diff --git a/src/main/java/org/jenkinsci/plugins/workflow/multibranch/BranchJobProperty.java b/src/main/java/org/jenkinsci/plugins/workflow/multibranch/BranchJobProperty.java index 2a24573b..4f8bf3c0 100644 --- a/src/main/java/org/jenkinsci/plugins/workflow/multibranch/BranchJobProperty.java +++ b/src/main/java/org/jenkinsci/plugins/workflow/multibranch/BranchJobProperty.java @@ -33,7 +33,7 @@ import hudson.security.Permission; import hudson.util.AlternativeUiTextProvider; import jenkins.branch.Branch; -import org.acegisecurity.Authentication; +import org.springframework.security.core.Authentication; import org.jenkinsci.plugins.workflow.job.WorkflowJob; import org.jenkinsci.plugins.workflow.job.WorkflowJobProperty; import org.kohsuke.stapler.export.Exported; @@ -64,10 +64,10 @@ synchronized void setBranch(@NonNull Branch branch) { @NonNull @Override public ACL decorateACL(@NonNull final ACL acl) { return new ACL() { - @Override public boolean hasPermission(@NonNull Authentication a, @NonNull Permission permission) { + @Override public boolean hasPermission2(@NonNull Authentication a, @NonNull Permission permission) { // This project is managed by its parent and may not be directly configured or deleted by users. // Note that Item.EXTENDED_READ may still be granted, so you can still see Snippet Generator, etc. - if (ACL.SYSTEM.equals(a)) { + if (ACL.SYSTEM2.equals(a)) { return true; // e.g., ComputedFolder.updateChildren } else if (permission == Item.CONFIGURE) { return false; @@ -75,7 +75,7 @@ synchronized void setBranch(@NonNull Branch branch) { // allow early manual clean-up of dead branches return false; } else { - return acl.hasPermission(a, permission); + return acl.hasPermission2(a, permission); } } }; diff --git a/src/test/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinderTest.java b/src/test/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinderTest.java index f18d4227..1699c113 100644 --- a/src/test/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinderTest.java +++ b/src/test/java/org/jenkinsci/plugins/workflow/multibranch/SCMBinderTest.java @@ -51,7 +51,7 @@ import jenkins.scm.api.SCMSourceDescriptor; import static org.hamcrest.Matchers.*; -import org.acegisecurity.Authentication; +import org.springframework.security.core.Authentication; import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval; import org.jenkinsci.plugins.workflow.job.WorkflowJob; import org.jenkinsci.plugins.workflow.job.WorkflowRun; @@ -166,8 +166,8 @@ public static void assertRevisionAction(WorkflowRun build) { r.waitUntilNoActivity(); WorkflowRun b1 = p.getLastBuild(); assertEquals(1, b1.getNumber()); - Authentication auth = User.getById("dev", true).impersonate(); - assertFalse(p.getACL().hasPermission(auth, Item.DELETE)); + Authentication auth = User.getById("dev", true).impersonate2(); + assertFalse(p.getACL().hasPermission2(auth, Item.DELETE)); assertTrue(p.isBuildable()); sampleGitRepo.git("checkout", "master"); sampleGitRepo.git("branch", "-D", "feature"); @@ -181,7 +181,7 @@ public static void assertRevisionAction(WorkflowRun build) { mp.scheduleBuild2(0).getFuture().get(); WorkflowMultiBranchProjectTest.showIndexing(mp); assertEquals(2, mp.getItems().size()); - assertTrue(p.getACL().hasPermission(auth, Item.DELETE)); + assertTrue(p.getACL().hasPermission2(auth, Item.DELETE)); assertFalse(p.isBuildable()); mp.setOrphanedItemStrategy(new DefaultOrphanedItemStrategy(true, "", "0")); mp.scheduleBuild2(0).getFuture().get(); diff --git a/src/test/java/org/jenkinsci/plugins/workflow/multibranch/WorkflowMultiBranchProjectFactoryTest.java b/src/test/java/org/jenkinsci/plugins/workflow/multibranch/WorkflowMultiBranchProjectFactoryTest.java index ac0b4a72..6563c7c7 100644 --- a/src/test/java/org/jenkinsci/plugins/workflow/multibranch/WorkflowMultiBranchProjectFactoryTest.java +++ b/src/test/java/org/jenkinsci/plugins/workflow/multibranch/WorkflowMultiBranchProjectFactoryTest.java @@ -35,7 +35,7 @@ import jenkins.branch.OrganizationFolder; import jenkins.plugins.git.GitSampleRepoRule; import jenkins.scm.api.SCMSource; -import org.acegisecurity.Authentication; +import org.springframework.security.core.Authentication; import static org.hamcrest.Matchers.*; import org.jenkinsci.plugins.workflow.job.WorkflowJob; import org.jenkinsci.plugins.workflow.job.WorkflowRun; @@ -81,18 +81,18 @@ public class WorkflowMultiBranchProjectFactoryTest { assertEquals(1, sources.size()); assertEquals("GitSCMSource", sources.get(0).getClass().getSimpleName()); // Verify permissions: - Authentication admin = User.getById("admin", true).impersonate(); + Authentication admin = User.getById("admin", true).impersonate2(); ACL acl = one.getACL(); - assertTrue(acl.hasPermission(ACL.SYSTEM, Item.CONFIGURE)); - assertTrue(acl.hasPermission(ACL.SYSTEM, Item.DELETE)); - assertFalse(acl.hasPermission(admin, Item.CONFIGURE)); - assertFalse(acl.hasPermission(admin, View.CONFIGURE)); - assertFalse(acl.hasPermission(admin, View.CREATE)); - assertFalse(acl.hasPermission(admin, View.DELETE)); - assertFalse(acl.hasPermission(admin, Item.DELETE)); - assertTrue(acl.hasPermission(admin, Item.EXTENDED_READ)); - assertTrue(acl.hasPermission(admin, Item.READ)); - assertTrue(acl.hasPermission(admin, View.READ)); + assertTrue(acl.hasPermission2(ACL.SYSTEM2, Item.CONFIGURE)); + assertTrue(acl.hasPermission2(ACL.SYSTEM2, Item.DELETE)); + assertFalse(acl.hasPermission2(admin, Item.CONFIGURE)); + assertFalse(acl.hasPermission2(admin, View.CONFIGURE)); + assertFalse(acl.hasPermission2(admin, View.CREATE)); + assertFalse(acl.hasPermission2(admin, View.DELETE)); + assertFalse(acl.hasPermission2(admin, Item.DELETE)); + assertTrue(acl.hasPermission2(admin, Item.EXTENDED_READ)); + assertTrue(acl.hasPermission2(admin, Item.READ)); + assertTrue(acl.hasPermission2(admin, View.READ)); // Check that the master branch project works: r.waitUntilNoActivity(); WorkflowJob p = WorkflowMultiBranchProjectTest.findBranchProject((WorkflowMultiBranchProject) one, "master");