Jenkins Groovy从Project Matrix授权策略中删除用户访问权限 [英] Jenkins Groovy Remove user access from Project Matrix Authorization Strategy
问题描述
我们正在使用基于项目的矩阵授权策略,并且在Manage Jenkins->配置全局安全性->授权->为用户提供适当的访问权限下为用户提供访问权限.
We are using Project-Based Matrix Authorization Strategy and users are given access under Manage Jenkins -> Configure Global Security -> Authorization -> Users are provided appropriate accesses.
我们也在文件夹级别提供用户访问权限.
We are providing user accesses at the folder level as well.
使用下面的代码,我可以删除用户访问权限,
Using below code I am able to remove user access,
def amp = folder.getProperties().get(AuthorizationMatrixProperty.class)
def op = amp.grantedPermissions
// Code to remove permissions for user from Set
这很好.但是对于管理詹金斯权限,我在下面的行出现错误,
This works fine. But for manage jenkins permissions, I am getting error at below line,
def amp = Jenkins.instance.getAuthorizationStrategy()
def op = amp.grantedPermissions
groovy.lang.MissingPropertyException: No such property: grantedPermissions for class: hudson.security.ProjectMatrixAuthorizationStrategy
问题是我如何使用Groovy(仅)从管理Jenkins"设置中删除用户?
Question is how I can remove users from Manage Jenkins settings using Groovy (only) ?
我也研究了 ProjectMatrixAuthorizationStrategy javadoc,但无法找不到任何可以帮助的东西.
I looked into the ProjectMatrixAuthorizationStrategy javadoc as well, but couldn't find anything which can help.
对此表示感谢.
推荐答案
据我所知,没有单个方法调用可以从Job中删除用户/权限.我写了以下方法,因为我有数百个工作,并且删除旧用户非常耗时.我在一些测试工作中成功使用了以下内容.我已经合并了扩展选择参数插件来选择用户,该常规脚本作为价值来源"
As far as I was able to determine there is no single method call that will remove a user/permissions from a Job. I wrote the following method because I have hundreds of jobs and deleting old users was time consuming. I successfully used the following on a few test jobs. I have incorporated the Extended Choice Parameter Plugin to Select a user, with this groovy script as "Source for Value"
import hudson.security.*
import jenkins.security.*
import jenkins.model.Jenkins
def sids = Jenkins.instance.authorizationStrategy.getAllSIDs()
return sids
在构建"部分中;
def removeAMP(Job jobName, user ) {
println jobName.name.center(80,'-')
def authorizationMatrixProperty = jobName.getProperty(AuthorizationMatrixProperty.class)
Map<Permission,Set<String>> Permissions = authorizationMatrixProperty.getGrantedPermissions()
println "Permission Map Before: " + Permissions + cr
println "Permission Values: " + Permissions.values() + cr
for (Set<String> permissionUsers:Permissions.values()) {
permissionUsers.remove(user)
}
println "Permission Map After: " + Permissions + cr
jobName.save();
}
testJobList = [ "TESTJOBA", "TESTJOBB" ]
testJobList.each {
jobName = hudson.model.Hudson.instance.getItem(it);
removeAMP(jobName, user)
输出:
------------------------------------TESTJOBA------------------------------------
Permission Map Before: [Permission[interface hudson.model.Item,Read]:[bob,fred], Permission[interface hudson.model.Item,ExtendedRead]:[bob,fred], Permission[interface hudson.model.Item,Discover]:[bob,fred], Permission[interface hudson.model.Item,Build]:[bob,fred], Permission[interface hudson.model.Item,Cancel]:[bob,fred], Permission[interface hudson.model.Item,Workspace]:[bob,fred]]
Permission Values: [[bob,fred], [bob,fred], [bob,fred], [bob,fred], [bob,fred], [bob,fred]]
Permission Map After: [Permission[interface hudson.model.Item,Read]:[bob], Permission[interface hudson.model.Item,ExtendedRead]:[bob], Permission[interface hudson.model.Item,Discover]:[bob], Permission[interface hudson.model.Item,Build]:[bob], Permission[interface hudson.model.Item,Cancel]:[bob], Permission[interface hudson.model.Item,Workspace]:[bob]]
这篇关于Jenkins Groovy从Project Matrix授权策略中删除用户访问权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!