[JENKINS-58244] https://issues.jenkins-ci.org/browse/JENKINS-58244 (#193

) * [JENKINS-58244] https://issues.jenkins-ci.org/browse/JENKINS-58244 Signed-off-by: olivier lamy <olamy@apache.org> * move dependency-check-maven:check to a profile as it is just a big pain... Signed-off-by: olivier lamy <olamy@apache.org>
jenkinsci · Jun 28, 2019 · f076bd1 · f076bd1
1 parent bec6405
commit f076bd1
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 14 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -9,7 +9,7 @@ install:
   - mvn clean test-compile -DskipTests=true -Dmaven.javadoc.skip=true --batch-mode -V
 after_success:
   - mvn coveralls:report --batch-mode
-  - mvn -P enable-jacoco install jacoco:report --batch-mode
+  - mvn -P enable-jacoco install jacoco:report --batch-mode -P owasp
   - mvn -DskipTests=true verify
 
 before_cache:

diff --git a/pom.xml b/pom.xml
@@ -56,6 +56,25 @@
         </plugins>
       </build>
     </profile>
+    <profile>
+      <id>owasp</id>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-maven</artifactId>
+            <version>${owasp.version}</version>
+            <executions>
+              <execution>
+                <goals>
+                  <goal>check</goal>
+                </goals>
+              </execution>
+            </executions>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
   </profiles>
 
   <scm>
@@ -153,18 +172,6 @@
           </execution>
         </executions>
       </plugin>
-      <plugin>
-        <groupId>org.owasp</groupId>
-        <artifactId>dependency-check-maven</artifactId>
-        <version>${owasp.version}</version>
-        <executions>
-          <execution>
-            <goals>
-              <goal>check</goal>
-            </goals>
-          </execution>
-        </executions>
-      </plugin>
       <!-- spotbugs is defined in parent plugin-pom but overriding some things here -->
       <plugin>
        <groupId>com.github.spotbugs</groupId>

diff --git a/src/main/java/hudson/plugins/jira/JiraSite.java b/src/main/java/hudson/plugins/jira/JiraSite.java
@@ -36,6 +36,7 @@
 import hudson.plugins.jira.model.JiraIssue;
 import hudson.security.ACL;
 import hudson.security.AccessControlled;
+import hudson.security.Permission;
 import hudson.util.FormValidation;
 import hudson.util.ListBoxModel;
 import hudson.util.Secret;
@@ -1201,7 +1202,7 @@ public FormValidation doValidate(@QueryParameter String url,
 
         public ListBoxModel doFillCredentialsIdItems(@AncestorInPath ItemGroup context, @QueryParameter String url) {
             AccessControlled _context = (context instanceof AccessControlled ? (AccessControlled) context : Jenkins.getInstance());
-            if (_context == null || !_context.hasPermission(Jenkins.ADMINISTER)) {
+            if (_context == null || !_context.hasPermission(Item.CONFIGURE)) {
                 return new StandardUsernameListBoxModel();
             }
 

diff --git a/src/test/java/hudson/plugins/jira/DescriptorImplTest.java b/src/test/java/hudson/plugins/jira/DescriptorImplTest.java
@@ -82,6 +82,7 @@ public void doFillCredentialsIdItems() throws IOException {
         MockAuthorizationStrategy as = new MockAuthorizationStrategy();
         as.grant(Jenkins.ADMINISTER).everywhere().to("admin");
         as.grant(Item.READ).onItems(dummy).to("alice");
+        as.grant(Item.CONFIGURE).onItems(dummy).to("dev");
         r.jenkins.setAuthorizationStrategy(as);
 
         try (ACLContext ignored = ACL.as(User.get("admin"))) {
@@ -102,6 +103,10 @@ public void doFillCredentialsIdItems() throws IOException {
             ListBoxModel options = r.jenkins.getDescriptorByType(JiraSite.DescriptorImpl.class).doFillCredentialsIdItems(dummy, "http://example.org");
             assertThat(options, empty());
         }
+        try (ACLContext ignored = ACL.as(User.get("dev"))) {
+            ListBoxModel options = r.jenkins.getDescriptorByType(JiraSite.DescriptorImpl.class).doFillCredentialsIdItems(dummy, "http://example.org");
+            assertThat(options, hasSize(2));
+        }
     }
 
 }