Package com.microsoft.jenkins.azuread

Class GlobalMatrixAuthorizationStrategy

java.lang.Object

hudson.model.AbstractDescribableImpl<AuthorizationStrategy>

hudson.security.AuthorizationStrategy

com.microsoft.jenkins.azuread.GlobalMatrixAuthorizationStrategy

All Implemented Interfaces:

AuthorizationContainer, ExtensionPoint, Describable<AuthorizationStrategy>

Direct Known Subclasses:

AzureAdMatrixAuthorizationStrategy

public class GlobalMatrixAuthorizationStrategy
extends AuthorizationStrategy
implements AuthorizationContainer

Role-based authorization via a matrix.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	GlobalMatrixAuthorizationStrategy.ConverterImpl	Persist GlobalMatrixAuthorizationStrategy as a list of IDs that represent grantedPermissions.
static class	GlobalMatrixAuthorizationStrategy.DescriptorImpl
static final class	GlobalMatrixAuthorizationStrategy.PermissionAdderImpl

Nested classes/interfaces inherited from class hudson.security.AuthorizationStrategy

AuthorizationStrategy.Unsecured

Nested classes/interfaces inherited from interface com.microsoft.jenkins.azuread.AuthorizationContainer

AuthorizationContainer.IdStrategyComparator, AuthorizationContainer.PermissionEntryComparator

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary

Fields

Modifier and Type	Field	Description
static final List<Permission>	DANGEROUS_PERMISSIONS	List of permissions considered dangerous to grant to non-admin users.
static final GlobalMatrixAuthorizationStrategy.DescriptorImpl	DESCRIPTOR

Fields inherited from class hudson.security.AuthorizationStrategy

LIST, UNSECURED

Constructor Summary

Constructors

Constructor	Description
GlobalMatrixAuthorizationStrategy()

Method Summary

Modifier and Type	Method	Description
Permission	getEditingPermission()
Map<Permission,Set<PermissionEntry>>	getGrantedPermissionEntries()	Returns a live modifiable map of permissions.
Set<String>	getGroups()	Internal only: Returns all recorded (possible) group sids to allow populating AuthorizationStrategy.getGroups().
ACL	getRootACL()
void	recordGroup(String sid)	Internal only: Record use of a (possible) group sid to be later returned in AuthorizationContainer.getGroups().

Methods inherited from class hudson.security.AuthorizationStrategy

all, getACL, getACL, getACL, getACL, getACL, getACL, getACL, getACL

Methods inherited from class hudson.model.AbstractDescribableImpl

getDescriptor

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.microsoft.jenkins.azuread.AuthorizationContainer

add, add, add, getAllPermissionEntries, getAllSIDs, getDescriptor, getGrantedPermissions, hasExplicitPermission, hasExplicitPermission, hasPermission, hasPermission

Field Details

DANGEROUS_PERMISSIONS

@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public static final List<Permission> DANGEROUS_PERMISSIONS

List of permissions considered dangerous to grant to non-admin users. These are also all deprecated from Jenkins 2.222.

DESCRIPTOR

@Extension
public static final GlobalMatrixAuthorizationStrategy.DescriptorImpl DESCRIPTOR

Constructor Details

GlobalMatrixAuthorizationStrategy

public GlobalMatrixAuthorizationStrategy()

Method Details

getGrantedPermissionEntries

public Map<Permission,Set<PermissionEntry>> getGrantedPermissionEntries()

Description copied from interface: AuthorizationContainer

Returns a live modifiable map of permissions. This return value needs to be treated as unmodifiable from shortly after object construction (even though it isn't for practical reasons).

Specified by:

getGrantedPermissionEntries in interface AuthorizationContainer

getEditingPermission

public Permission getEditingPermission()

Specified by:

getEditingPermission in interface AuthorizationContainer

getRootACL

@NonNull
public ACL getRootACL()

Specified by:

getRootACL in class AuthorizationStrategy

getGroups

@NonNull
public Set<String> getGroups()

Description copied from interface: AuthorizationContainer

Internal only: Returns all recorded (possible) group sids to allow populating AuthorizationStrategy.getGroups().

Specified by:

getGroups in interface AuthorizationContainer

Specified by:

getGroups in class AuthorizationStrategy

recordGroup

public void recordGroup(String sid)

Description copied from interface: AuthorizationContainer

Internal only: Record use of a (possible) group sid to be later returned in AuthorizationContainer.getGroups().

Specified by:

recordGroup in interface AuthorizationContainer