Skip to content

Commit

Permalink
Add permission concept for links
Browse files Browse the repository at this point in the history 
Fixes jenkinsci#78

Add permission concept for links to restrict access based on user roles.

* **CustomHeaderConfiguration.java**
  - Add a new permission `VIEW_LINK`.
  - Update the `getLinks` method to filter links based on user permissions.

* **AppNavLink.java**
  - Add a new field `permission`.
  - Update the constructor to include the `permission` field.
  - Update the `getLinkUrl` method to check for the `permission` field.

* **config.jelly**
  - Add a new entry for the `permission` field.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/jenkinsci/customizable-header-plugin/issues/78?shareId=XXXX-XXXX-XXXX-XXXX).
  • Loading branch information
@biru-codeastromer
biru-codeastromer committed Jan 2, 2025
1 parent 28534dc commit 6f98199
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 4 deletions.
17 changes: 14 additions & 3 deletions src/main/java/io/jenkins/plugins/customizable_header/AppNavLink.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,23 +20,24 @@
import org.kohsuke.stapler.StaplerRequest;
import org.kohsuke.stapler.export.Exported;
import org.kohsuke.stapler.export.ExportedBean;
import hudson.security.Permission;

@ExportedBean
public class AppNavLink extends AbstractLink {

private String url;
private String label;
private Logo logo;

private boolean external;

private transient String color = "";
private Permission permission;

@DataBoundConstructor
public AppNavLink(String url, String label, Logo logo) {
public AppNavLink(String url, String label, Logo logo, Permission permission) {
this.url = url;
this.label = label;
this.logo = logo;
this.permission = permission;
}

@Exported
Expand Down Expand Up @@ -83,6 +84,13 @@ public void setLogo(Logo logo) {
this.logo = logo;
}

public Permission getPermission() {
return permission;
}

public void setPermission(Permission permission) {
this.permission = permission;
}

@Exported
@Override
Expand All @@ -92,6 +100,9 @@ public String getType() {

@Exported
public String getLinkUrl() {
if (permission != null && !Jenkins.get().hasPermission(permission)) {
return null;
}
try {
URI uri = new URI(url);
if (!uri.isAbsolute()) {
Expand Down
14 changes: 13 additions & 1 deletion src/main/java/io/jenkins/plugins/customizable_header/CustomHeaderConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,9 @@
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.StaplerRequest;
import hudson.security.Permission;
import hudson.security.PermissionGroup;
import hudson.security.PermissionScope;

@Extension
@org.jenkinsci.Symbol("customHeader")
Expand Down Expand Up @@ -65,6 +68,9 @@ public class CustomHeaderConfiguration extends GlobalConfiguration {

private static final transient Symbol star = new Symbol("symbol-star plugin-ionicons-api");

public static final PermissionGroup PERMISSIONS = new PermissionGroup(CustomHeaderConfiguration.class, Messages._CustomHeaderConfiguration_PermissionsTitle());
public static final Permission VIEW_LINK = new Permission(PERMISSIONS, "ViewLink", Messages._CustomHeaderConfiguration_ViewLinkPermissionDescription(), null, PermissionScope.JENKINS);

@DataBoundConstructor
public CustomHeaderConfiguration() {
load();
Expand Down Expand Up @@ -190,7 +196,13 @@ public void deleteSystemMessage(String id) {
}

public List<AbstractLink> getLinks() {
return links;
User user = User.current();
if (user != null) {
return links.stream()
.filter(link -> link.getPermission() == null || user.hasPermission(link.getPermission()))
.collect(Collectors.toList());
}
return Collections.emptyList();
}

@DataBoundSetter
Expand Down
3 changes: 3 additions & 0 deletions src/main/resources/io/jenkins/plugins/customizable_header/AppNavLink/config.jelly
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,8 @@
<f:entry field="external" title="${%External}">
<f:checkbox/>
</f:entry>
<f:entry field="permission" title="${%Permission}">
<f:dropdownDescriptorSelector field="permission"/>
</f:entry>
<f:dropdownDescriptorSelector field="logo" title="${%The logo to show}" descriptors="${descriptor.logoDescriptors}"/>
</j:jelly>

0 comments on commit 6f98199

Please sign in to comment.