertEventCount(app.getEvents(), 0);

    HudsonPrivateSecurityRealm realm = new HudsonPrivateSecurityRealm(false, false, null);
    j.jenkins.setSecurityRealm(realm);

    User u1 = realm.createAccount("charlie", USERS.get("charlie"));
    u1.save();
    client.login("charlie", USERS.get("charlie"));

    // verify the audit event log messages as user creation and user login events
    StructuredDataMessage logMessageOne = (StructuredDataMessage) app.getEvents().get(0).getMessage();
    StructuredDataMessage logMessageTwo = (StructuredDataMessage) app.getEvents().get(1).getMessage();

    assertTrue(logMessageOne.toString().contains("createUser"));
    assertTrue(logMessageTwo.toString().contains("login"));

    // verify a login event occurred
    client.executeOnServer(() -> {
        Authentication a = Jenkins.getAuthentication();
        assertEquals("charlie", a.getName());

        return null;
    });

    assertEventCount(app.getEvents(), 2);
}
 
Example 7
Source File: ArtifactsSecurity564.java    From blueocean-plugin with MIT License 5 votes vote down vote up
/**
 * Uses matrix-auth to provide artifacts permission.
 *
 * If hudson.security.ArtifactsPermission is set then the user must have Run.ARTIFACTS set.
 *
 * @throws Exception
 */
@Issue("SECURITY-564")
@Test
public void testArtifactsWithPermissions() throws Exception {
    String JOB_NAME = "artifactPermissions";
    String artifactPath = "a/b/c";
    HudsonPrivateSecurityRealm realm = new HudsonPrivateSecurityRealm(false);
    realm.createAccount("alice","alice");
    realm.createAccount("bob","bob");
    j.jenkins.setSecurityRealm(realm);

    GlobalMatrixAuthorizationStrategy as = new GlobalMatrixAuthorizationStrategy();
    j.jenkins.setAuthorizationStrategy(as);
    as.add(Hudson.READ,"alice");
    as.add(Item.READ,"alice");
    as.add(Run.ARTIFACTS,"alice");
    as.add(Hudson.READ,"bob");
    as.add(Item.READ,"bob");

    FreeStyleProject p = j.createFreeStyleProject(JOB_NAME);
    p.getBuildersList().add(new ArtifactBuilder(artifactPath, 100));
    p.getPublishersList().add(new ArtifactArchiver("**/*"));
    Run r = p.scheduleBuild2(0).waitForStart();

    r = j.waitForCompletion(r);

    List artifacts = request().authAlice().get("/organizations/jenkins/pipelines/"+JOB_NAME+"/runs/"+r.getId()+"/artifacts").build(List.class);

    Assert.assertEquals(100, artifacts.size());
    Assert.assertEquals(0, ((Map) artifacts.get(0)).get("size"));
    Assert.assertEquals(artifactPath + "/0.txt", ((Map) artifacts.get(0)).get("path"));
    Assert.assertEquals("/job/artifactPermissions/1/artifact/"+ artifactPath +"/0.txt", ((Map) artifacts.get(0)).get("url"));

    List artifactsBob = request().auth("bob", "bob").get("/organizations/jenkins/pipelines/"+JOB_NAME+"/runs/"+r.getId()+"/artifacts").build(List.class);

    Assert.assertEquals(0, artifactsBob.size());
}