Skip to content

Commit

Permalink
Fix JENKINS-16916
Browse files Browse the repository at this point in the history 
- Updated ScriptContent to use better groovy setup.
- In default groovy script, add all content types as closures, these can
  be used like ${ENV(var: "BUILD_ID")} in the groovy template
  • Loading branch information
@slide
slide committed Feb 24, 2013
1 parent 9f207ef commit 88aa3db
Show file tree
Hide file tree
Showing 8 changed files with 165 additions and 152 deletions.
17 changes: 2 additions & 15 deletions src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java
View file
Expand Up @@ -372,26 +372,13 @@ private boolean sendMail(EmailType mailType, AbstractBuild<?, ?> build, BuildLis
return false;
}

/**
* Provides a sandbox for groovy scripts that disallows access to the Jenkins instance.
*/
private class PresendScriptSandbox extends GroovyValueFilter {
@Override
public Object filter(Object o) {
if(o instanceof Jenkins || o instanceof Hudson) {
throw new SecurityException("Use of 'jenkins' is disallowed by security policy");
}
return o;
}
}

private boolean executePresendScript(AbstractBuild<?, ?> build, BuildListener listener, MimeMessage msg)
throws RuntimeException {
boolean cancel = false;
if(StringUtils.isNotBlank(presendScript)) {
listener.getLogger().println("Executing pre-send script");
ClassLoader cl = Jenkins.getInstance().getPluginManager().uberClassLoader;
PresendScriptSandbox sandbox = null;
ScriptSandbox sandbox = null;
CompilerConfiguration cc = new CompilerConfiguration();
cc.addCompilationCustomizers(new ImportCustomizer().addStarImports(
"jenkins",
Expand All @@ -402,7 +389,7 @@ private boolean executePresendScript(AbstractBuild<?, ?> build, BuildListener li
if(ExtendedEmailPublisher.DESCRIPTOR.isSecurityEnabled()) {
debug(listener.getLogger(), "Setting up sandbox for pre-send script");
cc.addCompilationCustomizers(new SandboxTransformer());
sandbox = new PresendScriptSandbox();
sandbox = new ScriptSandbox();
}

Binding binding = new Binding();
Expand Down
1 change: 0 additions & 1 deletion src/main/java/hudson/plugins/emailext/ExtendedEmailPublisherDescriptor.java
View file
Expand Up @@ -280,7 +280,6 @@ public boolean isTokenMacroAvailable() {
@Override
public Publisher newInstance(StaplerRequest req, JSONObject formData)
throws hudson.model.Descriptor.FormException {

// Save configuration for each trigger type
ExtendedEmailPublisher m = new ExtendedEmailPublisher();
m.recipientList = formData.getString("recipientlist_recipients");
Expand Down
23 changes: 23 additions & 0 deletions src/main/java/hudson/plugins/emailext/ScriptSandbox.java
View file
@@ -0,0 +1,23 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package hudson.plugins.emailext;

import hudson.model.Hudson;
import jenkins.model.Jenkins;
import org.kohsuke.groovy.sandbox.GroovyValueFilter;

/**
* Provides a sandbox for groovy scripts that disallows access to the Jenkins
* instance.
*/
public class ScriptSandbox extends GroovyValueFilter {
@Override
public Object filter(Object o) {
if (o instanceof Jenkins || o instanceof Hudson) {
throw new SecurityException("Use of 'jenkins' is disallowed by security policy");
}
return o;
}
}
6 changes: 1 addition & 5 deletions src/main/java/hudson/plugins/emailext/plugins/ContentBuilder.java
View file
Expand Up @@ -10,9 +10,6 @@
import hudson.plugins.emailext.Util;
import hudson.tasks.Mailer;
import hudson.tasks.Publisher;

import jenkins.model.Jenkins;

import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedHashMap;
Expand All @@ -21,8 +18,7 @@
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import java.io.IOException;
import jenkins.model.Jenkins;

/**
* {@link Publisher} that sends notification e-mail.
Expand Down
1 change: 1 addition & 0 deletions src/main/java/hudson/plugins/emailext/plugins/EmailTrigger.java
View file
Expand Up @@ -67,6 +67,7 @@ protected int getNumFailures(AbstractBuild<?, ?> build) {
int result = 0;
AggregatedTestResultAction action = (AggregatedTestResultAction) a;
for (ChildReport cr : action.getChildReports()) {
if(cr == null || cr.child == null || cr.child.getParent() == null) continue;
if (cr.child.getParent().equals(build.getParent())) {
if (cr.result instanceof TestResult) {
TestResult tr = (TestResult) cr.result;
Expand Down

0 comments on commit 88aa3db

Please sign in to comment.