forked from jenkinsci/matrix-auth-plugin
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathInheritanceMigrationTest.java
More file actions
99 lines (90 loc) · 5.52 KB
/
InheritanceMigrationTest.java
File metadata and controls
99 lines (90 loc) · 5.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
package org.jenkinsci.plugins.matrixauth.inheritance;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.not;
import com.cloudbees.hudson.plugins.folder.Folder;
import com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty;
import hudson.XmlFile;
import hudson.model.Item;
import hudson.model.Job;
import hudson.model.User;
import hudson.security.ProjectMatrixAuthorizationStrategy;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.jvnet.hudson.test.JenkinsRule;
import org.jvnet.hudson.test.recipes.LocalData;
public class InheritanceMigrationTest {
@Rule
public JenkinsRule j = new JenkinsRule();
@Test
@LocalData
@SuppressWarnings("deprecation")
public void testInheritanceMigration() throws Exception {
Assert.assertTrue(j.jenkins.getAuthorizationStrategy() instanceof ProjectMatrixAuthorizationStrategy);
{
Folder folder = (Folder) j.jenkins.getItemByFullName("folder");
Assert.assertNotNull(folder);
assertThat(folder.getConfigFile().asString(), containsString("blocksInheritance"));
AuthorizationMatrixProperty prop = (folder).getProperties().get(AuthorizationMatrixProperty.class);
Assert.assertTrue(prop.isBlocksInheritance());
Assert.assertTrue(prop.getInheritanceStrategy() instanceof NonInheritingStrategy);
Assert.assertTrue(prop.hasExplicitPermission("admin", Item.CONFIGURE));
Assert.assertTrue(prop.hasExplicitPermission("admin", Item.READ));
Assert.assertTrue(prop.hasExplicitPermission("admin", Item.CREATE));
Assert.assertFalse(folder.getACL().hasPermission(User.get("alice").impersonate(), Item.READ));
Assert.assertFalse(folder.getACL().hasPermission(User.get("bob").impersonate(), Item.READ));
folder.save();
assertThat(folder.getConfigFile().asString(), not(containsString("blocksInheritance")));
folder = (Folder) j.jenkins.getItemByFullName("folder1");
Assert.assertNotNull(folder);
assertThat(folder.getConfigFile().asString(), containsString("blocksInheritance"));
prop = (folder).getProperties().get(AuthorizationMatrixProperty.class);
Assert.assertTrue(prop.isBlocksInheritance());
Assert.assertTrue(prop.getInheritanceStrategy() instanceof NonInheritingStrategy);
Assert.assertTrue(prop.hasExplicitPermission("admin", Item.CONFIGURE));
Assert.assertFalse(prop.hasExplicitPermission("admin", Item.READ));
Assert.assertTrue(folder.getACL()
.hasPermission(
User.get("admin").impersonate(),
Item.READ)); // change from before (JENKINS-24878/JENKINS-37904)
Assert.assertTrue(folder.getACL().hasPermission(User.get("admin").impersonate(), Item.CONFIGURE));
Assert.assertTrue(prop.hasExplicitPermission("alice", Item.CONFIGURE));
Assert.assertTrue(prop.hasExplicitPermission("alice", Item.READ));
Assert.assertTrue(folder.getACL().hasPermission(User.get("alice").impersonate(), Item.READ));
Assert.assertFalse(prop.hasPermission("bob", Item.READ));
Assert.assertFalse(folder.getACL().hasPermission(User.get("bob").impersonate(), Item.READ));
folder.save();
assertThat(folder.getConfigFile().asString(), not(containsString("blocksInheritance")));
}
{
Job<?, ?> job = (Job<?, ?>) j.jenkins.getItemByFullName("folder/inheritNone");
Assert.assertNotNull(job);
XmlFile configFile = job.getConfigFile();
assertThat("correct contents of " + configFile, configFile.asString(), containsString("blocksInheritance"));
hudson.security.AuthorizationMatrixProperty prop =
job.getProperty(hudson.security.AuthorizationMatrixProperty.class);
Assert.assertTrue(prop.isBlocksInheritance());
Assert.assertEquals(0, prop.getGrantedPermissions().size());
Assert.assertTrue(prop.getInheritanceStrategy() instanceof NonInheritingStrategy);
Assert.assertTrue(job.getACL()
.hasPermission(
User.get("admin").impersonate(),
Item.READ)); // change from before (JENKINS-24878/JENKINS-37904)
job.save();
assertThat(job.getConfigFile().asString(), not(containsString("blocksInheritance")));
job = (Job<?, ?>) j.jenkins.getItemByFullName("job");
Assert.assertNotNull(job);
assertThat(job.getConfigFile().asString(), containsString("blocksInheritance"));
prop = job.getProperty(hudson.security.AuthorizationMatrixProperty.class);
Assert.assertFalse(prop.isBlocksInheritance());
Assert.assertTrue(prop.getInheritanceStrategy() instanceof InheritParentStrategy);
Assert.assertTrue(job.getACL().hasPermission(User.get("bob").impersonate(), Item.READ));
Assert.assertTrue(job.getACL().hasPermission(User.get("alice").impersonate(), Item.READ));
Assert.assertTrue(job.getACL().hasPermission(User.get("admin").impersonate(), Item.READ));
Assert.assertTrue(job.getACL().hasPermission(User.get("admin").impersonate(), Item.CONFIGURE));
job.save();
assertThat(job.getConfigFile().asString(), not(containsString("blocksInheritance")));
}
}
}