Skip to content

Commit

Permalink
Merge pull request #401 from offa/deprecated_apis
Browse files Browse the repository at this point in the history 
Replace deprecated APIs
  • Loading branch information
@jglick
jglick authored Apr 25, 2022
2 parents 99f78ba + c55ab4e commit 0e7c803
Show file tree
Hide file tree
Showing 13 changed files with 171 additions and 224 deletions.
2 changes: 1 addition & 1 deletion src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -459,7 +459,7 @@ private final class CleanClassCollector extends ClassCollector {
@RequirePOST
public FormValidation doCheckScript(@QueryParameter String value, @QueryParameter boolean sandbox) {
FormValidation validationResult = GroovySandbox.checkScriptForCompilationErrors(value,
new GroovyClassLoader(Jenkins.getInstance().getPluginManager().uberClassLoader));
new GroovyClassLoader(Jenkins.get().getPluginManager().uberClassLoader));
if (validationResult.kind != FormValidation.Kind.OK) {
return validationResult;
}
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ApprovalContext.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ public ApprovalContext withItem(@CheckForNull Item item) {
*/
public @CheckForNull Item getItem() {
// TODO if getItemByFullName == null, we should removal the approval
return item != null ? Jenkins.getInstance().getItemByFullName(item) : null;
return item != null ? Jenkins.get().getItemByFullName(item) : null;
}

/**
Expand Down
36 changes: 18 additions & 18 deletions src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApproval.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ public class ScriptApproval extends GlobalConfiguration implements RootAction {

@Override
protected XmlFile getConfigFile() {
return new XmlFile(XSTREAM2, new File(Jenkins.getInstance().getRootDir(),getUrlName() + ".xml"));
return new XmlFile(XSTREAM2, new File(Jenkins.get().getRootDir(),getUrlName() + ".xml"));
}

@Override
Expand Down Expand Up @@ -435,7 +435,7 @@ static String hashClasspathEntry(URL entry) throws IOException {
public synchronized String configuring(@NonNull String script, @NonNull Language language, @NonNull ApprovalContext context) {
final String hash = hash(script, language.getName());
if (!approvedScriptHashes.contains(hash)) {
if (!Jenkins.getInstance().isUseSecurity() || Jenkins.getAuthentication() != ACL.SYSTEM && Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
if (!Jenkins.get().isUseSecurity() || Jenkins.getAuthentication() != ACL.SYSTEM && Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
approvedScriptHashes.add(hash);
} else {
String key = context.getKey();
Expand Down Expand Up @@ -507,7 +507,7 @@ public synchronized void configuring(@NonNull ClasspathEntry entry, @NonNull App
if (!approvedClasspathEntries.contains(acp)) {
boolean shouldSave = false;
PendingClasspathEntry pcp = new PendingClasspathEntry(hash, url, context);
if (!Jenkins.getInstance().isUseSecurity() || (Jenkins.getAuthentication() != ACL.SYSTEM && Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER))) {
if (!Jenkins.get().isUseSecurity() || (Jenkins.getAuthentication() != ACL.SYSTEM && Jenkins.get().hasPermission(Jenkins.ADMINISTER))) {
LOG.log(Level.FINE, "Classpath entry {0} ({1}) is approved as configured with ADMINISTER permission.", new Object[] {url, hash});
pendingClasspathEntries.remove(pcp);
approvedClasspathEntries.add(acp);
Expand Down Expand Up @@ -538,7 +538,7 @@ public synchronized FormValidation checking(@NonNull ClasspathEntry entry) {
}
URL url = entry.getURL();
try {
if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER) && !approvedClasspathEntries.contains(new ApprovedClasspathEntry(hashClasspathEntry(url), url))) {
if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER) && !approvedClasspathEntries.contains(new ApprovedClasspathEntry(hashClasspathEntry(url), url))) {
return FormValidation.error(Messages.ClasspathEntry_path_notApproved());
} else {
return FormValidation.ok();
Expand Down Expand Up @@ -587,7 +587,7 @@ public synchronized void using(@NonNull ClasspathEntry entry) throws IOException
* @return a warning in case the script is not yet approved and this user lacks {@link Jenkins#ADMINISTER}, else {@link FormValidation#ok()}
*/
public synchronized FormValidation checking(@NonNull String script, @NonNull Language language) {
if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER) && !approvedScriptHashes.contains(hash(script, language.getName()))) {
if (!Jenkins.get().hasPermission(Jenkins.ADMINISTER) && !approvedScriptHashes.contains(hash(script, language.getName()))) {
return FormValidation.warningWithMarkup("A Jenkins administrator will need to approve this script before it can be used.");
} else {
return FormValidation.ok();
Expand Down Expand Up @@ -657,7 +657,7 @@ public static void popRegistrationCallback() {

@DataBoundSetter
public synchronized void setApprovedSignatures(String[] signatures) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
approvedSignatures.clear();
List<String> goodSignatures = new ArrayList<>(signatures.length);
for (String signature : signatures) {
Expand Down Expand Up @@ -750,7 +750,7 @@ public Set<PendingScript> getPendingScripts() {

@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public void approveScript(String hash) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
synchronized (this) {
approvedScriptHashes.add(hash);
removePendingScript(hash);
Expand All @@ -768,7 +768,7 @@ public Set<PendingScript> getPendingScripts() {

@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public synchronized void denyScript(String hash) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
approvedScriptHashes.remove(hash);
removePendingScript(hash);
save();
Expand All @@ -786,7 +786,7 @@ private synchronized void removePendingScript(String hash) {

@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public synchronized void clearApprovedScripts() throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
approvedScriptHashes.clear();
save();
}
Expand All @@ -808,7 +808,7 @@ private String[][] reconfigure() throws IOException {

@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public synchronized String[][] approveSignature(String signature) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
pendingSignatures.remove(new PendingSignature(signature, false, ApprovalContext.create()));
approvedSignatures.add(signature);
save();
Expand All @@ -817,7 +817,7 @@ private String[][] reconfigure() throws IOException {

@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public synchronized String[][] aclApproveSignature(String signature) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
pendingSignatures.remove(new PendingSignature(signature, false, ApprovalContext.create()));
aclApprovedSignatures.add(signature);
save();
Expand All @@ -826,15 +826,15 @@ private String[][] reconfigure() throws IOException {

@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public synchronized void denySignature(String signature) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
pendingSignatures.remove(new PendingSignature(signature, false, ApprovalContext.create()));
save();
}

// TODO nicer would be to allow the user to actually edit the list directly (with syntax checks)
@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public synchronized String[][] clearApprovedSignatures() throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
approvedSignatures.clear();
aclApprovedSignatures.clear();
save();
Expand All @@ -844,7 +844,7 @@ private String[][] reconfigure() throws IOException {

@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod public synchronized String[][] clearDangerousApprovedSignatures() throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);

Iterator<String> it = approvedSignatures.iterator();
while (it.hasNext()) {
Expand Down Expand Up @@ -895,7 +895,7 @@ public JSON getClasspathRenderInfo() {
@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod
public JSON approveClasspathEntry(String hash) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
URL url = null;
synchronized (this) {
final PendingClasspathEntry cp = getPendingClasspathEntry(hash);
Expand All @@ -922,7 +922,7 @@ public JSON approveClasspathEntry(String hash) throws IOException {
@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod
public JSON denyClasspathEntry(String hash) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
PendingClasspathEntry cp = getPendingClasspathEntry(hash);
if (cp != null) {
pendingClasspathEntries.remove(cp);
Expand All @@ -934,7 +934,7 @@ public JSON denyClasspathEntry(String hash) throws IOException {
@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod
public JSON denyApprovedClasspathEntry(String hash) throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
if (approvedClasspathEntries.remove(new ApprovedClasspathEntry(hash, null))) {
save();
}
Expand All @@ -944,7 +944,7 @@ public JSON denyApprovedClasspathEntry(String hash) throws IOException {
@Restricted(NoExternalUse.class) // for use from AJAX
@JavaScriptMethod
public synchronized JSON clearApprovedClasspathEntries() throws IOException {
Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
Jenkins.get().checkPermission(Jenkins.ADMINISTER);
approvedClasspathEntries.clear();
save();
return getClasspathRenderInfo();
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApprovalNote.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,15 +66,15 @@ private ScriptApprovalNote(int length) {

@Override
public ConsoleAnnotator<Object> annotate(Object context, MarkupText text, int charPos) {
if (Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
if (Jenkins.get().hasPermission(Jenkins.ADMINISTER)) {
String url = ScriptApproval.get().getUrlName();
StaplerRequest req = Stapler.getCurrentRequest();
if (req != null) {
// if we are serving HTTP request, we want to use app relative URL
url = req.getContextPath() + "/" + url;
} else {
// otherwise presumably this is rendered for e-mails and other non-HTTP stuff
url = Jenkins.getInstance().getRootUrl() + url;
url = Jenkins.get().getRootUrl() + url;
}
text.addMarkup(charPos, charPos + length, "<a href='" + url + "'>", "</a>");
}
Expand Down
15 changes: 6 additions & 9 deletions .../java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelectorTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ public static void m2(long x) {}

@Issue("JENKINS-38908")
@Test public void main() throws Exception {
Script receiver = (Script) new SecureGroovyScript("def main() {}; this", true, null).configuring(ApprovalContext.create()).evaluate(GroovyCallSiteSelectorTest.class.getClassLoader(), new Binding());
Script receiver = (Script) new SecureGroovyScript("def main() {}; this", true, null).configuring(ApprovalContext.create()).evaluate(GroovyCallSiteSelectorTest.class.getClassLoader(), new Binding(), null);
assertEquals(receiver.getClass().getMethod("main"), GroovyCallSiteSelector.method(receiver, "main", new Object[0]));
assertEquals(receiver.getClass().getMethod("main", String[].class), GroovyCallSiteSelector.method(receiver, "main", new Object[] {"somearg"}));
}
Expand Down Expand Up @@ -128,14 +128,11 @@ public static void m2(long x) {}
@Test
public void varargsFailureCases() throws Exception {
// If there's a partial match, we should get a ClassCastException
try {
assertNull(GroovyCallSiteSelector.constructor(ParametersAction.class,
new Object[]{new BooleanParameterValue("someBool", true), "x"}));
} catch (Exception e) {
assertTrue(e instanceof ClassCastException);
assertEquals("Cannot cast object 'x' with class 'java.lang.String' to class 'hudson.model.ParameterValue'",
e.getMessage());
}
final ClassCastException e = assertThrows(ClassCastException.class,
() -> assertNull(GroovyCallSiteSelector.constructor(ParametersAction.class,
new Object[]{new BooleanParameterValue("someBool", true), "x"})));
assertEquals("Cannot cast object 'x' with class 'java.lang.String' to class 'hudson.model.ParameterValue'",
e.getMessage());
// If it's a complete non-match, we just shouldn't get a constructor.
assertNull(GroovyCallSiteSelector.constructor(ParametersAction.class, new Object[]{"a", "b"}));
}
Expand Down
Loading

0 comments on commit 0e7c803

Please sign in to comment.