Skip to content

Commit

Permalink
change the switch for checking auth providers to compare class names …
Browse files Browse the repository at this point in the history 
…as strings
  • Loading branch information
@damoxc
damoxc committed Oct 9, 2015
1 parent 4ffddf7 commit e793f47
Showing 1 changed file with 44 additions and 42 deletions.
86 changes: 44 additions & 42 deletions files/puppet_helper.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -632,13 +632,14 @@ class Actions {
def j = Jenkins.getInstance()
def realm = j.getSecurityRealm()

def className = realm.getClass().getName()
def config
switch (realm) {
switch (className) {
// "Jenkins’ own user database"
case hudson.security.HudsonPrivateSecurityRealm:
case 'hudson.security.HudsonPrivateSecurityRealm':
config = [
setSecurityRealm: [
(realm.getClass().getName()): [
(className): [
realm.allows#(),
realm.isEnableCaptcha(),
null,
Expand All @@ -648,10 +649,10 @@ class Actions {
break

// "Unix user/group database"
case hudson.security.PAMSecurityRealm:
case 'hudson.security.PAMSecurityRealm':
config = [
setSecurityRealm: [
(realm.getClass().getName()): [
(className): [
// there is no accessor for the serviceName field
realm.@serviceName
],
Expand All @@ -661,10 +662,10 @@ class Actions {

// active-directory
// ActiveDirectorySecurityRealm(String domain, String site, String bindName, String bindPassword, String server)
case hudson.plugins.active_directory.ActiveDirectorySecurityRealm:
case 'hudson.plugins.active_directory.ActiveDirectorySecurityRealm':
config = [
setSecurityRealm: [
(realm.getClass().getName()): [
(className): [
realm.domain,
realm.site,
realm.bindName,
Expand All @@ -680,19 +681,19 @@ class Actions {
// public LDAPSecurityRealm(String server, String rootDN, String userSearchBase, String userSearch, String groupSearchBase, String groupSearchFilter, LDAPGroupMembershipStrategy groupMembershipStrategy, String managerDN, Secret managerPasswordSecret, boolean inhibitInferRootDN, boolean disableMailAddressResolver, CacheConfiguration cache, EnvironmentProperty[] environmentProperties, String displayNameAttributeName, String mailAddressAttributeName, IdStrategy userIdStrategy, IdStrategy groupIdStrategy)

// github-oauth
// case org.jenkinsci.plugins.GithubSecurityRealm:
// config = [
// setSecurityRealm: [
// (realm.getClass().getName()): [
// realm.getGithubWebUri(),
// realm.getGithubApiUri(),
// realm.getClientID(),
// realm.getClientSecret(),
// realm.getOauthScopes(),
// ],
// ],
// ]
// break
case 'org.jenkinsci.plugins.GithubSecurityRealm':
config = [
setSecurityRealm: [
(className): [
realm.getGithubWebUri(),
realm.getGithubApiUri(),
realm.getClientID(),
realm.getClientSecret(),
realm.getOauthScopes(),
],
],
]
break

// constructor with no arguments
// "Delegate to servlet container"
Expand All @@ -717,45 +718,46 @@ class Actions {
def j = Jenkins.getInstance()
def strategy = j.getAuthorizationStrategy()

def className = strategy.getClass().getName()
def config
switch (strategy) {
// github-oauth
// case org.jenkinsci.plugins.GithubAuthorizationStrategy:
// config = [
// setAuthorizationStrategy: [
// (strategy.getClass().getName()): [
// strategy.adminUserNames,
// strategy.authenticatedUserReadPermission,
// strategy.useRepositoryPermissions,
// strategy.authenticatedUserCreateJobPermission,
// strategy.organizationNames,
// strategy.allowGithubWebHookPermission,
// strategy.allowCcTrayPermission,
// strategy.allowAnonymousReadPermission,
// ],
// ],
// ]
// break
case 'org.jenkinsci.plugins.GithubAuthorizationStrategy':
config = [
setAuthorizationStrategy: [
(className): [
strategy.adminUserNames,
strategy.authenticatedUserReadPermission,
strategy.useRepositoryPermissions,
strategy.authenticatedUserCreateJobPermission,
strategy.organizationNames,
strategy.allowGithubWebHookPermission,
strategy.allowCcTrayPermission,
strategy.allowAnonymousReadPermission,
],
],
]
break

// constructor with no arguments
// "Anyone can do anything"
case hudson.security.AuthorizationStrategy$Unsecured:
case 'hudson.security.AuthorizationStrategy$Unsecured':
// "Legacy mode"
case hudson.security.LegacyAuthorizationStrategy:
case 'hudson.security.LegacyAuthorizationStrategy':
// "Logged-in users can do anything"
case hudson.security.FullControlOnceLoggedInAuthorizationStrategy:
case 'hudson.security.FullControlOnceLoggedInAuthorizationStrategy':
// "Matrix-based security"
case hudson.security.GlobalMatrixAuthorizationStrategy:
case 'hudson.security.GlobalMatrixAuthorizationStrategy':
// technically, you can select this class but it will "brick" the
// authorization strategy without additional method calls to configure
// the matrix which are not presently supported
// "Project-based Matrix Authorization Strategy"
case hudson.security.ProjectMatrixAuthorizationStrategy:
case 'hudson.security.ProjectMatrixAuthorizationStrategy':
// same issue as hudson.security.GlobalMatrixAuthorizationStrategy
default:
config = [
setAuthorizationStrategy: [
(strategy.getClass().getName()): [],
(className): [],
],
]
}
Expand Down

0 comments on commit e793f47

Please # to comment.