Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  package hudson.plugins.collabnet.auth;
  
  import hudson.model.Item;
  
 import java.util.List;
 
An ACL that uses project roles to determine what Hudson permissions to give.
 
 public class CNProjectACL extends ACL {
     private String project;
     private String projectId = null;
 
     private static Logger log = Logger.getLogger("CNProjectACL");

    
Constructed with the CollabNet project name.
 
     public CNProjectACL(String project) {
         this. = project;
     }
 
     public String getProjectId(CNConnection conn) {
         if (this. == null) {
             this. = conn.getProjectId(this.);
         }
         return this.;
     }
 
     public boolean hasPermission(Authentication aPermission permission) {
         CNConnection conn = CNConnection.getInstance(a);
         if (conn == null) {
             .severe("Improper Authentication type used with " +
                        "CNAuthorizationStrategy!  CNAuthorization " +
                        "strategy cannot be used without " +
                        "CNAuthentication.  Please re-configure your " +
                        "Hudson instance.");
             return false;
         }
         String projId = this.getProjectId(conn);
         if (projId == null) {
             .severe("hasPerission: project id could not be found for " +
                       "project: " + this. + ".");
             return false;
         }
         Collection<CollabNetRoleuserRoles = 
             CollabNetRoles.getRoles(conn.getUserRoles(projId
                                                       conn.getUsername()));
         for(; permission!=nullpermission=permission.impliedBy) {
             for (CollabNetRole roleuserRoles) {
                 if (role.hasPermission(permission)) {
                     return true;
                 }
             }
         }
         return false;
     }
 
     public static class CollabNetRoles {
         private static Collection<CollabNetRoleroles = 
             Collections.emptyList();

        
Get the role which matches this name, if one exists. This is a bit inefficient, but should be ok for small numbers of roles. If we ever have performance problems, we might want to consider putting this in a name->role HashMap.

Parameters:
name to match
Returns:
the matching CollabNetRole or null if none is found.
 
         public static CollabNetRole getRole(String name) {
             for (CollabNetRole role: CollabNetRoles.getAllRoles()) {
                 if (role.getName().equals(name)) {
                     return role;
                 }
             }
             return null;
         }

        
Get the roles matching a set of role names.

Parameters:
names to match
Returns:
a collection of matching roles. If a name doesn't match any CollabNetRole, it will be skipped.
 
        public static Collection<CollabNetRolegetRoles(Collection<String
                                                         names) {
            Collection<CollabNetRolematchRoles = 
                new ArrayList<CollabNetRole>();
            for (String namenames) {
                CollabNetRole role = CollabNetRoles.getRole(name);
                if (role != null) {
                    matchRoles.add(role);
                }
            }
            return matchRoles;
        }

        

Returns:
all roles. Lazily initialized.
        public static Collection<CollabNetRolegetAllRoles() {
            if (..isEmpty()) {
                 = new ArrayList<CollabNetRole>();
                Collection<PermissiontempPermission = 
                    new ArrayList<Permission>();
                tempPermission.add(.);
                tempPermission.add(.);
                .add(new CollabNetRole("Hudson Read""Allows users " +
                                            "read-access to Hudson jobs."
                                            tempPermission));
                tempPermission.clear();
                tempPermission.add(.);
                tempPermission.add(.);
                tempPermission.add(.);
                tempPermission.add(.);
                .add(new CollabNetRole("Hudson Build/Cancel""Allow " +
                                            "users to start a new build, or " +
                                            "to cancel a build."
                                            tempPermission));
                tempPermission.clear();
                tempPermission.add(.);
                .add(new CollabNetRole("Hudson Configure""Allow users" +
                                            " to configure a build."
                                            tempPermission));
                tempPermission.clear();
                tempPermission.add(.);
                .add(new CollabNetRole("Hudson Delete""Allow users to " 
                                            + "delete builds."
                                            tempPermission));
                tempPermission.clear();
                // add build promotion as a permission, if the build promotion
                // plugin is present.
                if (Hudson.getInstance().
                    getPlugin("promoted-builds") != null) {
                    // check if we have the PROMOTE permission
                    Field promote = null;
                    Field[] promotionFields = Promotion.class.getFields();
                    for (Field fieldpromotionFields) {
                        if (field.getName().equals("PROMOTE")) {
                            promote = field;
                            break;
                        }
                    }
                    if (promote != null) {
                        Permission promotePermission = null;
                        try {
                            promotePermission = (Permissionpromote.get(null);
                        } catch (IllegalAccessException iae) {}
                        if (promotePermission != null) {
                            // if we have the permission, add it
                            tempPermission.add(promotePermission);
                        }
                    }
                } 
                // We'll add the role whether or not there's a
                // permission to associated with it.
                .add(new CollabNetRole("Hudson Promote"
                                            "Allow users to " +
                                            "promote builds."
                                            tempPermission));
                tempPermission.clear();
            }
            return .;
        }

        

Returns:
an ordered List of Role names.
        public static List<StringgetNames() {
            List<Stringnames = new ArrayList<String>();
            for (CollabNetRole role: CollabNetRoles.getAllRoles()) {
                names.add(role.getName());
            }
            return names;
        }

        

Returns:
an ordered List of Role descriptions.
        public static List<StringgetDescriptions() {
            List<Stringdescriptions = new ArrayList<String>();
            for (CollabNetRole role: CollabNetRoles.getAllRoles()) {
                descriptions.add(role.getDescription());
            }
            return descriptions;
        }

        
Given a permission, return the CollabNet role which would grant that permission (if any). Returns the first permission granting role found (but we expect only one).

Parameters:
permission
Returns:
the CollabNet role which would grant that permission, or null if none would.
        public static CollabNetRole getGrantingRole(Permission permission) {
            Collection<PermissionimplyingPermissions = 
                CollabNetRoles.expandPermissions(permission);
            for (CollabNetRole role: CollabNetRoles.getAllRoles()) {
                for (Permission pimplyingPermissions) {
                    if (role.hasPermission(p)) {
                        return role;
                    }
                }
            }
            return null;
        }

        
Given a permission, expand it into a collection, containing every permission implied by this permission (including the starting permission).

Parameters:
permission
Returns:
the collection of implied permissions.
        private static Collection<PermissionexpandPermissions(Permission 
                                                                permission) {
            Collection<Permissionpermissions = new ArrayList<Permission>();
            for(Permission p = permissionp != null
                p = permission.impliedBy) {
                permissions.add(p);
            }
            return permissions;
        }
        
    }
New to GrepCode? Check out our FAQ X