Package com.microsoft.jenkins.azuread
Class GlobalMatrixAuthorizationStrategy
- java.lang.Object
-
- hudson.model.AbstractDescribableImpl<AuthorizationStrategy>
-
- hudson.security.AuthorizationStrategy
-
- com.microsoft.jenkins.azuread.GlobalMatrixAuthorizationStrategy
-
- All Implemented Interfaces:
AuthorizationContainer
,ExtensionPoint
,Describable<AuthorizationStrategy>
- Direct Known Subclasses:
AzureAdMatrixAuthorizationStrategy
public class GlobalMatrixAuthorizationStrategy extends AuthorizationStrategy implements AuthorizationContainer
Role-based authorization via a matrix.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
GlobalMatrixAuthorizationStrategy.ConverterImpl
PersistGlobalMatrixAuthorizationStrategy
as a list of IDs that representgrantedPermissions
.static class
GlobalMatrixAuthorizationStrategy.DescriptorImpl
static class
GlobalMatrixAuthorizationStrategy.PermissionAdderImpl
-
Nested classes/interfaces inherited from class hudson.security.AuthorizationStrategy
AuthorizationStrategy.Unsecured
-
Nested classes/interfaces inherited from interface com.microsoft.jenkins.azuread.AuthorizationContainer
AuthorizationContainer.IdStrategyComparator, AuthorizationContainer.PermissionEntryComparator
-
Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson
-
-
Field Summary
Fields Modifier and Type Field Description static List<Permission>
DANGEROUS_PERMISSIONS
List of permissions considered dangerous to grant to non-admin users.static GlobalMatrixAuthorizationStrategy.DescriptorImpl
DESCRIPTOR
-
Fields inherited from class hudson.security.AuthorizationStrategy
LIST, UNSECURED
-
-
Constructor Summary
Constructors Constructor Description GlobalMatrixAuthorizationStrategy()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Permission
getEditingPermission()
Map<Permission,Set<PermissionEntry>>
getGrantedPermissionEntries()
Returns a live modifiable map of permissions.Set<String>
getGroups()
Internal only: Returns all recorded (possible) group sids to allow populatingAuthorizationStrategy.getGroups()
.ACL
getRootACL()
void
recordGroup(String sid)
Internal only: Record use of a (possible) group sid to be later returned inAuthorizationContainer.getGroups()
.-
Methods inherited from class hudson.security.AuthorizationStrategy
all, getACL, getACL, getACL, getACL, getACL, getACL, getACL, getACL
-
Methods inherited from class hudson.model.AbstractDescribableImpl
getDescriptor
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.microsoft.jenkins.azuread.AuthorizationContainer
add, add, add, getAllPermissionEntries, getAllSIDs, getDescriptor, getGrantedPermissions, hasExplicitPermission, hasExplicitPermission, hasPermission, hasPermission
-
-
-
-
Field Detail
-
DANGEROUS_PERMISSIONS
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public static final List<Permission> DANGEROUS_PERMISSIONS
List of permissions considered dangerous to grant to non-admin users. These are also all deprecated from Jenkins 2.222.
-
DESCRIPTOR
@Extension public static final GlobalMatrixAuthorizationStrategy.DescriptorImpl DESCRIPTOR
-
-
Method Detail
-
getGrantedPermissionEntries
public Map<Permission,Set<PermissionEntry>> getGrantedPermissionEntries()
Description copied from interface:AuthorizationContainer
Returns a live modifiable map of permissions. This return value needs to be treated as unmodifiable from shortly after object construction (even though it isn't for practical reasons).- Specified by:
getGrantedPermissionEntries
in interfaceAuthorizationContainer
-
getEditingPermission
public Permission getEditingPermission()
- Specified by:
getEditingPermission
in interfaceAuthorizationContainer
-
getRootACL
@NonNull public ACL getRootACL()
- Specified by:
getRootACL
in classAuthorizationStrategy
-
getGroups
@NonNull public Set<String> getGroups()
Description copied from interface:AuthorizationContainer
Internal only: Returns all recorded (possible) group sids to allow populatingAuthorizationStrategy.getGroups()
.- Specified by:
getGroups
in interfaceAuthorizationContainer
- Specified by:
getGroups
in classAuthorizationStrategy
-
recordGroup
public void recordGroup(String sid)
Description copied from interface:AuthorizationContainer
Internal only: Record use of a (possible) group sid to be later returned inAuthorizationContainer.getGroups()
.- Specified by:
recordGroup
in interfaceAuthorizationContainer
-
-