jenkinsci · daniel-beck · Jan 28, 2021 · Mar 16, 2022 · Mar 16, 2022 · jglick
@@ -60,6 +60,7 @@
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.verb.GET;
+import org.kohsuke.stapler.verb.POST;
 
 import java.io.IOException;
 import java.util.Collections;
@@ -99,7 +100,7 @@
    protected AuthorizationMatrixProperty() {
    }

    // TODO(3.0) How is this used?
    @Deprecated
    public AuthorizationMatrixProperty(Map<Permission,? extends Set<String>> grantedPermissions) {
        for (Map.Entry<Permission,? extends Set<String>> e : grantedPermissions.entrySet()) {
@@ -166,6 +167,7 @@
         }
 
         @GET
+        @POST
         public FormValidation doCheckName(@AncestorInPath AbstractFolder<?> folder, @QueryParameter String value) {
             return doCheckName_(value, folder, Item.CONFIGURE);
         }

@@ -72,6 +72,7 @@
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.verb.GET;
+import org.kohsuke.stapler.verb.POST;
 
 /**
  * {@link JobProperty} to associate ACL for each project.
@@ -79,7 +80,7 @@
 * <p>
 * Once created (and initialized), this object becomes immutable.
 */
 // TODO attempt to make this OptionalJobProperty
 public class AuthorizationMatrixProperty extends JobProperty<Job<?, ?>> implements AuthorizationProperty {

    private final transient SidACL acl = new AclImpl();
@@ -109,7 +110,7 @@
    /**
     * @since 3.0
     */
    // TODO(3.0) is this even needed? Why is the no-arg constructor private?
    public AuthorizationMatrixProperty(Map<Permission, Set<PermissionEntry>> grantedPermissions, InheritanceStrategy inheritanceStrategy) {
        this.inheritanceStrategy = inheritanceStrategy;
        grantedPermissions.forEach((key, value) -> {
@@ -205,6 +206,7 @@
         }
 
         @GET
+        @POST
         public FormValidation doCheckName(@AncestorInPath Job<?, ?> project, @QueryParameter String value) {
             return doCheckName_(value, project, Item.CONFIGURE);
         }

@@ -44,6 +44,8 @@
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.verb.GET;
+import org.kohsuke.stapler.verb.POST;
 
 import java.util.Arrays;
 import java.util.Collections;
@@ -62,7 +64,7 @@
 /**
 * Role-based authorization via a matrix.
 */
 // TODO: think about the concurrency commitment of this class
 public class GlobalMatrixAuthorizationStrategy extends AuthorizationStrategy implements AuthorizationContainer {
    private final transient SidACL acl = new AclImpl();

@@ -164,7 +166,7 @@

        @Override
        public AuthorizationStrategy newInstance(StaplerRequest req, @NonNull JSONObject formData) throws FormException {
            // TODO Is there a way to pull this up into AuthorizationContainerDescriptor and share code with AuthorizationPropertyDescriptor?
            GlobalMatrixAuthorizationStrategy globalMatrixAuthorizationStrategy = create();
            Map<String,Object> data = formData.getJSONObject("data");

@@ -218,6 +220,8 @@
         }
 
         @Restricted(NoExternalUse.class)
+        @GET
+        @POST
         public FormValidation doCheckName(@QueryParameter String value ) {
             return doCheckName_(value, Jenkins.get(), Jenkins.ADMINISTER);
         }

@@ -13,6 +13,8 @@
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.DoNotUse;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
+import org.kohsuke.stapler.verb.GET;
+import org.kohsuke.stapler.verb.POST;
 
 import edu.umd.cs.findbugs.annotations.NonNull;
 
@@ -140,6 +142,8 @@
 
     // Not used directly by Stapler due to the trailing _ (this prevented method confusion around 1.415).
     @Restricted(NoExternalUse.class)
+    @GET
+    @POST
     default FormValidation doCheckName_(@NonNull String value, @NonNull AccessControlled subject, @NonNull Permission permission) {
 
         final String unbracketedValue = value.substring(1, value.length() - 1); // remove leading [ and trailing ]
@@ -191,13 +195,13 @@
                    if (groupValidation != null) {
                        return groupValidation;
                    }
                    return FormValidation.errorWithMarkup(formatNonExistentUserGroupValidationResponse(escapedSid, "Group not found")); // TODO i18n (after 3.0)
                case USER:
                    userValidation = ValidationUtil.validateUser(sid, sr, false);
                    if (userValidation != null) {
                        return userValidation;
                    }
                    return FormValidation.errorWithMarkup(formatNonExistentUserGroupValidationResponse(escapedSid, "User not found")); // TODO i18n (after 3.0)
                case EITHER:
                    userValidation = ValidationUtil.validateUser(sid, sr, true);
                    if (userValidation != null) {
@@ -207,7 +211,7 @@
                    if (groupValidation != null) {
                        return groupValidation;
                    }
                    return FormValidation.errorWithMarkup(formatNonExistentUserGroupValidationResponse(escapedSid, "User or group not found")); // TODO i18n (after 3.0)
                default:
                    return FormValidation.error("Unexpected type: " + type);
            }

@@ -49,6 +49,8 @@
 import org.kohsuke.stapler.AncestorInPath;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.verb.GET;
+import org.kohsuke.stapler.verb.POST;
 
 import edu.umd.cs.findbugs.annotations.CheckForNull;
 import edu.umd.cs.findbugs.annotations.NonNull;
@@ -179,6 +181,8 @@ public String getDisplayName() {
         }
 
         @Restricted(DoNotUse.class)
+        @GET
+        @POST
         public FormValidation doCheckName(@AncestorInPath Computer computer, @QueryParameter String value) {
             // Computer isn't a DescriptorByNameOwner before Jenkins 2.78, and then @AncestorInPath doesn't work
             return doCheckName_(value,