Question

如果有可能，有人知道如何读取给定Jenkins文件夹的权限吗？

使用CloudBees文件夹插件
（https://wiki.jenkins.io/display/JENKINS/CloudBees+Folders+Plugin）
使用矩阵授权策略
（https://plugins.jenkins.io/matrix-auth）

我找到了遍历工作并获得Folder个“工作”的方法但是不知道如何访问文件夹permisisons /读取它

访问文件夹非常简单

import com.cloudbees.hudson.plugins.folder.*
import groovyjarjarasm.asm.Item

  def items=Jenkins.instance.getAllItems();

  items.each{
    if(it instanceof Folder){
      println it.fullName
    } 
  }

我注意到，例如在文件夹“ A”上将授予用户Areaed（ldapid）读取权限，然后在配置文件中遵循

<com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty>
      <inheritanceStrategy class="org.jenkinsci.plugins.matrixauth.inheritance.InheritParentStrategy"/>
      <permission>com.cloudbees.plugins.credentials.CredentialsProvider.View:Aread</permission>

我还为cloudbee的文件夹类找到了javadoc，但是关于permision却一无所获：/

https://javadoc.jenkins.io/plugin/cloudbees-folder/com/cloudbees/hudson/plugins/folder/package-summary.html

感谢您的提示（我正在使用内置脚本编辑器来运行groovy脚本）

经过一些发现，我发现了一些线索 Jenkins Add permissions to jobs using groovy

但是，一旦实施

import com.cloudbees.hudson.plugins.folder.*
import groovyjarjarasm.asm.Item
import jenkins.model.Jenkins
import hudson.security.*
import hudson.model.*

//AbstractProject proj = Hudson.instance.getItem("YourJob")
//AuthorizationMatrixProperty authProperty = proj.getProperty(AuthorizationMatrixProperty.class)

  def items=Jenkins.instance.getAllItems();

  items.each{
    if(it instanceof Folder){
      println it.fullName
      AbstractProject proj = Hudson.instance.getItem(it.fullName)
      AuthorizationMatrixProperty authProperty = proj.getProperty(AuthorizationMatrixProperty.class)
    } 
  }

遇到错误

org.codehaus.groovy.runtime.typehandling.GroovyCastException: Cannot cast object 'com.cloudbees.hudson.plugins.folder.Folder@a35435b[fooFolderName]' with class 'com.cloudbees.hudson.plugins.folder.Folder' to class 'hudson.model.AbstractProject'

（已经尝试过 it.name ，/ it ：/ -如果没有文件夹，但是经典作业，代码段不会失败

Answer 1

由example script from Cloudbees

处理

下面的groovy脚本打印出给定文件夹的管理员用户（具有作业编辑权限）

//https://javadoc.jenkins.io/plugin/matrix-auth/com/cloudbees/hudson/plugins/folder/properties/AuthorizationMatrixProperty.html
//https://javadoc.jenkins.io/plugin/cloudbees-folder/com/cloudbees/hudson/plugins/folder/AbstractFolder.html
//https://javadoc.jenkins.io/hudson/security/Permission.html

def folderName = "folderName-fullPath"

com.cloudbees.hudson.plugins.folder.Folder folder = jenkins.model.Jenkins.instance.getItem(folderName);
def URL = folder.getAbsoluteUrl();

//iterate over properties and find permissions
folder.properties.each { p -> 
    if(p.class.canonicalName == "com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty") {
        //permissions found, get them
           Map<hudson.security.Permission,Set<String>> gp = p.getGrantedPermissions();

       //interested only in admins of folder- permission to modify the given folder
       gp.get(hudson.security.Permission.fromId("hudson.model.Item.Configure")).each{ us ->
         User usr = User.getById(us,false);

         if(usr != null){
            def usrMail = usr.getProperty(hudson.tasks.Mailer.UserProperty.class).getAddress();
            print(usr.fullName + " <" + usrMail +">;")
         }               
       }
    }
} 

println ""

Jenkins- Groovy，读取文件夹权限

1 个答案: