Merge pull request #92 from Wadeck/SPEED_UP_API_TOKEN_AUTHORITIES

[JENKINS-48412] Fix authorities retrieval for API Token
jenkinsci · Dec 7, 2017 · 393ada3 · 393ada3
2 parents 7e13146 + 99e3d13
commit 393ada3
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 50 deletions.
diff --git a/src/main/java/org/jenkinsci/plugins/GithubAuthenticationToken.java b/src/main/java/org/jenkinsci/plugins/GithubAuthenticationToken.java
@@ -409,53 +409,4 @@ public GithubOAuthUserDetails getUserDetails(String username) throws IOException
         }
         return null;
     }
-
-    public GrantedAuthority[] getGrantedAuthorities(GHUser user) {
-        List<GrantedAuthority> groups = new ArrayList<GrantedAuthority>();
-        groups.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
-
-        try {
-            GHPersonSet<GHOrganization> orgs;
-            if(myRealm == null) {
-                Jenkins jenkins = Jenkins.getInstance();
-                if (jenkins == null) {
-                    throw new IllegalStateException("Jenkins not started");
-                }
-                myRealm = (GithubSecurityRealm) jenkins.getSecurityRealm();
-            }
-            //Search for scopes that allow fetching team membership.  This is documented online.
-            //https://developer.github.com/v3/orgs/#list-your-organizations
-            //https://developer.github.com/v3/orgs/teams/#list-user-teams
-            if(this.userName.equals(user.getLogin()) && (myRealm.hasScope("read:org") || myRealm.hasScope("admin:org") || myRealm.hasScope("user") || myRealm.hasScope("repo"))) {
-                //This allows us to search for private organization membership.
-                orgs = getMyself().getAllOrganizations();
-            } else {
-                //This searches for public organization membership.
-                orgs = user.getOrganizations();
-            }
-            for (GHOrganization ghOrganization : orgs) {
-                String orgLogin = ghOrganization.getLogin();
-                LOGGER.log(Level.FINE, "Fetch teams for user " + user.getLogin() + " in organization " + orgLogin);
-                groups.add(new GrantedAuthorityImpl(orgLogin));
-                try {
-                    if (!getMyself().isMemberOf(ghOrganization)) {
-                        continue;
-                    }
-                    Map<String, GHTeam> teams = ghOrganization.getTeams();
-                    for (Map.Entry<String, GHTeam> entry : teams.entrySet()) {
-                        GHTeam team = entry.getValue();
-                        if (team.hasMember(user)) {
-                            groups.add(new GrantedAuthorityImpl(orgLogin + GithubOAuthGroupDetails.ORG_TEAM_SEPARATOR
-                                    + team.getName()));
-                        }
-                    }
-                } catch (IOException | Error ignore) {
-                    LOGGER.log(Level.FINEST, "not enough rights to list teams from " + orgLogin, ignore);
-                }
-            }
-        } catch(IOException e) {
-            LOGGER.log(Level.FINE, e.getMessage(), e);
-        }
-        return groups.toArray(new GrantedAuthority[groups.size()]);
-    }
 }
diff --git a/src/main/java/org/jenkinsci/plugins/GithubOAuthUserDetails.java b/src/main/java/org/jenkinsci/plugins/GithubOAuthUserDetails.java
@@ -43,7 +43,7 @@ public GrantedAuthority[] getAuthorities() {
             try {
                 GHUser user = authenticationToken.loadUser(getUsername());
                 if(user != null) {
-                    setAuthorities(authenticationToken.getGrantedAuthorities(user));
+                    setAuthorities(authenticationToken.getAuthorities());
                 }
             } catch (IOException e) {
                 throw new RuntimeException(e);