Skip to content

Commit

Permalink
[FIXED JENKINS-33872] User should be able to view their own credentials
Browse files Browse the repository at this point in the history
  • Loading branch information
@stephenc
stephenc committed May 23, 2016
1 parent da3149f commit db3664c
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 43 deletions.
30 changes: 1 addition & 29 deletions src/main/java/com/cloudbees/plugins/credentials/UserCredentialsProvider.java
View file
Expand Up @@ -382,7 +382,7 @@ private synchronized boolean addCredentials(@NonNull Domain domain, @NonNull Cre
@NonNull
private synchronized List<Credentials> getCredentials(@NonNull Domain domain) {
// TODO switch to Jenkins.getInstance() once 2.0+ is the baseline
if (Jenkins.getActiveInstance().hasPermission(CredentialsProvider.VIEW)) {
if (user.equals(User.current())) {
List<Credentials> list = getDomainCredentialsMap().get(domain);
if (list == null || list.isEmpty()) {
return Collections.emptyList();
Expand Down Expand Up @@ -460,12 +460,6 @@ private void save() throws IOException {
*/
@Override
public UserProperty reconfigure(StaplerRequest req, JSONObject form) throws Descriptor.FormException {
User selUser = req.findAncestorObject(User.class);
User curUser = User.current();
// only process changes to this property for the current user
if (selUser != null && curUser != null && selUser.getId().equals(curUser.getId())) {
return getDescriptor().newInstance(req, form);
}
return this;
}

Expand Down Expand Up @@ -500,28 +494,6 @@ public String getDisplayName() {
return Messages.UserCredentialsProvider_DisplayName();
}

/**
* Whether the credentials should be visible on the user's configure screen.
*
* @return true if and only if the current request is the current user's configuration screen.
*/
@SuppressWarnings("unused") // used by stapler
public boolean isVisible() {
if (!isEnabled()) {
// no point bothering the user if there are no credentials aware plugins installed.
return false;
}
StaplerRequest req = Stapler.getCurrentRequest();
if (req == null) {
// does not make sense to pretend to be enabled outside of a stapler request
return false;
}
User selUser = req.findAncestorObject(User.class);
User curUser = User.current();
// only enable this property for the current user
return selUser != null && curUser != null && selUser.equals(curUser);
}

/**
* Gets all the credentials descriptors.
*
Expand Down
26 changes: 12 additions & 14 deletions ...loudbees/plugins/credentials/UserCredentialsProvider/UserCredentialsProperty/config.jelly
View file
Expand Up @@ -24,18 +24,16 @@
-->
<?jelly escape-by-default='true'?>
<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:c="/lib/credentials">
<j:invokeStatic var="allCredentials" className="com.cloudbees.plugins.credentials.CredentialsProvider"
method="allCredentialsDescriptors"/>
<j:if test="${descriptor.visible}">
<f:block>
<c:domainCredentials name="domainCredentials" domainCredentials="${instance.domainCredentials}"
specificationDescriptors="${descriptor.specificationDescriptors}"
credentialDescriptors="${instance.credentialDescriptors}"/>
</f:block>
</j:if>
<j:if test="${!descriptor.visible}">
<f:block>
${%Credentials are only available to the user they belong to}
</f:block>
</j:if>
<j:choose>
<j:when test="${descriptor.visible}">
<f:block>
${%blurb}
</f:block>
</j:when>
<j:otherwise>
<f:block>
${%Credentials are only available to the user they belong to}
</f:block>
</j:otherwise>
</j:choose>
</j:jelly>
1 change: 1 addition & 0 deletions ...ees/plugins/credentials/UserCredentialsProvider/UserCredentialsProperty/config.properties
View file
@@ -0,0 +1 @@
blurb=Credentials are managed from the <a href="credentials/store/user">Credentials</a> screen.

0 comments on commit db3664c

Please sign in to comment.