Adjust approval rules

* command now gets implicitly approved only if manually edited by admin
jenkinsci · May 18, 2022 · c158b7b · c158b7b
1 parent 86de048
commit c158b7b
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 7 deletions.
diff --git a/src/main/java/hudson/slaves/CommandConnector.java b/src/main/java/hudson/slaves/CommandConnector.java
@@ -23,20 +23,26 @@
  */
 package hudson.slaves;
 
+import edu.umd.cs.findbugs.annotations.NonNull;
+import edu.umd.cs.findbugs.annotations.Nullable;
 import hudson.EnvVars;
 import hudson.Extension;
 import hudson.Util;
 import hudson.model.TaskListener;
 import hudson.util.FormValidation;
 import java.io.IOException;
-import jenkins.model.Jenkins;
+
+import net.sf.json.JSONObject;
+import org.apache.commons.lang.StringUtils;
 import org.jenkinsci.Symbol;
 import org.jenkinsci.plugins.command_launcher.Messages;
 import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext;
 import org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval;
 import org.jenkinsci.plugins.scriptsecurity.scripts.languages.SystemCommandLanguage;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.Stapler;
+import org.kohsuke.stapler.StaplerRequest;
 
 /**
  * Executes a program on the controller and expect that script to connect.
@@ -50,7 +56,7 @@ public class CommandConnector extends ComputerConnector {
     public CommandConnector(String command) {
         this.command = command;
         // TODO add withKey if we can determine the Cloud.name being configured
-        ScriptApproval.get().configuring(command, SystemCommandLanguage.get(), ApprovalContext.create().withCurrentUser(), true);
+        ScriptApproval.get().configuring(command, SystemCommandLanguage.get(), ApprovalContext.create().withCurrentUser(), Stapler.getCurrentRequest() == null);
     }
 
     private Object readResolve() {
@@ -66,16 +72,30 @@ public CommandLauncher launch(String host, TaskListener listener) throws IOExcep
 
     @Extension @Symbol("command")
     public static class DescriptorImpl extends ComputerConnectorDescriptor {
+        @Override
+        public ComputerConnector newInstance(@Nullable StaplerRequest req, @NonNull JSONObject formData) throws FormException {
+            CommandConnector instance = (CommandConnector) super.newInstance(req, formData);
+            if (formData.get("oldCommand") != null) {
+                String oldCommand = formData.getString("oldCommand");
+                boolean approveIfAdmin = !StringUtils.equals(oldCommand, instance.command);
+                if (approveIfAdmin) {
+                    ScriptApproval.get().configuring(instance.command, SystemCommandLanguage.get(),
+                            ApprovalContext.create().withCurrentUser(), true);
+                }
+            }
+            return instance;
+        }
+
         @Override
         public String getDisplayName() {
             return Messages.CommandLauncher_displayName();
         }
 
-        public FormValidation doCheckCommand(@QueryParameter String value) {
+        public FormValidation doCheckCommand(@QueryParameter String value, @QueryParameter String oldCommand) {
             if (Util.fixEmptyAndTrim(value) == null) {
                 return FormValidation.error(Messages.CommandLauncher_NoLaunchCommand());
             } else {
-                return ScriptApproval.get().checking(value, SystemCommandLanguage.get(), Jenkins.get().hasPermission(Jenkins.ADMINISTER));
+                return ScriptApproval.get().checking(value, SystemCommandLanguage.get(), !StringUtils.equals(value, oldCommand));
             }
         }
 

diff --git a/src/main/java/hudson/slaves/CommandLauncher.java b/src/main/java/hudson/slaves/CommandLauncher.java
@@ -23,6 +23,8 @@
  */
 package hudson.slaves;
 
+import edu.umd.cs.findbugs.annotations.NonNull;
+import edu.umd.cs.findbugs.annotations.Nullable;
 import hudson.AbortException;
 import hudson.EnvVars;
 import hudson.Extension;
@@ -40,6 +42,7 @@
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import jenkins.model.Jenkins;
+import net.sf.json.JSONObject;
 import org.apache.commons.lang.StringUtils;
 import org.jenkinsci.Symbol;
 import org.jenkinsci.plugins.scriptsecurity.scripts.ApprovalContext;
@@ -48,6 +51,8 @@
 import org.jenkinsci.plugins.scriptsecurity.scripts.languages.SystemCommandLanguage;
 import org.kohsuke.stapler.DataBoundConstructor;
 import org.kohsuke.stapler.QueryParameter;
+import org.kohsuke.stapler.Stapler;
+import org.kohsuke.stapler.StaplerRequest;
 
 /**
  * {@link ComputerLauncher} through a remote login mechanism like ssh/rsh.
@@ -79,7 +84,7 @@ public CommandLauncher(String command) {
         agentCommand = command;
         env = null;
         // TODO add withKey if we can determine the Slave.nodeName being configured
-        ScriptApproval.get().configuring(command, SystemCommandLanguage.get(), ApprovalContext.create().withCurrentUser(), true);
+        ScriptApproval.get().configuring(command, SystemCommandLanguage.get(), ApprovalContext.create().withCurrentUser(), Stapler.getCurrentRequest() == null);
     }
 
     /** Constructor for programmatic use. Always approves the script.
@@ -220,15 +225,29 @@ private static void reportProcessTerminated(Process proc, TaskListener listener)
 
     @Extension @Symbol("command")
     public static class DescriptorImpl extends Descriptor<ComputerLauncher> {
+
+        @Override
+        public ComputerLauncher newInstance(@Nullable StaplerRequest req, @NonNull JSONObject formData) throws FormException {
+            CommandLauncher instance = (CommandLauncher) super.newInstance(req, formData);
+            if (formData.get("oldCommand") != null) {
+                String oldCommand = formData.getString("oldCommand");
+                boolean approveIfAdmin = !StringUtils.equals(oldCommand, instance.agentCommand);
+                if (approveIfAdmin) {
+                    ScriptApproval.get().configuring(instance.agentCommand, SystemCommandLanguage.get(),
+                            ApprovalContext.create().withCurrentUser(), true);
+                }
+            }
+            return instance;
+        }
         public String getDisplayName() {
             return org.jenkinsci.plugins.command_launcher.Messages.CommandLauncher_displayName();
         }
 
-        public FormValidation doCheckCommand(@QueryParameter String value) {
+        public FormValidation doCheckCommand(@QueryParameter String value, @QueryParameter String oldCommand) {
             if(Util.fixEmptyAndTrim(value)==null)
                 return FormValidation.error(org.jenkinsci.plugins.command_launcher.Messages.CommandLauncher_NoLaunchCommand());
             else
-                return ScriptApproval.get().checking(value, SystemCommandLanguage.get(), Jenkins.get().hasPermission(Jenkins.ADMINISTER));
+                return ScriptApproval.get().checking(value, SystemCommandLanguage.get(), !StringUtils.equals(value, oldCommand));
         }
     }
 }
diff --git a/src/main/resources/hudson/slaves/CommandConnector/config.jelly b/src/main/resources/hudson/slaves/CommandConnector/config.jelly
@@ -24,6 +24,7 @@ THE SOFTWARE.
 
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+  <input type="hidden" name="oldCommand" value="${instance.command}"/>
   <f:entry title="${%Launch command}" field="command">
     <f:textbox />
   </f:entry>

diff --git a/src/main/resources/hudson/slaves/CommandLauncher/config.jelly b/src/main/resources/hudson/slaves/CommandLauncher/config.jelly
@@ -24,6 +24,7 @@ THE SOFTWARE.
 
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
+  <input type="hidden" name="oldCommand" value="${instance.command}"/>
   <f:entry title="${%Launch command}" field="command">
     <f:textbox />
   </f:entry>