[JENKINS-38048] Permits credentialsId dropdowns to be used from a glo…

…bal configuration screen.
jenkinsci · Sep 8, 2016 · b52b095 · b52b095
1 parent f6ace83
commit b52b095
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 7 deletions.
diff --git a/src/main/java/hudson/plugins/git/UserRemoteConfig.java b/src/main/java/hudson/plugins/git/UserRemoteConfig.java
@@ -5,7 +5,6 @@
 import com.cloudbees.plugins.credentials.common.StandardCredentials;
 import com.cloudbees.plugins.credentials.common.StandardListBoxModel;
 import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials;
-import com.cloudbees.plugins.credentials.domains.URIRequirementBuilder;
 import hudson.EnvVars;
 import hudson.Extension;
 import hudson.Util;
@@ -36,6 +35,7 @@
 
 import static hudson.Util.fixEmpty;
 import static hudson.Util.fixEmptyAndTrim;
+import javax.annotation.CheckForNull;
 
 @ExportedBean
 public class UserRemoteConfig extends AbstractDescribableImpl<UserRemoteConfig> implements Serializable {
@@ -85,7 +85,8 @@ public static class DescriptorImpl extends Descriptor<UserRemoteConfig> {
         public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item project,
                                                      @QueryParameter String url,
                                                      @QueryParameter String credentialsId) {
-            if (project == null || !project.hasPermission(Item.EXTENDED_READ)) {
+            if (project == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
+                project != null && !project.hasPermission(Item.EXTENDED_READ)) {
                 return new StandardListBoxModel().includeCurrentValue(credentialsId);
             }
             return new StandardListBoxModel()
@@ -104,7 +105,8 @@ public ListBoxModel doFillCredentialsIdItems(@AncestorInPath Item project,
         public FormValidation doCheckCredentialsId(@AncestorInPath Item project,
                                                    @QueryParameter String url,
                                                    @QueryParameter String value) {
-            if (project == null || !project.hasPermission(Item.EXTENDED_READ)) {
+            if (project == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
+                project != null && !project.hasPermission(Item.EXTENDED_READ)) {
                 return FormValidation.ok();
             }
 
@@ -149,7 +151,8 @@ public FormValidation doCheckUrl(@AncestorInPath Item item,
 
             // Normally this permission is hidden and implied by Item.CONFIGURE, so from a view-only form you will not be able to use this check.
             // (TODO under certain circumstances being granted only USE_OWN might suffice, though this presumes a fix of JENKINS-31870.)
-            if (item == null || !item.hasPermission(CredentialsProvider.USE_ITEM)) {
+            if (item == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
+                item != null && !item.hasPermission(CredentialsProvider.USE_ITEM)) {
                 return FormValidation.ok();
             }
 
@@ -185,7 +188,7 @@ public FormValidation doCheckUrl(@AncestorInPath Item item,
             return FormValidation.ok();
         }
 
-        private static StandardCredentials lookupCredentials(Item project, String credentialId, String uri) {
+        private static StandardCredentials lookupCredentials(@CheckForNull Item project, String credentialId, String uri) {
             return (credentialId == null) ? null : CredentialsMatchers.firstOrNull(
                         CredentialsProvider.lookupCredentials(StandardCredentials.class, project, ACL.SYSTEM,
                                 GitURIRequirementsBuilder.fromUri(uri).build()),

diff --git a/src/main/java/jenkins/plugins/git/GitSCMSource.java b/src/main/java/jenkins/plugins/git/GitSCMSource.java
@@ -192,7 +192,8 @@ public String getDisplayName() {
         public ListBoxModel doFillCredentialsIdItems(@AncestorInPath SCMSourceOwner context,
                                                      @QueryParameter String remote,
                                                      @QueryParameter String credentialsId) {
-            if (context == null || !context.hasPermission(Item.EXTENDED_READ)) {
+            if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
+                context != null && !context.hasPermission(Item.EXTENDED_READ)) {
                 return new StandardListBoxModel().includeCurrentValue(credentialsId);
             }
             return new StandardListBoxModel()
@@ -209,7 +210,8 @@ public ListBoxModel doFillCredentialsIdItems(@AncestorInPath SCMSourceOwner cont
         public FormValidation doCheckCredentialsId(@AncestorInPath SCMSourceOwner context,
                                                    @QueryParameter String url,
                                                    @QueryParameter String value) {
-            if (context == null || !context.hasPermission(Item.EXTENDED_READ)) {
+            if (context == null && !Jenkins.getActiveInstance().hasPermission(Jenkins.ADMINISTER) ||
+                context != null && !context.hasPermission(Item.EXTENDED_READ)) {
                 return FormValidation.ok();
             }