[FIXED JENKINS-42192] Add support for silent mode.

jenkinsci · Sep 12, 2017 · 54123d6 · 54123d6
1 parent d7d9a48
commit 54123d6
Show file tree

Hide file tree

Showing 3 changed files with 71 additions and 25 deletions.
diff --git a/pom.xml b/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.jenkins-ci.plugins</groupId>
         <artifactId>plugin</artifactId>
-        <version>1.509.4</version>
+        <version>1.609</version>
     </parent>
     <artifactId>permissive-script-security</artifactId>
     <version>0.2-SNAPSHOT</version>

diff --git a/src/main/java/org/jenkinsci/plugins/permissivescriptsecurity/PermissiveWhitelist.java b/src/main/java/org/jenkinsci/plugins/permissivescriptsecurity/PermissiveWhitelist.java
@@ -45,45 +45,72 @@
  *
  * @author ogondza.
  */
-@Extension(ordinal = Double.MIN_VALUE) @Restricted(NoExternalUse.class) // Run if no other whitelist permitted the signature.
+@Restricted(NoExternalUse.class)
+@Extension(ordinal = Double.MIN_VALUE) // Run if no other whitelist permitted the signature.
 public class PermissiveWhitelist extends Whitelist {
-    /*package*/ static volatile boolean enabled = Boolean.getBoolean("permissive-script-security.enabled");
+    /*package*/ static @Nonnull Mode MODE = Mode.getConfigured(
+            System.getProperty("permissive-script-security.enabled", "false")
+    );
 
     /*package*/ static final Logger LOGGER = Logger.getLogger(PermissiveWhitelist.class.getName());
 
+    public enum Mode {
+        DISABLED() {
+            public boolean act(RejectedAccessException ex) {
+                return false; // Reject was not permitted by others
+            }
+        },
+        ENABLED() {
+            public boolean act(RejectedAccessException ex) {
+                LOGGER.log(Level.INFO, "Unsecure signature found: " + ex.getSignature(), ex);
+                ScriptApproval.get().accessRejected(ex, ApprovalContext.create().withCurrentUser());
+                return true;
+            }
+        },
+        NO_SECURITY() {
+            public boolean act(RejectedAccessException ex) {
+                return true; // You have been warned
+            }
+        };
+
+        public abstract boolean act(RejectedAccessException ex);
+
+        public static Mode getConfigured(String config) {
+            if ("true".equals(config)) {
+                return ENABLED;
+            } else if ("no_security".equals(config)) {
+                return NO_SECURITY;
+            } else {
+                return DISABLED;
+            }
+        }
+    }
+
     public boolean permitsMethod(@Nonnull Method method, @Nonnull Object receiver, @Nonnull Object[] args) {
-        return act(StaticWhitelist.rejectMethod(method));
+        return MODE.act(StaticWhitelist.rejectMethod(method));
     }
 
     public boolean permitsConstructor(@Nonnull Constructor<?> constructor, @Nonnull Object[] args) {
-        return act(StaticWhitelist.rejectNew(constructor));
+        return MODE.act(StaticWhitelist.rejectNew(constructor));
     }
 
     public boolean permitsStaticMethod(@Nonnull Method method, @Nonnull Object[] args) {
-        return act(StaticWhitelist.rejectStaticMethod(method));
+        return MODE.act(StaticWhitelist.rejectStaticMethod(method));
     }
 
     public boolean permitsFieldGet(@Nonnull Field field, @Nonnull Object receiver) {
-        return act(StaticWhitelist.rejectField(field));
+        return MODE.act(StaticWhitelist.rejectField(field));
     }
 
     public boolean permitsFieldSet(@Nonnull Field field, @Nonnull Object receiver, @CheckForNull Object value) {
-        return act(StaticWhitelist.rejectField(field));
+        return MODE.act(StaticWhitelist.rejectField(field));
     }
 
     public boolean permitsStaticFieldGet(@Nonnull Field field) {
-        return act(StaticWhitelist.rejectStaticField(field));
+        return MODE.act(StaticWhitelist.rejectStaticField(field));
     }
 
     public boolean permitsStaticFieldSet(@Nonnull Field field, @CheckForNull Object value) {
-        return act(StaticWhitelist.rejectStaticField(field));
-    }
-
-    private boolean act(RejectedAccessException ex) {
-        if (enabled) {
-            LOGGER.log(Level.INFO, "Unsecure signature found: " + ex.getSignature(), ex);
-            ScriptApproval.get().accessRejected(ex, ApprovalContext.create().withCurrentUser());
-        }
-        return enabled;
+        return MODE.act(StaticWhitelist.rejectStaticField(field));
     }
 }
diff --git a/src/test/java/org/jenkinsci/plugins/permissivescriptsecurity/PermissiveWhitelistTest.java b/src/test/java/org/jenkinsci/plugins/permissivescriptsecurity/PermissiveWhitelistTest.java
@@ -26,6 +26,7 @@
 import groovy.lang.Binding;
 import hudson.util.RingBufferLogHandler;
 import jenkins.model.Jenkins;
+import org.jenkinsci.plugins.permissivescriptsecurity.PermissiveWhitelist.Mode;
 import org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException;
 import org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript;
 import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext;
@@ -42,7 +43,6 @@
 import java.util.logging.LogRecord;
 
 import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
@@ -52,9 +52,9 @@ public class PermissiveWhitelistTest {
     public JenkinsRule j = new JenkinsRule();
 
     @Test
-    public void logUnsafeSignature() throws Exception {
+    public void logUnsafeSignatureInPermissiveMode() throws Exception {
         RingBufferLogHandler handler = injectLogHandler();
-        assertFalse("Permissive whitelisting should be disabled by default", PermissiveWhitelist.enabled);
+        assertEquals("Permissive whitelisting should be disabled by default", Mode.DISABLED, PermissiveWhitelist.MODE);
 
         try {
             runScript("System.exit(42)");
@@ -69,7 +69,7 @@ public void logUnsafeSignature() throws Exception {
         List<LogRecord> logs = handler.getView();
         assertEquals(0, logs.size());
 
-        PermissiveWhitelist.enabled = true;
+        PermissiveWhitelist.MODE = Mode.ENABLED;
         try {
             Object ret = runScript("jenkins.model.Jenkins.getInstance()");
             assertTrue(ret instanceof Jenkins);
@@ -81,22 +81,41 @@ public void logUnsafeSignature() throws Exception {
             pendingSignatures = ScriptApproval.get().getPendingSignatures();
             assertEquals(pendingSignatures.toString(), 2, pendingSignatures.size());
         } finally {
-            PermissiveWhitelist.enabled = false;
+            PermissiveWhitelist.MODE = Mode.DISABLED;
         }
     }
 
     @Test
     public void ignoreSafeSignature() throws Exception {
-        PermissiveWhitelist.enabled = true;
+        PermissiveWhitelist.MODE = Mode.ENABLED;
         try {
             RingBufferLogHandler handler = injectLogHandler();
 
             Object ret = runScript("this.equals(this)");
             assertTrue((Boolean) ret);
             assertEquals(handler.getView().toString(), 0, handler.getView().size());
         } finally {
-            PermissiveWhitelist.enabled = false;
+            PermissiveWhitelist.MODE = Mode.DISABLED;
         }
+
+        PermissiveWhitelist.MODE = Mode.NO_SECURITY;
+        try {
+            RingBufferLogHandler handler = injectLogHandler();
+
+            Object ret = runScript("this.equals(this)");
+            assertTrue((Boolean) ret);
+            assertEquals(handler.getView().toString(), 0, handler.getView().size());
+        } finally {
+            PermissiveWhitelist.MODE = Mode.DISABLED;
+        }
+    }
+
+    @Test
+    public void getConfigured() throws Exception {
+        assertEquals(Mode.ENABLED, Mode.getConfigured("true"));
+        assertEquals(Mode.DISABLED, Mode.getConfigured("false"));
+        assertEquals(Mode.NO_SECURITY, Mode.getConfigured("no_security"));
+        assertEquals(Mode.DISABLED, Mode.getConfigured("This looks like a nice plugin!"));
     }
 
     private RingBufferLogHandler injectLogHandler() {