Skip to content

Commit

Permalink
IMConnectionProvider.java: getAuthenticationHolder(): fix check for B…
Browse files Browse the repository at this point in the history
…ot user name, to exempt empty strings (lack of specific configuration) if Jenkins security setting allows that [JENKINS-72590]

Signed-off-by: Jim Klimov <jimklimov+jenkinsci@gmail.com>
  • Loading branch information
jimklimov committed Jan 22, 2024
1 parent 6017646 commit 20f7802
Showing 1 changed file with 21 additions and 6 deletions.
27 changes: 21 additions & 6 deletions src/main/java/hudson/plugins/im/IMConnectionProvider.java
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@
import java.util.logging.Level;
import java.util.logging.Logger;

import jenkins.model.Jenkins;
import org.acegisecurity.Authentication;
import org.acegisecurity.userdetails.UsernameNotFoundException;
//import org.springframework.security.core.userdetails.UsernameNotFoundException;

/**
* Abstract implementation of a provider of {@link IMConnection}s.
Expand Down Expand Up @@ -115,9 +118,15 @@ private void tryReconnect() {
// we need an additional level of indirection to the Authentication entity
// to fix HUDSON-5978 and HUDSON-5233
public synchronized AuthenticationHolder getAuthenticationHolder() {
if (descriptor == null || descriptor.getHudsonUserName() == null
|| descriptor.getHudsonUserName().isBlank()
) {
if (descriptor == null || descriptor.getHudsonUserName() == null) {
return null;
}

if (descriptor.getHudsonUserName().isBlank()) {
if (Jenkins.getInstance().isUseSecurity()) {
throw new UsernameNotFoundException(
"No local Jenkins user name is configured for instant messaging to act as");
}
return null;
}

Expand All @@ -130,9 +139,15 @@ public Authentication getAuthentication() {

// New spotbugs UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR
// just can't be quiesced, so duplicating the sanity-check here
if (descriptor == null || descriptor.getHudsonUserName() == null
|| descriptor.getHudsonUserName().isBlank()
) {
if (descriptor == null || descriptor.getHudsonUserName() == null) {
return null;
}

if (descriptor.getHudsonUserName().isBlank()) {
if (Jenkins.getInstance().isUseSecurity()) {
throw new UsernameNotFoundException(
"No local Jenkins user name is configured for instant messaging to act as");
}
return null;

Check warning on line 151 in src/main/java/hudson/plugins/im/IMConnectionProvider.java

View check run for this annotation

ci.jenkins.io / Code Coverage

Not covered lines

Lines 125-151 are not covered by tests
}

Expand Down

0 comments on commit 20f7802

Please sign in to comment.