%s",
- tooltip, Stapler.getCurrentRequest().getContextPath(), Jenkins.RESOURCE_PATH, img, label);
- } else {
+ static String formatUserGroupValidationResponse(
+ @NonNull AuthorizationType type, String user, String tooltip, boolean warning) {
+ return formatUserGroupValidationResponse(type.toString(), user, tooltip, warning);
+ }
+
+ static String formatUserGroupValidationResponse(
+ @NonNull String type, String user, String tooltip, boolean warning) {
+ String symbol;
+ switch (type) {
+ case "GROUP":
+ symbol = groupSymbol;
+ break;
+ case "alert":
+ symbol = alertSymbol;
+ break;
+ case "USER":
+ symbol = userSymbol;
+ break;
+ case "EITHER":
+ default:
+ symbol = "";
+ break;
+ }
+ if (warning) {
return String.format(
- "
%s",
- tooltip, Stapler.getCurrentRequest().getContextPath(), Jenkins.RESOURCE_PATH, img, label);
+ "%s%s%s
",
+ tooltip, warningSymbol, symbol, user);
}
+ return String.format("%s%s
", tooltip, symbol, user);
}
static FormValidation validateGroup(String groupName, SecurityRealm sr, boolean ambiguous) {
@@ -72,20 +117,29 @@ static FormValidation validateGroup(String groupName, SecurityRealm sr, boolean
try {
sr.loadGroupByGroupname2(groupName, false);
if (ambiguous) {
- return FormValidation.warningWithMarkup(formatUserGroupValidationResponse(
- "user",
- escapedSid,
- "Group found; but permissions would also be granted to a user of this name"));
+ return FormValidation.respond(
+ FormValidation.Kind.WARNING,
+ formatUserGroupValidationResponse(
+ GROUP,
+ escapedSid,
+ "Group found; but permissions would also be granted to a user of this name",
+ true));
} else {
- return FormValidation.okWithMarkup(formatUserGroupValidationResponse("user", escapedSid, "Group"));
+ return FormValidation.respond(
+ FormValidation.Kind.OK, formatUserGroupValidationResponse(GROUP, escapedSid, "Group"));
}
} catch (UserMayOrMayNotExistException2 e) {
// undecidable, meaning the group may exist
if (ambiguous) {
- return FormValidation.warningWithMarkup(formatUserGroupValidationResponse(
- "user", escapedSid, "Permissions would also be granted to a user or group of this name"));
+ return FormValidation.respond(
+ FormValidation.Kind.WARNING,
+ formatUserGroupValidationResponse(
+ GROUP,
+ escapedSid,
+ "Permissions would also be granted to a user or group of this name",
+ true));
} else {
- return FormValidation.ok(groupName);
+ return FormValidation.ok(escapedSid);
}
} catch (UsernameNotFoundException e) {
// fall through next
@@ -104,29 +158,43 @@ static FormValidation validateUser(String userName, SecurityRealm sr, boolean am
if (userName.equals(u.getFullName())) {
// Sid and full name are identical, no need for tooltip
if (ambiguous) {
- return FormValidation.warningWithMarkup(formatUserGroupValidationResponse(
- "person",
- escapedSid,
- "User found; but permissions would also be granted to a group of this name"));
+ return FormValidation.respond(
+ FormValidation.Kind.WARNING,
+ formatUserGroupValidationResponse(
+ USER,
+ escapedSid,
+ "User found; but permissions would also be granted to a group of this name",
+ true));
} else {
- return FormValidation.okWithMarkup(formatUserGroupValidationResponse("person", escapedSid, "User"));
+ return FormValidation.respond(
+ FormValidation.Kind.OK, formatUserGroupValidationResponse(USER, escapedSid, "User"));
}
}
if (ambiguous) {
- return FormValidation.warningWithMarkup(formatUserGroupValidationResponse(
- "person",
- Util.escape(StringUtils.abbreviate(u.getFullName(), 50)),
- "User " + escapedSid
- + " found, but permissions would also be granted to a group of this name"));
+ return FormValidation.respond(
+ FormValidation.Kind.WARNING,
+ formatUserGroupValidationResponse(
+ USER,
+ Util.escape(StringUtils.abbreviate(u.getFullName(), 50)),
+ "User " + escapedSid
+ + " found; but permissions would also be granted to a group of this name",
+ true));
} else {
- return FormValidation.okWithMarkup(formatUserGroupValidationResponse(
- "person", Util.escape(StringUtils.abbreviate(u.getFullName(), 50)), "User " + escapedSid));
+ return FormValidation.respond(
+ FormValidation.Kind.OK,
+ formatUserGroupValidationResponse(
+ USER, Util.escape(StringUtils.abbreviate(u.getFullName(), 50)), "User " + escapedSid));
}
} catch (UserMayOrMayNotExistException2 e) {
// undecidable, meaning the user may exist
if (ambiguous) {
- return FormValidation.warningWithMarkup(formatUserGroupValidationResponse(
- "person", escapedSid, "Permissions would also be granted to a user or group of this name"));
+ return FormValidation.respond(
+ FormValidation.Kind.WARNING,
+ formatUserGroupValidationResponse(
+ EITHER,
+ escapedSid,
+ "Permissions would also be granted to a user or group of this name",
+ true));
} else {
return FormValidation.ok(userName);
}
diff --git a/src/main/resources/hudson/security/GlobalMatrixAuthorizationStrategy/config.jelly b/src/main/resources/hudson/security/GlobalMatrixAuthorizationStrategy/config.jelly
index 845c52d7..a054cdd3 100644
--- a/src/main/resources/hudson/security/GlobalMatrixAuthorizationStrategy/config.jelly
+++ b/src/main/resources/hudson/security/GlobalMatrixAuthorizationStrategy/config.jelly
@@ -60,16 +60,16 @@ THE SOFTWARE.
+
+
-
-
- 
-
-
-
+
- ${%Add user…}
+
+ data-message-error="${%groupError}">${%Add group…}
+
+
+
diff --git a/src/main/webapp/images/unselect-all.svg b/src/main/resources/images/symbols/unselect-all.svg
similarity index 94%
rename from src/main/webapp/images/unselect-all.svg
rename to src/main/resources/images/symbols/unselect-all.svg
index bc1aeb8d..0ac2bc7c 100644
--- a/src/main/webapp/images/unselect-all.svg
+++ b/src/main/resources/images/symbols/unselect-all.svg
@@ -5,6 +5,6 @@
+
diff --git a/src/test/java/org/jenkinsci/plugins/matrixauth/Jenkins57313Test.java b/src/test/java/org/jenkinsci/plugins/matrixauth/Jenkins57313Test.java
index dc036354..5218d407 100644
--- a/src/test/java/org/jenkinsci/plugins/matrixauth/Jenkins57313Test.java
+++ b/src/test/java/org/jenkinsci/plugins/matrixauth/Jenkins57313Test.java
@@ -25,6 +25,6 @@ public void testFormValidation() throws Exception {
Assert.assertEquals(200, page.getWebResponse().getStatusCode());
String responseText = page.getWebResponse().getContentAsString();
Assert.assertTrue(responseText.contains("alice"));
- Assert.assertTrue(responseText.contains("person"));
+ Assert.assertTrue(responseText.contains("User"));
}
}
diff --git a/src/test/java/org/jenkinsci/plugins/matrixauth/ReadOnlyTest.java b/src/test/java/org/jenkinsci/plugins/matrixauth/ReadOnlyTest.java
index 4a161de1..f0c01378 100644
--- a/src/test/java/org/jenkinsci/plugins/matrixauth/ReadOnlyTest.java
+++ b/src/test/java/org/jenkinsci/plugins/matrixauth/ReadOnlyTest.java
@@ -55,7 +55,7 @@ private void assertPresentAndEditable(String configurationUrl) throws IOExceptio
"should contain add group/user button",
hasTagWithClassInPage(
page,
- "span",
+ "button",
"matrix-auth-add-button")); // Behavior.specify / makeButton converts input to button and wraps
// it in span
}
@@ -66,7 +66,7 @@ private void assertPresentAndReadOnly(String configurationUrl) throws IOExceptio
"should not contain add group/user button",
hasTagWithClassInPage(
page,
- "span",
+ "button",
"matrix-auth-add-button")); // Behavior.specify / makeButton converts input to button and wraps
// it in span
}
diff --git a/src/test/java/org/jenkinsci/plugins/matrixauth/Security2180Test.java b/src/test/java/org/jenkinsci/plugins/matrixauth/Security2180Test.java
index 0db95be8..aae33421 100644
--- a/src/test/java/org/jenkinsci/plugins/matrixauth/Security2180Test.java
+++ b/src/test/java/org/jenkinsci/plugins/matrixauth/Security2180Test.java
@@ -15,6 +15,7 @@
import hudson.model.Item;
import hudson.model.TopLevelItem;
import hudson.model.TopLevelItemDescriptor;
+import hudson.model.queue.QueueTaskFuture;
import hudson.security.ACL;
import hudson.security.AuthorizationMatrixProperty;
import hudson.security.Permission;
@@ -101,8 +102,10 @@ private void assertJobVisibility(FreeStyleProject job, boolean visibleWithFix, b
throws Exception {
final String jobUrl = job.getUrl();
// TODO robustness: check queue contents / executor status before scheduling
- job.scheduleBuild2(0, new Cause.UserIdCause("admin")).waitForStart(); // schedule one build now
- job.scheduleBuild2(0, new Cause.UserIdCause("admin")); // schedule an additional queue item
+ FreeStyleBuild build =
+ job.scheduleBuild2(0, new Cause.UserIdCause("admin")).waitForStart(); // schedule one build now
+ QueueTaskFuture future =
+ job.scheduleBuild2(0, new Cause.UserIdCause("admin")); // schedule an additional queue item
Assert.assertEquals(1, Jenkins.get().getQueue().getItems().length); // expect there to be one queue item
final JenkinsRule.WebClient webClient = j.createWebClient().withThrowExceptionOnFailingStatusCode(false);
@@ -140,6 +143,8 @@ private void assertJobVisibility(FreeStyleProject job, boolean visibleWithFix, b
}
}
} finally {
+ future.cancel(true);
+ build.doStop();
System.clearProperty(propertyName);
}
}
${%ambiguous}
diff --git a/src/main/resources/hudson/security/table.css b/src/main/resources/hudson/security/table.css
index 72580c20..91cf283a 100644
--- a/src/main/resources/hudson/security/table.css
+++ b/src/main/resources/hudson/security/table.css
@@ -38,7 +38,7 @@
.global-matrix-authorization-strategy-table .caption-row TH {
font-weight: lighter;
- padding: 0;
+ border: 1px solid #D3D7CF;
}
.global-matrix-authorization-strategy-table .caption-row TH span {
@@ -47,6 +47,8 @@
.global-matrix-authorization-strategy-table TD {
border: 1px solid #D3D7CF;
+ padding: 3px;
+ vertical-align: middle;
}
.global-matrix-authorization-strategy-table TD.left-most {
@@ -75,3 +77,47 @@
-moz-animation: highlightentry 5s;
animation: highlightentry 5s;
}
+
+.global-matrix-authorization-strategy-table .jenkins-checkbox {
+ vertical-align: middle;
+}
+
+.mas-table__cell {
+ display: flex;
+ align-items: center;
+ gap: 3px;
+}
+
+.mas-table__cell svg {
+ min-width: 16px;
+}
+
+.mas-table__cell a {
+ height: 16px;
+ color: var(--text-color)
+}
+
+.mas-table__cell a svg {
+ vertical-align: initial!important;
+}
+
+.mas-table__cell--not-found {
+ text-decoration: line-through;
+ color: var(--danger);
+ font-weight: 600;
+}
+
+.mas-table__cell-warning {
+ color: var(--warning);
+ font-weight: 600;
+}
+
+.mas-table__icon-warning {
+ color: var(--warning);
+ min-width: 24px!important;
+}
+
+.mas-table__icon-alert {
+ color: var(--danger);
+ min-width: 24px!important;
+}
diff --git a/src/main/resources/hudson/security/table.js b/src/main/resources/hudson/security/table.js
index 6d3c831c..06fd164b 100644
--- a/src/main/resources/hudson/security/table.js
+++ b/src/main/resources/hudson/security/table.js
@@ -2,7 +2,7 @@
* This handles the addition of new users/groups to the list.
*/
Behaviour.specify(".matrix-auth-add-button", 'GlobalMatrixAuthorizationStrategy', 0, function(e) {
- makeButton(e, function (e) {
+ e.onclick = function (e) {
var dataReference = e.target;
var master = document.getElementById(dataReference.getAttribute('data-table-id'));
var table = master.parentNode;
@@ -58,7 +58,7 @@ Behaviour.specify(".matrix-auth-add-button", 'GlobalMatrixAuthorizationStrategy'
});
table.appendChild(copy);
Behaviour.applySubtree(findAncestor(table,"TABLE"),true);
- });
+ }
});
/*
@@ -160,7 +160,7 @@ Behaviour.specify(".global-matrix-authorization-strategy-table TD.stop A.migrate
tr.removeAttribute('data-checked');
// remove migration buttons from updated row
- var buttonContainer = findAncestor(this, "TD");
+ var buttonContainer = findAncestor(this, "DIV");
var migrateButtons = buttonContainer.getElementsByClassName('migrate');
for (var i = migrateButtons.length - 1; i >= 0; i--) {
buttonContainer.removeChild(migrateButtons[i]);
diff --git a/src/main/webapp/images/select-all.svg b/src/main/resources/images/symbols/select-all.svg
similarity index 90%
rename from src/main/webapp/images/select-all.svg
rename to src/main/resources/images/symbols/select-all.svg
index 352d4021..6b712244 100644
--- a/src/main/webapp/images/select-all.svg
+++ b/src/main/resources/images/symbols/select-all.svg
@@ -5,7 +5,7 @@