Merge pull request #1621 from jenkinsci/permissions-listbox

[JENKINS-72317] Use Jenkins.READ permission check for all list box models
jenkinsci · Nov 15, 2023 · e17302c · e17302c
2 parents 8e565fe + b8617a2
commit e17302c
Show file tree

Hide file tree

Showing 19 changed files with 141 additions and 134 deletions.
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2007-2022 Dr. Ullrich Hafner
+Copyright (c) 2007-2023 Dr. Ullrich Hafner
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/filter/RegexpFilter.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/filter/RegexpFilter.java
@@ -15,7 +15,7 @@
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.verb.POST;
 import hudson.model.AbstractDescribableImpl;
-import hudson.model.AbstractProject;
+import hudson.model.BuildableItem;
 import hudson.model.Descriptor;
 import hudson.model.Item;
 import hudson.util.FormValidation;
@@ -80,7 +80,7 @@ public RegexpFilterDescriptor() {
         }
 
         /**
-         * Performs on-the-fly validation on threshold for high warnings.
+         * Performs on-the-fly validation of the regexp pattern.
          *
          * @param project
          *         the project that is configured
@@ -90,7 +90,7 @@ public RegexpFilterDescriptor() {
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckPattern(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckPattern(@AncestorInPath final BuildableItem project,
                 @QueryParameter final String pattern) {
             if (!jenkinsFacade.hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ReportScanningTool.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ReportScanningTool.java
@@ -20,11 +20,13 @@
 import org.kohsuke.stapler.verb.POST;
 import hudson.FilePath;
 import hudson.model.AbstractProject;
+import hudson.model.BuildableItem;
 import hudson.model.Item;
 import hudson.model.Run;
 import hudson.model.TaskListener;
 import hudson.util.ComboBoxModel;
 import hudson.util.FormValidation;
+import jenkins.model.Jenkins;
 
 import io.jenkins.plugins.analysis.core.model.AnalysisModelParser.AnalysisModelParserDescriptor;
 import io.jenkins.plugins.analysis.core.util.ConsoleLogReaderFactory;
@@ -257,14 +259,11 @@ protected ReportScanningToolDescriptor(final String id) {
         /**
          * Returns a model with all available charsets.
          *
-         * @param project
-         *         the project that is configured
-         *
          * @return a model with all available charsets
          */
         @POST
-        public ComboBoxModel doFillReportEncodingItems(@AncestorInPath final AbstractProject<?, ?> project) {
-            if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
+        public ComboBoxModel doFillReportEncodingItems() {
+            if (JENKINS.hasPermission(Jenkins.READ)) {
                 return VALIDATION_UTILITIES.getAllCharsets();
             }
             return new ComboBoxModel();
@@ -281,9 +280,9 @@ public ComboBoxModel doFillReportEncodingItems(@AncestorInPath final AbstractPro
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckReportEncoding(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckReportEncoding(@AncestorInPath final BuildableItem project,
                 @QueryParameter final String reportEncoding) {
-            if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
+            if (!JENKINS.hasPermission(Jenkins.READ)) {
                 return FormValidation.ok();
             }
 
@@ -328,7 +327,7 @@ public boolean hasDefaultPattern() {
         }
 
         /**
-         * Returns whether this parser can scan the console log. Typically, only line based parsers can scan the console
+         * Returns whether this parser can scan the console log. Typically, only line-based parsers can scan the console
          * log. XML parsers should always parse a given file only.
          *
          * @return the parser to use
@@ -338,8 +337,8 @@ public boolean canScanConsoleLog() {
         }
 
         /**
-         * Returns the default filename pattern for this tool. Override if your typically works on a specific file.
-         * Note: if you provide a default pattern then it is not possible to scan Jenkins console log of a build.
+         * Returns the default filename pattern for this tool. Override if your parser typically works on a specific file.
+         * Note: if you provide a default pattern, then it is not possible to scan Jenkins' console log of a build.
          *
          * @return the default pattern
          */

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/Tool.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/Tool.java
@@ -17,7 +17,7 @@
 import org.jenkinsci.Symbol;
 import hudson.FilePath;
 import hudson.model.AbstractDescribableImpl;
-import hudson.model.AbstractProject;
+import hudson.model.BuildableItem;
 import hudson.model.Descriptor;
 import hudson.model.Item;
 import hudson.model.Run;
@@ -197,7 +197,7 @@ protected ToolDescriptor(final String defaultId) {
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckId(@AncestorInPath final BuildableItem project,
                 @QueryParameter final String id) {
             if (!new JenkinsFacade().hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ToolSelection.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/ToolSelection.java
@@ -16,7 +16,7 @@
 import org.kohsuke.stapler.verb.POST;
 import hudson.Extension;
 import hudson.model.AbstractDescribableImpl;
-import hudson.model.AbstractProject;
+import hudson.model.BuildableItem;
 import hudson.model.Descriptor;
 import hudson.model.Item;
 import hudson.util.ComboBoxModel;
@@ -113,7 +113,7 @@ static void setJenkinsFacade(final JenkinsFacade facade) {
          * @return a model with all static analysis tool IDs of all jobs
          */
         @POST
-        public ComboBoxModel doFillIdItems(@AncestorInPath final AbstractProject<?, ?> project) {
+        public ComboBoxModel doFillIdItems(@AncestorInPath final BuildableItem project) {
             ComboBoxModel model = new ComboBoxModel();
             if (jenkinsFacade.hasPermission(Item.CONFIGURE, project)) {
                 model.addAll(collectAvailableIds());
@@ -139,7 +139,7 @@ private Set<String> collectAvailableIds() {
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckId(@AncestorInPath final BuildableItem project,
                 @QueryParameter final String id) {
             if (!new JenkinsFacade().hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/steps/AnalysisStepDescriptor.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/steps/AnalysisStepDescriptor.java
@@ -13,6 +13,7 @@
 import hudson.util.ComboBoxModel;
 import hudson.util.FormValidation;
 import hudson.util.ListBoxModel;
+import jenkins.model.Jenkins;
 
 import io.jenkins.plugins.analysis.core.util.ModelValidation;
 import io.jenkins.plugins.util.JenkinsFacade;
@@ -87,13 +88,11 @@ public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final BuildableI
     /**
      * Returns a model with all available severity filters.
      *
-     * @param project
-     *         the project that is configured
      * @return a model with all available severity filters
      */
     @POST
-    public ListBoxModel doFillMinimumSeverityItems(@AncestorInPath final BuildableItem project) {
-        if (JENKINS.hasPermission(Item.READ, project)) {
+    public ListBoxModel doFillMinimumSeverityItems() {
+        if (JENKINS.hasPermission(Jenkins.READ)) {
             return model.getAllSeverityFilters();
         }
         return new ListBoxModel();
@@ -162,13 +161,11 @@ public FormValidation doCheckUnhealthy(@AncestorInPath final BuildableItem proje
     /**
      * Returns a model with all aggregation trend chart positions.
      *
-     * @param project
-     *         the project that is configured
-     * @return a model with all  aggregation trend chart positions
+     * @return a model with all aggregation trend chart positions
      */
     @POST
-    public ListBoxModel doFillTrendChartTypeItems(@AncestorInPath final BuildableItem project) {
-        if (JENKINS.hasPermission(Item.READ, project)) {
+    public ListBoxModel doFillTrendChartTypeItems() {
+        if (JENKINS.hasPermission(Jenkins.READ)) {
             return model.getAllTrendChartTypes();
         }
         return new ListBoxModel();

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/steps/IssuesRecorder.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/steps/IssuesRecorder.java
@@ -30,6 +30,7 @@
 import hudson.model.AbstractProject;
 import hudson.model.Action;
 import hudson.model.BuildListener;
+import hudson.model.BuildableItem;
 import hudson.model.Item;
 import hudson.model.Result;
 import hudson.model.Run;
@@ -41,6 +42,7 @@
 import hudson.util.ComboBoxModel;
 import hudson.util.FormValidation;
 import hudson.util.ListBoxModel;
+import jenkins.model.Jenkins;
 
 import io.jenkins.plugins.analysis.core.filter.RegexpFilter;
 import io.jenkins.plugins.analysis.core.model.AnalysisResult;
@@ -907,7 +909,7 @@ public boolean isApplicable(final Class<? extends AbstractProject> jobType) {
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckId(@AncestorInPath final BuildableItem project,
                 @QueryParameter final String id) {
             if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();
@@ -924,7 +926,7 @@ public FormValidation doCheckId(@AncestorInPath final AbstractProject<?, ?> proj
          * @return a model with all available charsets
          */
         @POST
-        public ComboBoxModel doFillSourceCodeEncodingItems(@AncestorInPath final AbstractProject<?, ?> project) {
+        public ComboBoxModel doFillSourceCodeEncodingItems(@AncestorInPath final BuildableItem project) {
             if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
                 return VALIDATION_UTILITIES.getAllCharsets();
             }
@@ -934,13 +936,11 @@ public ComboBoxModel doFillSourceCodeEncodingItems(@AncestorInPath final Abstrac
         /**
          * Returns a model with all available severity filters.
          *
-         * @param project
-         *         the project that is configured
          * @return a model with all available severity filters
          */
         @POST
-        public ListBoxModel doFillMinimumSeverityItems(@AncestorInPath final AbstractProject<?, ?> project) {
-            if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
+        public ListBoxModel doFillMinimumSeverityItems() {
+            if (JENKINS.hasPermission(Jenkins.READ)) {
                 return model.getAllSeverityFilters();
             }
             return new ListBoxModel();
@@ -957,7 +957,7 @@ public ListBoxModel doFillMinimumSeverityItems(@AncestorInPath final AbstractPro
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckReportEncoding(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckReportEncoding(@AncestorInPath final BuildableItem project,
                 @QueryParameter final String reportEncoding) {
             if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();
@@ -977,7 +977,7 @@ public FormValidation doCheckReportEncoding(@AncestorInPath final AbstractProjec
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final BuildableItem project,
                 @QueryParameter final String sourceCodeEncoding) {
             if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();
@@ -999,7 +999,7 @@ public FormValidation doCheckSourceCodeEncoding(@AncestorInPath final AbstractPr
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckHealthy(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckHealthy(@AncestorInPath final BuildableItem project,
                 @QueryParameter final int healthy, @QueryParameter final int unhealthy) {
             if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();
@@ -1020,7 +1020,7 @@ public FormValidation doCheckHealthy(@AncestorInPath final AbstractProject<?, ?>
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckUnhealthy(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckUnhealthy(@AncestorInPath final BuildableItem project,
                 @QueryParameter final int healthy, @QueryParameter final int unhealthy) {
             if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();
@@ -1031,13 +1031,11 @@ public FormValidation doCheckUnhealthy(@AncestorInPath final AbstractProject<?,
         /**
          * Returns a model with all aggregation trend chart positions.
          *
-         * @param project
-         *         the project that is configured
-         * @return a model with all  aggregation trend chart positions
+         * @return a model with all aggregation trend chart positions
          */
         @POST
-        public ListBoxModel doFillTrendChartTypeItems(@AncestorInPath final AbstractProject<?, ?> project) {
-            if (JENKINS.hasPermission(Item.CONFIGURE, project)) {
+        public ListBoxModel doFillTrendChartTypeItems() {
+            if (JENKINS.hasPermission(Jenkins.READ)) {
                 return model.getAllTrendChartTypes();
             }
             return new ListBoxModel();

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/core/util/QualityGate.java b/plugin/src/main/java/io/jenkins/plugins/analysis/core/util/QualityGate.java
@@ -12,11 +12,12 @@
 import org.kohsuke.stapler.verb.POST;
 import hudson.Extension;
 import hudson.model.AbstractDescribableImpl;
-import hudson.model.AbstractProject;
+import hudson.model.BuildableItem;
 import hudson.model.Descriptor;
 import hudson.model.Item;
 import hudson.util.FormValidation;
 import hudson.util.ListBoxModel;
+import jenkins.model.Jenkins;
 
 import io.jenkins.plugins.analysis.core.util.IssuesStatistics.StatisticProperties;
 import io.jenkins.plugins.util.JenkinsFacade;
@@ -248,15 +249,13 @@ public QualityGateDescriptor() {
         /**
          * Return the model for the select widget.
          *
-         * @param project
-         *         the project that is configured
          * @return the quality gate types
          */
         @POST
-        public ListBoxModel doFillTypeItems(@AncestorInPath final AbstractProject<?, ?> project) {
+        public ListBoxModel doFillTypeItems() {
             ListBoxModel model = new ListBoxModel();
 
-            if (jenkins.hasPermission(Item.CONFIGURE, project)) {
+            if (jenkins.hasPermission(Jenkins.READ)) {
                 for (QualityGateType qualityGateType : QualityGateType.values()) {
                     model.add(qualityGateType.getDisplayName(), qualityGateType.name());
                 }
@@ -275,9 +274,8 @@ public ListBoxModel doFillTypeItems(@AncestorInPath final AbstractProject<?, ?>
          *
          * @return the validation result
          */
-        @SuppressWarnings("WeakerAccess")
         @POST
-        public FormValidation doCheckThreshold(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckThreshold(@AncestorInPath final BuildableItem project,
                 @QueryParameter final int threshold) {
             if (!jenkins.hasPermission(Item.CONFIGURE, project)) {
                 return FormValidation.ok();

diff --git a/plugin/src/main/java/io/jenkins/plugins/analysis/warnings/DuplicateCodeScanner.java b/plugin/src/main/java/io/jenkins/plugins/analysis/warnings/DuplicateCodeScanner.java
@@ -18,7 +18,7 @@
 import org.kohsuke.stapler.DataBoundSetter;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.verb.POST;
-import hudson.model.AbstractProject;
+import hudson.model.BuildableItem;
 import hudson.model.Item;
 import hudson.model.Run;
 import hudson.util.FormValidation;
@@ -178,7 +178,7 @@ abstract static class DuplicateCodeDescriptor extends AnalysisModelParserDescrip
         }
 
         /**
-         * Performs on-the-fly validation on threshold for high warnings.
+         * Performs on-the-fly validation of the threshold for high warnings.
          *
          * @param project
          *         the project that is configured
@@ -190,7 +190,7 @@ abstract static class DuplicateCodeDescriptor extends AnalysisModelParserDescrip
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckHighThreshold(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckHighThreshold(@AncestorInPath final BuildableItem project,
                 @QueryParameter("highThreshold") final int highThreshold,
                 @QueryParameter("normalThreshold") final int normalThreshold) {
             if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {
@@ -200,7 +200,7 @@ public FormValidation doCheckHighThreshold(@AncestorInPath final AbstractProject
         }
 
         /**
-         * Performs on-the-fly validation on threshold for normal warnings.
+         * Performs on-the-fly validation of the threshold for normal warnings.
          *
          * @param project
          *         the project that is configured
@@ -212,7 +212,7 @@ public FormValidation doCheckHighThreshold(@AncestorInPath final AbstractProject
          * @return the validation result
          */
         @POST
-        public FormValidation doCheckNormalThreshold(@AncestorInPath final AbstractProject<?, ?> project,
+        public FormValidation doCheckNormalThreshold(@AncestorInPath final BuildableItem project,
                 @QueryParameter("highThreshold") final int highThreshold,
                 @QueryParameter("normalThreshold") final int normalThreshold) {
             if (!JENKINS.hasPermission(Item.CONFIGURE, project)) {