[JENKINS-64858] - Enabled support for Job DSL plugin (#99)

jenkinsci · Mar 29, 2021 · 34fa2ad · 34fa2ad
1 parent 73829b8
commit 34fa2ad
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 4 deletions.
diff --git a/src/main/java/com/microsoft/jenkins/azuread/AzureAdAuthorizationMatrixFolderProperty.java b/src/main/java/com/microsoft/jenkins/azuread/AzureAdAuthorizationMatrixFolderProperty.java
@@ -1,16 +1,31 @@
 package com.microsoft.jenkins.azuread;
 
+import com.cloudbees.hudson.plugins.folder.AbstractFolder;
+import com.cloudbees.hudson.plugins.folder.AbstractFolderPropertyDescriptor;
 import com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty;
 import hudson.Extension;
 import hudson.model.AutoCompletionCandidates;
+import hudson.model.Item;
 import hudson.security.Permission;
+import hudson.security.PermissionScope;
+import hudson.util.FormValidation;
 import jenkins.model.Jenkins;
+import net.sf.json.JSONObject;
+import org.jenkinsci.Symbol;
 import org.jenkinsci.plugins.matrixauth.AbstractAuthorizationPropertyConverter;
+import org.jenkinsci.plugins.matrixauth.AuthorizationPropertyDescriptor;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;
+import org.kohsuke.stapler.AncestorInPath;
+import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.verb.GET;
 
 import javax.annotation.Nonnull;
 import java.io.IOException;
+import java.util.List;
 
 public class AzureAdAuthorizationMatrixFolderProperty extends AuthorizationMatrixProperty {
 
@@ -19,6 +34,14 @@ public class AzureAdAuthorizationMatrixFolderProperty extends AuthorizationMatri
     protected AzureAdAuthorizationMatrixFolderProperty() {
     }
 
+    @DataBoundConstructor
+    @Restricted(NoExternalUse.class)
+    public AzureAdAuthorizationMatrixFolderProperty(List<String> permissions) {
+        for (String permission : permissions) {
+            add(permission);
+        }
+    }
+
     @Override
     public void add(Permission p, String sid) {
         super.add(p, sid);
@@ -43,18 +66,36 @@ public boolean hasPermission(String sid, Permission p) {
     }
 
     @Extension(optional = true)
-    public static class DescriptorImpl extends AuthorizationMatrixProperty.DescriptorImpl {
+    @Symbol("azureAdAuthorizationMatrix")
+    @SuppressRestrictedWarnings(AuthorizationPropertyDescriptor.class)
+    public static class DescriptorImpl extends AbstractFolderPropertyDescriptor implements
+            AuthorizationPropertyDescriptor<AzureAdAuthorizationMatrixFolderProperty> {
 
         @Override
-        public AuthorizationMatrixProperty create() {
+        public AzureAdAuthorizationMatrixFolderProperty create() {
             return new AzureAdAuthorizationMatrixFolderProperty();
         }
 
+        @Override
+        public PermissionScope getPermissionScope() {
+            return PermissionScope.ITEM_GROUP;
+        }
+
+        @Override
+        public AuthorizationMatrixProperty newInstance(StaplerRequest req, JSONObject formData) throws FormException {
+            return createNewInstance(req, formData, true);
+        }
+
         @Override
         public boolean isApplicable() {
             return Jenkins.get().getAuthorizationStrategy() instanceof AzureAdMatrixAuthorizationStrategy;
         }
 
+        @GET
+        public FormValidation doCheckName(@AncestorInPath AbstractFolder<?> folder, @QueryParameter String value) {
+            return doCheckName_(value, folder, Item.CONFIGURE);
+        }
+
         @Override
         @Nonnull
         public String getDisplayName() {

diff --git a/src/main/java/com/microsoft/jenkins/azuread/AzureAdAuthorizationMatrixProperty.java b/src/main/java/com/microsoft/jenkins/azuread/AzureAdAuthorizationMatrixProperty.java
@@ -2,17 +2,33 @@
 
 import hudson.Extension;
 import hudson.model.AutoCompletionCandidates;
+import hudson.model.Item;
+import hudson.model.Job;
+import hudson.model.JobProperty;
+import hudson.model.JobPropertyDescriptor;
 import hudson.security.AuthorizationMatrixProperty;
 import hudson.security.Permission;
+import hudson.security.PermissionScope;
+import hudson.util.FormValidation;
 import jenkins.model.Jenkins;
+import net.sf.json.JSONObject;
+import org.jenkinsci.Symbol;
 import org.jenkinsci.plugins.matrixauth.AbstractAuthorizationPropertyConverter;
 import org.jenkinsci.plugins.matrixauth.AuthorizationProperty;
+import org.jenkinsci.plugins.matrixauth.AuthorizationPropertyDescriptor;
+import org.kohsuke.accmod.Restricted;
+import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;
+import org.kohsuke.stapler.AncestorInPath;
+import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.verb.GET;
 
 import javax.annotation.Nonnull;
 import java.io.IOException;
 import java.util.Collections;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
@@ -29,6 +45,15 @@ public AzureAdAuthorizationMatrixProperty(Map<Permission, Set<String>> grantedPe
         refreshMap();
     }
 
+    @DataBoundConstructor
+    @Restricted(NoExternalUse.class)
+    public AzureAdAuthorizationMatrixProperty(List<String> permissions) {
+        this();
+        for (String permission : permissions) {
+            add(permission);
+        }
+    }
+
     void refreshMap() {
         for (String fullSid : this.getAllSIDs()) {
             objId2FullSidMap.putFullSid(fullSid);
@@ -67,18 +92,36 @@ public boolean hasPermission(String sid, Permission p, boolean principal) {
     }
 
     @Extension
-    public static class DescriptorImpl extends AuthorizationMatrixProperty.DescriptorImpl {
+    @Symbol("azureAdAuthorizationMatrix")
+    @SuppressRestrictedWarnings(AuthorizationPropertyDescriptor.class)
+    public static class DescriptorImpl extends JobPropertyDescriptor implements
+            AuthorizationPropertyDescriptor<AzureAdAuthorizationMatrixProperty> {
 
         @Override
-        public AuthorizationMatrixProperty create() {
+        public AzureAdAuthorizationMatrixProperty create() {
             return new AzureAdAuthorizationMatrixProperty();
         }
 
+        @Override
+        public PermissionScope getPermissionScope() {
+            return PermissionScope.ITEM;
+        }
+
+        @Override
+        public JobProperty<?> newInstance(StaplerRequest req, JSONObject formData) throws FormException {
+            return createNewInstance(req, formData, true);
+        }
+
         @Override
         public boolean isApplicable() {
             return Jenkins.get().getAuthorizationStrategy() instanceof AzureAdMatrixAuthorizationStrategy;
         }
 
+        @GET
+        public FormValidation doCheckName(@AncestorInPath Job<?, ?> project, @QueryParameter String value) {
+            return doCheckName_(value, project, Item.CONFIGURE);
+        }
+
         @Nonnull
         @Override
         public String getDisplayName() {