Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-32571

Preserve original security settings after calling CLICommandInvoker.invoke()

    Details

    • Similar Issues:

      Description

      Calling CLICommandInvoker.invoke() changes Jenkins authorization as a side effect which means that many operations against Jenkins model failed later.

      It is a quite common to prepare data in Jenkins instance, call CLI command and verify the state of Jenkins model later.

      How-to reproduce:
      JenkinsRule j = new JenkinsRule();
      j.createFreeStyleProject("aProject");
      j.jenkins.getItem("aProject").getDisplayName() // OK -> 'aProject'
      CLICommandInvoker command = new CLICommandInvoker(j, "version");
      CLICommandInvoker.Result result = command.authorizedTo(Jenkins.READ).invoke();
      j.jenkins.getItem("aProject").getDisplayName() // Fail -> NPE
      
      How-to fix:
      • in CLICommandInvoker.setAuth() save current SecurityRealm, AuthorizationStrategy and thread's SecurityContext
      • in CLICommandInvoker.invoke() after result = new Result(returnCode, out, err); call a new method restoreAuth()
      • implement a new method CLICommandInvoker.restoreAuth() where SecurityRealm, AuthorizationStrategy and thread's SecurityContext is set to previously saved values

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                pajasoft Pavel Janoušek
                Reporter:
                pajasoft Pavel Janoušek
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: