Skip to content

Private memberships can be used for authorization #48

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 25, 2015
Merged

Private memberships can be used for authorization #48

merged 1 commit into from
Jul 25, 2015

Conversation

samrocketman
Copy link
Member

Private organization memberships can now be used for authorization.

fixes JENKINS-20845

samrocketman
samrocketman reviewed Jul 21, 2015
View reviewed changes
src/main/java/org/jenkinsci/plugins/GithubAuthenticationToken.java
@@ -302,7 +302,14 @@ public GithubOAuthUserDetails getUserDetails(String username) {
if (user != null) {
List<GrantedAuthority> groups = new ArrayList<GrantedAuthority>();
try {
for (GHOrganization ghOrganization : user.getOrganizations()) {
GHPersonSet<GHOrganization> orgs;
if(this.userName.equals(username)) {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If GitHub scopes don't include the ability to read teams, then all authorizations for a user are wiped. Need to fall back to the default method of determining authorizations publicly.

@samrocketman
Copy link
Member Author

Should wait for #45 and #47 to be merged. This should make use of the hasScope() function in the GithubSecurityRealm.

Perhaps make myRealm a private final variable of the GithubAuthenticationToken class. Check for null and set it before using hasScope().

@samrocketman samrocketman modified the milestone: github-oauth-0.22 Jul 21, 2015
@jenkinsadmin
Copy link
Member

Thank you for a pull request! Please check this document for how the Jenkins project handles pull requests

@samrocketman
Copy link
Member Author

@cloudbeesci code review, please.

@daniel-beck
Copy link
Member

I don't think anyone is monitoring that account.

@samrocketman
Copy link
Member Author

@daniel-beck ah, I thought you were responding because I at mentioned that account. I guess not :). Well then I'll just chill out and wait for code reviews to come in.

@samrocketman samrocketman force-pushed the get_private_orgs branch 2 times, most recently from 71df210 to af11e42 Compare July 24, 2015 02:02
@samrocketman
Private memberships can be used for authorization
8a741c4 
Private organization memberships can now be used for authorization.

fixes [JENKINS-20845]
@samrocketman
Copy link
Member Author

This is now ready for code review.

@samrocketman samrocketman merged commit 8a741c4 into master Jul 25, 2015
samrocketman added a commit that referenced this pull request Jul 25, 2015
@samrocketman
Merge PR #48 Private memberships can be used for
f1e27a6 
authorization
@samrocketman samrocketman deleted the get_private_orgs branch July 25, 2015 01:02
jamiecobbett added a commit to alphagov/ci-puppet that referenced this pull request Sep 29, 2015
@jamiecobbett
Allow private org members on Github to use CI
9e3d743 
Our CI Jenkins uses GitHub enterprise to authenticate users. This doesn't work
if your membership of the GDS organisation isn't public.

Version 0.22 adds support for these users.

See:
https://issues.jenkins-ci.org/browse/JENKINS-20845

jenkinsci/github-oauth-plugin#48
@jamiecobbett jamiecobbett mentioned this pull request Sep 29, 2015
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
github-oauth-0.22
Development

Successfully merging this pull request may close these issues.
3 participants
@samrocketman @jenkinsadmin @daniel-beck