Compatibility with Spring Security (#145)

* Compatibility with Spring Security * Incrementalified
jenkinsci · Sep 5, 2020 · 371f01b · 371f01b
1 parent 241d273
commit 371f01b
Showing 6 changed files with 32 additions and 16 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,7 +1,6 @@
 *.iml
 *.ipr
 *.iws
-.*
 !.gitignore
 target/
 work
diff --git a/.mvn/extensions.xml b/.mvn/extensions.xml
@@ -0,0 +1,7 @@
+<extensions xmlns="http://maven.apache.org/EXTENSIONS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/EXTENSIONS/1.0.0 http://maven.apache.org/xsd/core-extensions-1.0.0.xsd">
+  <extension>
+    <groupId>io.jenkins.tools.incrementals</groupId>
+    <artifactId>git-changelist-maven-extension</artifactId>
+    <version>1.2</version>
+  </extension>
+</extensions>
diff --git a/.mvn/maven.config b/.mvn/maven.config
@@ -0,0 +1,2 @@
+-Pconsume-incrementals
+-Pmight-produce-incrementals
diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
   <parent>
     <groupId>org.jenkins-ci.plugins</groupId>
     <artifactId>plugin</artifactId>
-    <version>4.2</version>
+    <version>4.7</version>
     <relativePath />
   </parent>
 
@@ -18,7 +18,7 @@
 
   <artifactId>parameterized-trigger</artifactId>
   <packaging>hpi</packaging>
-  <version>2.38-SNAPSHOT</version>
+  <version>${revision}${changelist}</version>
   <name>Jenkins Parameterized Trigger plugin</name>
   <url>https://github.com/jenkinsci/parameterized-trigger-plugin</url>
 
@@ -162,9 +162,10 @@
   </dependencyManagement>
 
   <scm>
-    <connection>scm:git:git://github.com/jenkinsci/parameterized-trigger-plugin.git</connection>
-    <developerConnection>scm:git:git@github.com:jenkinsci/parameterized-trigger-plugin.git</developerConnection>
-    <tag>HEAD</tag>
+    <connection>scm:git:git://github.com/${gitHubRepo}.git</connection>
+    <developerConnection>scm:git:git@github.com:${gitHubRepo}.git</developerConnection>
+    <url>https://github.com/${gitHubRepo}</url>
+    <tag>${scmTag}</tag>
   </scm>
 
   <repositories>
@@ -182,6 +183,9 @@
   </pluginRepositories>
 
   <properties>
+    <revision>2.38</revision>
+    <changelist>-SNAPSHOT</changelist>
+    <gitHubRepo>jenkinsci/parameterized-trigger-plugin</gitHubRepo>
     <java.level>8</java.level>
     <jenkins.version>2.176.4</jenkins.version>
     <spotbugs.failOnError>false</spotbugs.failOnError>

diff --git a/src/main/java/hudson/plugins/parameterizedtrigger/BuildTriggerConfig.java b/src/main/java/hudson/plugins/parameterizedtrigger/BuildTriggerConfig.java
@@ -278,8 +278,12 @@ private static <T extends Item> List<T> readableItemsFromNameList(
             T item = null;
             try {
                 item = hudson.getItem(fullName, context, type);
-            } catch (AccessDeniedException ex) {
-                // Ignore, item won't be added to the resulting list
+            } catch (RuntimeException x) {
+                if (x.getClass().getSimpleName().startsWith("AccessDeniedException")) {
+                    // Ignore, item won't be added to the resulting list
+                } else {
+                    throw x;
+                }
             }
             if(item!=null)
                 r.add(item);
@@ -322,8 +326,12 @@ private static void resolveProject(AbstractBuild build, SubProjectData subProjec
             try {
                 resolvedProject = jenkins == null ? null :
                         jenkins.getItem(unresolvedProjectName, build.getProject().getParent(), Job.class);
-            } catch (AccessDeniedException ex) {
-                // Permission check failure (DISCOVER w/o READ) => we leave the job unresolved
+            } catch (RuntimeException x) {
+                if (x.getClass().getSimpleName().startsWith("AccessDeniedException")) {
+                    // Permission check failure (DISCOVER w/o READ) => we leave the job unresolved
+                } else {
+                    throw x;
+                }
             }
             if (resolvedProject != null) {
                 destinationSet.add(resolvedProject);

diff --git a/src/test/java/hudson/plugins/parameterizedtrigger/test/BuildTriggerConfigTest.java b/src/test/java/hudson/plugins/parameterizedtrigger/test/BuildTriggerConfigTest.java
@@ -43,12 +43,12 @@
 import hudson.plugins.parameterizedtrigger.SubProjectData;
 import hudson.plugins.parameterizedtrigger.TriggerBuilder;
 import hudson.security.ACL;
+import hudson.security.ACLContext;
 import hudson.security.AuthorizationMatrixProperty;
 import hudson.security.Permission;
 import hudson.security.ProjectMatrixAuthorizationStrategy;
 import hudson.util.FormValidation;
 import jenkins.model.Jenkins;
-import org.acegisecurity.context.SecurityContextHolder;
 import org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition;
 import org.jenkinsci.plugins.workflow.job.WorkflowJob;
 import org.jenkinsci.plugins.workflow.job.WorkflowRun;
@@ -67,7 +67,6 @@
 import java.util.Map;
 import java.util.Set;
 import jenkins.security.QueueItemAuthenticatorConfiguration;
-import org.acegisecurity.context.SecurityContext;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
@@ -377,12 +376,9 @@ public void testFieldValidation() throws Exception {
 
         // Just returns OK if no permission
         r.jenkins.setAuthorizationStrategy(new ProjectMatrixAuthorizationStrategy());
-        SecurityContext orig = ACL.impersonate(Jenkins.ANONYMOUS);
-        try {
+        try (ACLContext ctx = ACL.as(Jenkins.ANONYMOUS)) {
             assertSame(FormValidation.Kind.OK, descriptor.doCheckProjects(p, "").kind);
             assertSame(FormValidation.Kind.OK, descriptor.doCheckProjects(null, "").kind);
-        } finally {
-            SecurityContextHolder.setContext(orig);
         }
 
         r.jenkins.setSecurityRealm(r.createDummySecurityRealm());
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		-Pconsume-incrementals
		-Pmight-produce-incrementals