diff options
author | Zuul <zuul@review.opendev.org> | 2019-10-13 20:46:59 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2019-10-13 20:46:59 +0000 |
commit | da1e227c8c80e4c280d172c4e830b6d27a17d86f (patch) | |
tree | 812816b987e33fe56c4639ee1d07e679492d8e98 | |
parent | 6e835286f198276de883370e0aa9a48d82ac33f2 (diff) | |
parent | 895d8f3f7a8714d13636ff7113db11b764927998 (diff) | |
download | python-jenkins-job-builder-da1e227c8c80e4c280d172c4e830b6d27a17d86f.tar.gz python-jenkins-job-builder-da1e227c8c80e4c280d172c4e830b6d27a17d86f.tar.xz python-jenkins-job-builder-da1e227c8c80e4c280d172c4e830b6d27a17d86f.zip |
Merge "Fix Authorization properties for folder and job in Folder"
-rw-r--r-- | jenkins_jobs/modules/properties.py | 34 | ||||
-rw-r--r-- | tests/yamlparser/fixtures/project_folder_template003.xml | 25 | ||||
-rw-r--r-- | tests/yamlparser/fixtures/project_folder_template003.yaml | 9 |
3 files changed, 65 insertions, 3 deletions
diff --git a/jenkins_jobs/modules/properties.py b/jenkins_jobs/modules/properties.py index 211f5393..342841f8 100644 --- a/jenkins_jobs/modules/properties.py +++ b/jenkins_jobs/modules/properties.py @@ -509,6 +509,9 @@ def authorization(registry, xml_parent, data): :language: yaml """ + # get the folder name if it exists + in_a_folder = data.pop("_use_folder_perms") + credentials = "com.cloudbees.plugins.credentials.CredentialsProvider." ownership = "com.synopsys.arc.jenkins.plugins.ownership.OwnershipPlugin." @@ -536,9 +539,23 @@ def authorization(registry, xml_parent, data): } if data: - matrix = XML.SubElement( - xml_parent, "hudson.security.AuthorizationMatrixProperty" - ) + if in_a_folder: + matrix = XML.SubElement( + xml_parent, + "com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty", + ) + XML.SubElement( + matrix, + "inheritanceStrategy", + { + "class": "org.jenkinsci.plugins.matrixauth.inheritance.InheritParentStrategy" + }, + ) + else: + matrix = XML.SubElement( + xml_parent, "hudson.security.AuthorizationMatrixProperty" + ) + for (username, perms) in data.items(): for perm in perms: pe = XML.SubElement(matrix, "permission") @@ -1234,4 +1251,15 @@ class Properties(jenkins_jobs.modules.base.Base): properties = XML.SubElement(xml_parent, "properties") for prop in data.get("properties", []): + # Pass a flag for folder permissions to the authorization method + if next(iter(prop)) == "authorization": + # Only projects are placed in folders + if "project-type" in data: + if data["project-type"] == "folder": + prop["authorization"]["_use_folder_perms"] = True + else: + prop["authorization"]["_use_folder_perms"] = "folder" in data + else: + prop["authorization"]["_use_folder_perms"] = False + self.registry.dispatch("property", properties, prop) diff --git a/tests/yamlparser/fixtures/project_folder_template003.xml b/tests/yamlparser/fixtures/project_folder_template003.xml new file mode 100644 index 00000000..717ab44d --- /dev/null +++ b/tests/yamlparser/fixtures/project_folder_template003.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="utf-8"?> +<com.cloudbees.hudson.plugins.folder.Folder plugin="cloudbees-folder"> + <icon class="com.cloudbees.hudson.plugins.folder.icons.StockFolderIcon"/> + <views/> + <viewsTabBar class="hudson.views.DefaultViewsTabBar"/> + <primaryView>All</primaryView> + <healthMetrics/> + <actions/> + <description>foo bar<!-- Managed by Jenkins Job Builder --></description> + <keepDependencies>false</keepDependencies> + <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding> + <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding> + <concurrentBuild>false</concurrentBuild> + <canRoam>true</canRoam> + <properties> + <com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty> + <inheritanceStrategy class="org.jenkinsci.plugins.matrixauth.inheritance.InheritParentStrategy"/> + <permission>hudson.model.Item.Read:foobar</permission> + <permission>hudson.model.Item.ExtendedRead:foobar</permission> + </com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty> + </properties> + <scm class="hudson.scm.NullSCM"/> + <publishers/> + <buildWrappers/> +</com.cloudbees.hudson.plugins.folder.Folder> diff --git a/tests/yamlparser/fixtures/project_folder_template003.yaml b/tests/yamlparser/fixtures/project_folder_template003.yaml new file mode 100644 index 00000000..af214cee --- /dev/null +++ b/tests/yamlparser/fixtures/project_folder_template003.yaml @@ -0,0 +1,9 @@ +- job: + name: folder_with_auth + project-type: folder + description: foo bar + properties: + - authorization: + foobar: + - 'job-read' + - 'job-extended-read' |