summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Hruban <jan.hruban@gooddata.com>2015-10-12 22:14:59 +0200
committerJan Hruban <jan.hruban@gooddata.com>2016-03-21 09:44:28 +0100
commit46d74f029f19067446ae386e8a6ed47fb627d867 (patch)
tree203c411178885ff71d39de364ac6040e5b7885be
parentb879f56ef1ccb3f81edd7768d439c7617edf6df2 (diff)
Fix permission problem when finding buildsHEADmaster
Plugin runs as user "anonymous". Escalate priviledges so it can find projects/builds also in the case that "anonymous" user does not have read permissions for them. Change-Id: Iccf19460bb02a450d4a82fdabaf9dbc37a3ffe97
Notes
Notes (review): Code-Review+2: Khai Do <zaro0508@gmail.com> Code-Review+1: Michal Stolarczyk <zerodivisible@gmail.com> Workflow+1: Khai Do <zaro0508@gmail.com> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Fri, 02 Dec 2016 23:39:33 +0000 Reviewed-on: https://review.openstack.org/234036 Project: openstack-infra/gearman-plugin Branch: refs/heads/master
-rw-r--r--src/main/java/hudson/plugins/gearman/GearmanPluginUtil.java39
-rw-r--r--src/main/java/hudson/plugins/gearman/SetDescriptionWorker.java16
2 files changed, 37 insertions, 18 deletions
diff --git a/src/main/java/hudson/plugins/gearman/GearmanPluginUtil.java b/src/main/java/hudson/plugins/gearman/GearmanPluginUtil.java
index e16e315..36420c0 100644
--- a/src/main/java/hudson/plugins/gearman/GearmanPluginUtil.java
+++ b/src/main/java/hudson/plugins/gearman/GearmanPluginUtil.java
@@ -21,9 +21,14 @@ package hudson.plugins.gearman;
21import hudson.model.AbstractProject; 21import hudson.model.AbstractProject;
22import hudson.model.Computer; 22import hudson.model.Computer;
23import hudson.model.Run; 23import hudson.model.Run;
24import hudson.security.ACL;
25
26import java.io.IOException;
24 27
25import jenkins.model.Jenkins; 28import jenkins.model.Jenkins;
26 29
30import org.acegisecurity.context.SecurityContextHolder;
31import org.acegisecurity.context.SecurityContext;
27import org.slf4j.Logger; 32import org.slf4j.Logger;
28import org.slf4j.LoggerFactory; 33import org.slf4j.LoggerFactory;
29 34
@@ -70,13 +75,35 @@ public class GearmanPluginUtil {
70 */ 75 */
71 public static Run<?,?> findBuild(String jobName, int buildNumber) { 76 public static Run<?,?> findBuild(String jobName, int buildNumber) {
72 77
73 AbstractProject<?,?> project = Jenkins.getActiveInstance().getItemByFullName(jobName, AbstractProject.class); 78 SecurityContext oldContext = ACL.impersonate(ACL.SYSTEM);
74 if (project != null){ 79 try {
75 Run<?,?> run = project.getBuildByNumber(buildNumber); 80 AbstractProject<?,?> project = Jenkins.getActiveInstance().getItemByFullName(jobName, AbstractProject.class);
76 if (run != null) { 81 if (project != null){
77 return run; 82 Run<?,?> run = project.getBuildByNumber(buildNumber);
83 if (run != null) {
84 return run;
85 }
78 } 86 }
87 return null;
88 } finally {
89 SecurityContextHolder.setContext(oldContext);
90 }
91 }
92
93 /**
94 * Sets description of the build
95 *
96 * @param build
97 * Build to set the description of
98 * @param description
99 * New build description
100 */
101 public static void setBuildDescription(Run build, String description) throws IOException {
102 SecurityContext oldContext = ACL.impersonate(ACL.SYSTEM);
103 try {
104 build.setDescription(description);
105 } finally {
106 SecurityContextHolder.setContext(oldContext);
79 } 107 }
80 return null;
81 } 108 }
82} 109}
diff --git a/src/main/java/hudson/plugins/gearman/SetDescriptionWorker.java b/src/main/java/hudson/plugins/gearman/SetDescriptionWorker.java
index 2127092..a19c4ee 100644
--- a/src/main/java/hudson/plugins/gearman/SetDescriptionWorker.java
+++ b/src/main/java/hudson/plugins/gearman/SetDescriptionWorker.java
@@ -20,14 +20,11 @@
20package hudson.plugins.gearman; 20package hudson.plugins.gearman;
21 21
22import hudson.model.Run; 22import hudson.model.Run;
23import hudson.security.ACL;
24 23
25import java.io.IOException; 24import java.io.IOException;
26import java.io.UnsupportedEncodingException; 25import java.io.UnsupportedEncodingException;
27import java.util.Map; 26import java.util.Map;
28 27
29import org.acegisecurity.context.SecurityContextHolder;
30import org.acegisecurity.context.SecurityContext;
31import org.gearman.client.GearmanJobResult; 28import org.gearman.client.GearmanJobResult;
32import org.gearman.client.GearmanJobResultImpl; 29import org.gearman.client.GearmanJobResultImpl;
33import org.gearman.worker.AbstractGearmanFunction; 30import org.gearman.worker.AbstractGearmanFunction;
@@ -84,16 +81,11 @@ public class SetDescriptionWorker extends AbstractGearmanFunction {
84 // find build then update its description 81 // find build then update its description
85 Run<?,?> build = GearmanPluginUtil.findBuild(jobName, Integer.parseInt(buildNumber)); 82 Run<?,?> build = GearmanPluginUtil.findBuild(jobName, Integer.parseInt(buildNumber));
86 if (build != null) { 83 if (build != null) {
87 SecurityContext oldContext = ACL.impersonate(ACL.SYSTEM);
88 try { 84 try {
89 try { 85 GearmanPluginUtil.setBuildDescription(build, buildDescription);
90 build.setDescription(buildDescription); 86 } catch (IOException e) {
91 } catch (IOException e) { 87 throw new IllegalArgumentException("Unable to set description for " +
92 throw new IllegalArgumentException("Unable to set description for " + 88 jobName + ": " + buildNumber);
93 jobName + ": " + buildNumber);
94 }
95 } finally {
96 SecurityContextHolder.setContext(oldContext);
97 } 89 }
98 jobResultMsg = "Description for Jenkins build " +buildNumber+" was updated to " + buildDescription; 90 jobResultMsg = "Description for Jenkins build " +buildNumber+" was updated to " + buildDescription;
99 jobResult = true; 91 jobResult = true;