[JIRA] (JENKINS-13190) Add ACLPermissionOverride Extension Point to grant additional permissions to an ACL regardless of the AuthorizationStrategy being used

Wed, 21 Mar 2012 18:44:35 -0700 

    [ 
https://issues.jenkins-ci.org/browse/JENKINS-13190?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=160594#comment-160594
 ] 

Michael O'Cleirigh edited comment on JENKINS-13190 at 3/22/12 1:42 AM:
-----------------------------------------------------------------------

Added pull request:
https://github.com/jenkinsci/jenkins/pull/412

I have tested this using the github-oauth-plugin and it works.

This is my initial implementation using this extension:
https://github.com/mocleiri/github-oauth-plugin/commit/28d9114bb10fecf6fb1bb33114b45604d0b20487
                
      was (Author: mocleiri):
    Added pull request:
https://github.com/jenkinsci/jenkins/pull/412

I have tested this using the github-oauth-plugin and it works.

This is my initial implementation using this extension:
https://github.com/mocleiri/github-oauth-plugin/tree/acl-jenkins-support
                  
> Add ACLPermissionOverride Extension Point to grant additional permissions to 
> an ACL regardless of the AuthorizationStrategy being used
> --------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: JENKINS-13190
>                 URL: https://issues.jenkins-ci.org/browse/JENKINS-13190
>             Project: Jenkins
>          Issue Type: Improvement
>          Components: core
>            Reporter: Michael O'Cleirigh
>            Priority: Minor
>              Labels: jenkins
>
> For the github-oauth-plugin people want to use the existing 
> GlobalMatrixAuthorizationStrategy and enable things like the github-webhook 
> callback.  Currently I have my own AuthorizationStrategy that supports these 
> extra callback URL's but I want to be able to transparently support them 
> without caring which specific AuthorizationStrategy is being used.  
> My solution is to add a new extension point into Jenkins that is invoked at 
> the base ACL class that checks if any ACLPermissionOverride extensions want 
> to grant the permission before the ACL checks its own authorization logic.
> For the github-oauth-plugin it means that I can add in these extra URL's 
> allow options into my SecurityRealm and then get them applied before the 
> GlobalMatrixAuthorizationStrategy's ACL logic is used.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to