Fix permission problem when finding builds
Plugin runs as user "anonymous". Escalate priviledges so it can find projects/builds also in the case that "anonymous" user does not have read permissions for them. Change-Id: Iccf19460bb02a450d4a82fdabaf9dbc37a3ffe97
This commit is contained in:
parent
b879f56ef1
commit
46d74f029f
|
@ -21,9 +21,14 @@ package hudson.plugins.gearman;
|
|||
import hudson.model.AbstractProject;
|
||||
import hudson.model.Computer;
|
||||
import hudson.model.Run;
|
||||
import hudson.security.ACL;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import jenkins.model.Jenkins;
|
||||
|
||||
import org.acegisecurity.context.SecurityContextHolder;
|
||||
import org.acegisecurity.context.SecurityContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
@ -70,13 +75,35 @@ public class GearmanPluginUtil {
|
|||
*/
|
||||
public static Run<?,?> findBuild(String jobName, int buildNumber) {
|
||||
|
||||
AbstractProject<?,?> project = Jenkins.getActiveInstance().getItemByFullName(jobName, AbstractProject.class);
|
||||
if (project != null){
|
||||
Run<?,?> run = project.getBuildByNumber(buildNumber);
|
||||
if (run != null) {
|
||||
return run;
|
||||
SecurityContext oldContext = ACL.impersonate(ACL.SYSTEM);
|
||||
try {
|
||||
AbstractProject<?,?> project = Jenkins.getActiveInstance().getItemByFullName(jobName, AbstractProject.class);
|
||||
if (project != null){
|
||||
Run<?,?> run = project.getBuildByNumber(buildNumber);
|
||||
if (run != null) {
|
||||
return run;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
} finally {
|
||||
SecurityContextHolder.setContext(oldContext);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets description of the build
|
||||
*
|
||||
* @param build
|
||||
* Build to set the description of
|
||||
* @param description
|
||||
* New build description
|
||||
*/
|
||||
public static void setBuildDescription(Run build, String description) throws IOException {
|
||||
SecurityContext oldContext = ACL.impersonate(ACL.SYSTEM);
|
||||
try {
|
||||
build.setDescription(description);
|
||||
} finally {
|
||||
SecurityContextHolder.setContext(oldContext);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -20,14 +20,11 @@
|
|||
package hudson.plugins.gearman;
|
||||
|
||||
import hudson.model.Run;
|
||||
import hudson.security.ACL;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.util.Map;
|
||||
|
||||
import org.acegisecurity.context.SecurityContextHolder;
|
||||
import org.acegisecurity.context.SecurityContext;
|
||||
import org.gearman.client.GearmanJobResult;
|
||||
import org.gearman.client.GearmanJobResultImpl;
|
||||
import org.gearman.worker.AbstractGearmanFunction;
|
||||
|
@ -84,16 +81,11 @@ public class SetDescriptionWorker extends AbstractGearmanFunction {
|
|||
// find build then update its description
|
||||
Run<?,?> build = GearmanPluginUtil.findBuild(jobName, Integer.parseInt(buildNumber));
|
||||
if (build != null) {
|
||||
SecurityContext oldContext = ACL.impersonate(ACL.SYSTEM);
|
||||
try {
|
||||
try {
|
||||
build.setDescription(buildDescription);
|
||||
} catch (IOException e) {
|
||||
throw new IllegalArgumentException("Unable to set description for " +
|
||||
jobName + ": " + buildNumber);
|
||||
}
|
||||
} finally {
|
||||
SecurityContextHolder.setContext(oldContext);
|
||||
GearmanPluginUtil.setBuildDescription(build, buildDescription);
|
||||
} catch (IOException e) {
|
||||
throw new IllegalArgumentException("Unable to set description for " +
|
||||
jobName + ": " + buildNumber);
|
||||
}
|
||||
jobResultMsg = "Description for Jenkins build " +buildNumber+" was updated to " + buildDescription;
|
||||
jobResult = true;
|
||||
|
|
Loading…
Reference in New Issue