Skip to content

Commit

Permalink
Check permissions for abort and command commands [FIXED JENKINS-16232]
Browse files Browse the repository at this point in the history
  • Loading branch information
@kutzi
kutzi committed Jan 1, 2013
1 parent 85eb7f0 commit 5889fcc
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 4 deletions.
9 changes: 6 additions & 3 deletions src/main/java/hudson/plugins/im/bot/AbortCommand.java
View file
Expand Up @@ -6,6 +6,7 @@
import hudson.model.Executor;
import hudson.model.Hudson;
import hudson.plugins.im.Sender;
import hudson.security.Permission;

import java.util.Collection;
import java.util.Collections;
Expand All @@ -22,10 +23,8 @@ public Collection<String> getCommandNames() {
return Collections.singleton("abort");
}

private static final String HELP = " <job> - specify which job to abort";

public String getHelp() {
return HELP;
return " <job> - specify which job to abort";
}

@Override
Expand Down Expand Up @@ -65,4 +64,8 @@ protected CharSequence getMessageForJob(AbstractProject<?, ?> project, Sender se
}
}

@Override
protected Permission getRequiredPermission() {
return AbstractProject.ABORT;
}
}
9 changes: 8 additions & 1 deletion src/main/java/hudson/plugins/im/bot/AbstractSingleJobCommand.java
View file
Expand Up @@ -3,9 +3,10 @@
import hudson.model.AbstractProject;
import hudson.plugins.im.Sender;
import hudson.plugins.im.tools.MessageHelper;
import hudson.security.Permission;

/**
* Abstract job which works on a single job - without taking any further arguments.
* Abstract command which works on a single job.
*
* @author kutzi
*/
Expand Down Expand Up @@ -39,6 +40,8 @@ protected AbstractSingleJobCommand(int numberOfArguments) {
*/
protected abstract CharSequence getMessageForJob(AbstractProject<?, ?> job, Sender sender,
String[] arguments) throws CommandException;

protected abstract Permission getRequiredPermission();

@Override
protected String getReply(Bot bot, Sender sender, String[] args) {
Expand All @@ -54,6 +57,10 @@ protected String getReply(Bot bot, Sender sender, String[] args) {
}
AbstractProject<?, ?> job = getJobProvider().getJobByName(jobName);
if (job != null) {
if (!job.hasPermission(getRequiredPermission())) {
return "You don't have the permissions to perform this command on this job.";
}

try {
return getMessageForJob(job, sender, remainingArgs).toString();
} catch (CommandException e) {
Expand Down
7 changes: 7 additions & 0 deletions src/main/java/hudson/plugins/im/bot/CommentCommand.java
View file
@@ -1,10 +1,12 @@
package hudson.plugins.im.bot;

import hudson.Extension;
import hudson.model.Item;
import hudson.model.AbstractProject;
import hudson.model.Run;
import hudson.plugins.im.Sender;
import hudson.plugins.im.tools.MessageHelper;
import hudson.security.Permission;

import java.io.IOException;
import java.util.Collection;
Expand Down Expand Up @@ -42,6 +44,11 @@ protected CharSequence getMessageForJob(AbstractProject<?, ?> job, Sender sender
}
}

@Override
protected Permission getRequiredPermission() {
return Item.CONFIGURE;
}

@Override
public String getHelp() {
return " <job> <build-#> <comment> - adds a description to a build";
Expand Down

0 comments on commit 5889fcc

Please sign in to comment.