mirror of https://github.com/jenkinsci/jenkins.git
Removing `throws IOException, ServletException` from most `Permission`-related methods in `Functions`; deleting `adminCheck` (#10844)
This commit is contained in:
Kris Stern
GitHub
commit
184e9d2efa
|
|
@ -41,7 +41,6 @@ import hudson.model.Computer;
|
|||
import hudson.model.Describable;
|
||||
import hudson.model.Descriptor;
|
||||
import hudson.model.DescriptorVisibilityFilter;
|
||||
import hudson.model.Hudson;
|
||||
import hudson.model.Item;
|
||||
import hudson.model.ItemGroup;
|
||||
import hudson.model.Items;
|
||||
|
|
@ -97,11 +96,9 @@ import hudson.util.jna.GNUCLibrary;
|
|||
import hudson.views.MyViewsTabBar;
|
||||
import hudson.views.ViewsTabBar;
|
||||
import hudson.widgets.RenderOnDemandClosure;
|
||||
import io.jenkins.servlet.ServletExceptionWrapper;
|
||||
import io.jenkins.servlet.http.CookieWrapper;
|
||||
import io.jenkins.servlet.http.HttpServletRequestWrapper;
|
||||
import io.jenkins.servlet.http.HttpServletResponseWrapper;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.http.Cookie;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
|
|
@ -190,8 +187,6 @@ import org.kohsuke.stapler.RawHtmlArgument;
|
|||
import org.kohsuke.stapler.Stapler;
|
||||
import org.kohsuke.stapler.StaplerRequest;
|
||||
import org.kohsuke.stapler.StaplerRequest2;
|
||||
import org.kohsuke.stapler.StaplerResponse;
|
||||
import org.kohsuke.stapler.StaplerResponse2;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
|
||||
/**
|
||||
|
|
@ -921,11 +916,11 @@ public class Functions {
|
|||
return buf.toString();
|
||||
}
|
||||
|
||||
public static void checkPermission(Permission permission) throws IOException, ServletException {
|
||||
public static void checkPermission(Permission permission) {
|
||||
checkPermission(Jenkins.get(), permission);
|
||||
}
|
||||
|
||||
public static void checkPermission(AccessControlled object, Permission permission) throws IOException, ServletException {
|
||||
public static void checkPermission(AccessControlled object, Permission permission) {
|
||||
if (permission != null) {
|
||||
object.checkPermission(permission);
|
||||
}
|
||||
|
|
@ -936,7 +931,7 @@ public class Functions {
|
|||
* degrades gracefully if "it" is not an {@link AccessControlled} object.
|
||||
* Otherwise it will perform no check and that problem is hard to notice.
|
||||
*/
|
||||
public static void checkPermission(Object object, Permission permission) throws IOException, ServletException {
|
||||
public static void checkPermission(Object object, Permission permission) {
|
||||
if (permission == null)
|
||||
return;
|
||||
|
||||
|
|
@ -961,7 +956,7 @@ public class Functions {
|
|||
* @param permission
|
||||
* If null, returns true. This defaulting is convenient in making the use of this method terse.
|
||||
*/
|
||||
public static boolean hasPermission(Permission permission) throws IOException, ServletException {
|
||||
public static boolean hasPermission(Permission permission) {
|
||||
return hasPermission(Jenkins.get(), permission);
|
||||
}
|
||||
|
||||
|
|
@ -969,7 +964,7 @@ public class Functions {
|
|||
* This version is so that the 'hasPermission' can degrade gracefully
|
||||
* if "it" is not an {@link AccessControlled} object.
|
||||
*/
|
||||
public static boolean hasPermission(Object object, Permission permission) throws IOException, ServletException {
|
||||
public static boolean hasPermission(Object object, Permission permission) {
|
||||
if (permission == null)
|
||||
return true;
|
||||
if (object instanceof AccessControlled)
|
||||
|
|
@ -986,36 +981,6 @@ public class Functions {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @since 2.475
|
||||
*/
|
||||
public static void adminCheck(StaplerRequest2 req, StaplerResponse2 rsp, Object required, Permission permission) throws IOException, ServletException {
|
||||
// this is legacy --- all views should be eventually converted to
|
||||
// the permission based model.
|
||||
if (required != null && !Hudson.adminCheck(StaplerRequest.fromStaplerRequest2(req), StaplerResponse.fromStaplerResponse2(rsp))) {
|
||||
// check failed. commit the FORBIDDEN response, then abort.
|
||||
rsp.setStatus(HttpServletResponse.SC_FORBIDDEN);
|
||||
rsp.getOutputStream().close();
|
||||
throw new ServletException("Unauthorized access");
|
||||
}
|
||||
|
||||
// make sure the user owns the necessary permission to access this page.
|
||||
if (permission != null)
|
||||
checkPermission(permission);
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated use {@link #adminCheck(StaplerRequest2, StaplerResponse2, Object, Permission)}
|
||||
*/
|
||||
@Deprecated
|
||||
public static void adminCheck(StaplerRequest req, StaplerResponse rsp, Object required, Permission permission) throws IOException, javax.servlet.ServletException {
|
||||
try {
|
||||
adminCheck(StaplerRequest.toStaplerRequest2(req), StaplerResponse.toStaplerResponse2(rsp), required, permission);
|
||||
} catch (ServletException e) {
|
||||
throw ServletExceptionWrapper.fromJakartaServletException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Infers the hudson installation URL from the given request.
|
||||
*
|
||||
|
|
@ -1298,7 +1263,7 @@ public class Functions {
|
|||
*
|
||||
* @since 2.238
|
||||
*/
|
||||
public static boolean hasAnyPermission(Object object, Permission[] permissions) throws IOException, ServletException {
|
||||
public static boolean hasAnyPermission(Object object, Permission[] permissions) {
|
||||
if (permissions == null || permissions.length == 0) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -1336,7 +1301,7 @@ public class Functions {
|
|||
* degrades gracefully if "it" is not an {@link AccessControlled} object.
|
||||
* Otherwise it will perform no check and that problem is hard to notice.
|
||||
*/
|
||||
public static void checkAnyPermission(Object object, Permission[] permissions) throws IOException, ServletException {
|
||||
public static void checkAnyPermission(Object object, Permission[] permissions) {
|
||||
if (permissions == null || permissions.length == 0) {
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -42,7 +42,6 @@ import io.jenkins.servlet.ServletContextWrapper;
|
|||
import io.jenkins.servlet.ServletExceptionWrapper;
|
||||
import jakarta.servlet.ServletContext;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.text.NumberFormat;
|
||||
|
|
@ -51,7 +50,6 @@ import java.util.List;
|
|||
import jenkins.model.Jenkins;
|
||||
import org.jvnet.hudson.reactor.ReactorException;
|
||||
import org.kohsuke.stapler.QueryParameter;
|
||||
import org.kohsuke.stapler.Stapler;
|
||||
import org.kohsuke.stapler.StaplerRequest;
|
||||
import org.kohsuke.stapler.StaplerResponse;
|
||||
import org.kohsuke.stapler.interceptor.RequirePOST;
|
||||
|
|
@ -293,27 +291,6 @@ public class Hudson extends Jenkins {
|
|||
return Platform.isDarwin();
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated since 2007-12-18.
|
||||
* Use {@link #checkPermission(hudson.security.Permission)}
|
||||
*/
|
||||
@Deprecated
|
||||
public static boolean adminCheck() throws IOException {
|
||||
return adminCheck(Stapler.getCurrentRequest(), Stapler.getCurrentResponse());
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated since 2007-12-18.
|
||||
* Use {@link #checkPermission(hudson.security.Permission)}
|
||||
*/
|
||||
@Deprecated
|
||||
public static boolean adminCheck(StaplerRequest req, StaplerResponse rsp) throws IOException {
|
||||
if (isAdmin(req)) return true;
|
||||
|
||||
rsp.sendError(HttpServletResponse.SC_FORBIDDEN);
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if the current user (for which we are processing the current request)
|
||||
* has the admin access.
|
||||
|
|
|
|||
Loading…
Reference in New Issue