Skip to content

Commit

Permalink
SECURITY-2321
Browse files Browse the repository at this point in the history
  • Loading branch information
gmcdonald committed Apr 8, 2022
1 parent 6cb3f46 commit b265201
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 2 deletions.
1 change: 1 addition & 0 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@

<properties>
<findbugs.failOnError>false</findbugs.failOnError>
<spotbugs.skip>true</spotbugs.skip>
<jenkins.version>2.289.1</jenkins.version>
<java.level>8</java.level>
</properties>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,16 @@

import hudson.Extension;
import hudson.model.Descriptor;
import hudson.model.Item;
import hudson.util.FormValidation;
import jenkins.model.Jenkins;
import jenkins.plugins.publish_over.BPBuildInfo;
import jenkins.plugins.publish_over_ftp.BapFtpCredentials;
import jenkins.plugins.publish_over_ftp.BapFtpHostConfiguration;
import jenkins.plugins.publish_over_ftp.BapFtpPublisherPlugin;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.interceptor.RequirePOST;
import org.kohsuke.stapler.AncestorInPath;

@Extension
public class BapFtpCredentialsDescriptor extends Descriptor<BapFtpCredentials> {
Expand All @@ -54,8 +57,14 @@ public FormValidation doCheckPassword(@QueryParameter final String value) {
return FormValidation.validateRequired(value);
}

@RequirePOST
public FormValidation doTestConnection(@QueryParameter final String configName, @QueryParameter final String username,
@QueryParameter final String password) {
@QueryParameter final String password, @AncestorInPath Item item) {
if (item == null) {
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
} else {
item.checkPermission(Item.CONFIGURE);
}
final BapFtpCredentials credentials = new BapFtpCredentials(username, password);
final BPBuildInfo buildInfo = BapFtpPublisherPluginDescriptor.createDummyBuildInfo();
buildInfo.put(BPBuildInfo.OVERRIDE_CREDENTIALS_CONTEXT_KEY, credentials);
Expand All @@ -69,4 +78,4 @@ public jenkins.plugins.publish_over.view_defaults.HostConfiguration.Messages get
return new jenkins.plugins.publish_over.view_defaults.HostConfiguration.Messages();
}

}
}
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
import jenkins.plugins.publish_over_ftp.BapFtpPublisherPlugin;
import jenkins.plugins.publish_over_ftp.Messages;
import org.kohsuke.stapler.QueryParameter;
import org.kohsuke.stapler.interceptor.RequirePOST;

@Extension
public class BapFtpHostConfigurationDescriptor extends Descriptor<BapFtpHostConfiguration> {
Expand Down Expand Up @@ -70,6 +71,7 @@ public FormValidation doCheckTimeout(@QueryParameter final String value) {
return FormValidation.validateNonNegativeInteger(value);
}

@RequirePOST
public FormValidation doTestConnection(@QueryParameter final String name, @QueryParameter final String hostname,
@QueryParameter final String username, @QueryParameter final String encryptedPassword,
@QueryParameter final String remoteRootDir, @QueryParameter final int port,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
import jenkins.plugins.publish_over_ftp.options.FtpPluginDefaults;
import net.sf.json.JSONObject;
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.interceptor.RequirePOST;

import java.util.List;

Expand Down Expand Up @@ -128,11 +129,13 @@ public jenkins.plugins.publish_over.view_defaults.manage_jenkins.Messages getCom
return new jenkins.plugins.publish_over.view_defaults.manage_jenkins.Messages();
}

@RequirePOST
public FormValidation doTestConnection(final String name, final String hostname, final String username,
final String encryptedPassword, final String remoteRootDir, final int port, final int timeout,
final boolean useActiveData, final String controlEncoding, final boolean disableMakeNestedDirs,
final boolean disableRemoteVerification, final boolean useFtpOverTls, final boolean useImplicitTls,
final String trustedCertificate) {
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
final BapFtpHostConfiguration hostConfig = new BapFtpHostConfiguration(name, hostname, username,
encryptedPassword, remoteRootDir, port, timeout, useActiveData, controlEncoding,
disableMakeNestedDirs, disableRemoteVerification);
Expand Down

0 comments on commit b265201

Please # to comment.