├── .gitignore
├── LICENSE
├── MANIFEST.in
├── README.md
├── doc
├── Role.md
├── Rolestrategy.md
└── permission.md
├── pyjars
├── __init__.py
├── permission.py
└── rolestrategy.py
└── setup.py
/.gitignore:
--------------------------------------------------------------------------------
1 | # Byte-compiled / optimized / DLL files
2 | __pycache__/
3 | *.py[cod]
4 | *$py.class
5 |
6 | # C extensions
7 | *.so
8 |
9 | # Distribution / packaging
10 | .Python
11 | env/
12 | build/
13 | develop-eggs/
14 | dist/
15 | downloads/
16 | eggs/
17 | .eggs/
18 | lib/
19 | lib64/
20 | parts/
21 | sdist/
22 | var/
23 | wheels/
24 | *.egg-info/
25 | .installed.cfg
26 | *.egg
27 |
28 | # PyInstaller
29 | # Usually these files are written by a python script from a template
30 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
31 | *.manifest
32 | *.spec
33 |
34 | # Installer logs
35 | pip-log.txt
36 | pip-delete-this-directory.txt
37 |
38 | # Unit test / coverage reports
39 | htmlcov/
40 | .tox/
41 | .coverage
42 | .coverage.*
43 | .cache
44 | nosetests.xml
45 | coverage.xml
46 | *.cover
47 | .hypothesis/
48 |
49 | # Translations
50 | *.mo
51 | *.pot
52 |
53 | # Django stuff:
54 | *.log
55 | local_settings.py
56 |
57 | # Flask stuff:
58 | instance/
59 | .webassets-cache
60 |
61 | # Scrapy stuff:
62 | .scrapy
63 |
64 | # Sphinx documentation
65 | docs/_build/
66 |
67 | # PyBuilder
68 | target/
69 |
70 | # Jupyter Notebook
71 | .ipynb_checkpoints
72 |
73 | # pyenv
74 | .python-version
75 |
76 | # celery beat schedule file
77 | celerybeat-schedule
78 |
79 | # SageMath parsed files
80 | *.sage.py
81 |
82 | # dotenv
83 | .env
84 |
85 | # virtualenv
86 | .venv
87 | venv/
88 | ENV/
89 |
90 | # Spyder project settings
91 | .spyderproject
92 | .spyproject
93 |
94 | # Rope project settings
95 | .ropeproject
96 |
97 | # mkdocs documentation
98 | /site
99 |
100 | # mypy
101 | .mypy_cache/
102 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU GENERAL PUBLIC LICENSE
2 | Version 2, June 1991
3 |
4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
5 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
6 | Everyone is permitted to copy and distribute verbatim copies
7 | of this license document, but changing it is not allowed.
8 |
9 | Preamble
10 |
11 | The licenses for most software are designed to take away your
12 | freedom to share and change it. By contrast, the GNU General Public
13 | License is intended to guarantee your freedom to share and change free
14 | software--to make sure the software is free for all its users. This
15 | General Public License applies to most of the Free Software
16 | Foundation's software and to any other program whose authors commit to
17 | using it. (Some other Free Software Foundation software is covered by
18 | the GNU Lesser General Public License instead.) You can apply it to
19 | your programs, too.
20 |
21 | When we speak of free software, we are referring to freedom, not
22 | price. Our General Public Licenses are designed to make sure that you
23 | have the freedom to distribute copies of free software (and charge for
24 | this service if you wish), that you receive source code or can get it
25 | if you want it, that you can change the software or use pieces of it
26 | in new free programs; and that you know you can do these things.
27 |
28 | To protect your rights, we need to make restrictions that forbid
29 | anyone to deny you these rights or to ask you to surrender the rights.
30 | These restrictions translate to certain responsibilities for you if you
31 | distribute copies of the software, or if you modify it.
32 |
33 | For example, if you distribute copies of such a program, whether
34 | gratis or for a fee, you must give the recipients all the rights that
35 | you have. You must make sure that they, too, receive or can get the
36 | source code. And you must show them these terms so they know their
37 | rights.
38 |
39 | We protect your rights with two steps: (1) copyright the software, and
40 | (2) offer you this license which gives you legal permission to copy,
41 | distribute and/or modify the software.
42 |
43 | Also, for each author's protection and ours, we want to make certain
44 | that everyone understands that there is no warranty for this free
45 | software. If the software is modified by someone else and passed on, we
46 | want its recipients to know that what they have is not the original, so
47 | that any problems introduced by others will not reflect on the original
48 | authors' reputations.
49 |
50 | Finally, any free program is threatened constantly by software
51 | patents. We wish to avoid the danger that redistributors of a free
52 | program will individually obtain patent licenses, in effect making the
53 | program proprietary. To prevent this, we have made it clear that any
54 | patent must be licensed for everyone's free use or not licensed at all.
55 |
56 | The precise terms and conditions for copying, distribution and
57 | modification follow.
58 |
59 | GNU GENERAL PUBLIC LICENSE
60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
61 |
62 | 0. This License applies to any program or other work which contains
63 | a notice placed by the copyright holder saying it may be distributed
64 | under the terms of this General Public License. The "Program", below,
65 | refers to any such program or work, and a "work based on the Program"
66 | means either the Program or any derivative work under copyright law:
67 | that is to say, a work containing the Program or a portion of it,
68 | either verbatim or with modifications and/or translated into another
69 | language. (Hereinafter, translation is included without limitation in
70 | the term "modification".) Each licensee is addressed as "you".
71 |
72 | Activities other than copying, distribution and modification are not
73 | covered by this License; they are outside its scope. The act of
74 | running the Program is not restricted, and the output from the Program
75 | is covered only if its contents constitute a work based on the
76 | Program (independent of having been made by running the Program).
77 | Whether that is true depends on what the Program does.
78 |
79 | 1. You may copy and distribute verbatim copies of the Program's
80 | source code as you receive it, in any medium, provided that you
81 | conspicuously and appropriately publish on each copy an appropriate
82 | copyright notice and disclaimer of warranty; keep intact all the
83 | notices that refer to this License and to the absence of any warranty;
84 | and give any other recipients of the Program a copy of this License
85 | along with the Program.
86 |
87 | You may charge a fee for the physical act of transferring a copy, and
88 | you may at your option offer warranty protection in exchange for a fee.
89 |
90 | 2. You may modify your copy or copies of the Program or any portion
91 | of it, thus forming a work based on the Program, and copy and
92 | distribute such modifications or work under the terms of Section 1
93 | above, provided that you also meet all of these conditions:
94 |
95 | a) You must cause the modified files to carry prominent notices
96 | stating that you changed the files and the date of any change.
97 |
98 | b) You must cause any work that you distribute or publish, that in
99 | whole or in part contains or is derived from the Program or any
100 | part thereof, to be licensed as a whole at no charge to all third
101 | parties under the terms of this License.
102 |
103 | c) If the modified program normally reads commands interactively
104 | when run, you must cause it, when started running for such
105 | interactive use in the most ordinary way, to print or display an
106 | announcement including an appropriate copyright notice and a
107 | notice that there is no warranty (or else, saying that you provide
108 | a warranty) and that users may redistribute the program under
109 | these conditions, and telling the user how to view a copy of this
110 | License. (Exception: if the Program itself is interactive but
111 | does not normally print such an announcement, your work based on
112 | the Program is not required to print an announcement.)
113 |
114 | These requirements apply to the modified work as a whole. If
115 | identifiable sections of that work are not derived from the Program,
116 | and can be reasonably considered independent and separate works in
117 | themselves, then this License, and its terms, do not apply to those
118 | sections when you distribute them as separate works. But when you
119 | distribute the same sections as part of a whole which is a work based
120 | on the Program, the distribution of the whole must be on the terms of
121 | this License, whose permissions for other licensees extend to the
122 | entire whole, and thus to each and every part regardless of who wrote it.
123 |
124 | Thus, it is not the intent of this section to claim rights or contest
125 | your rights to work written entirely by you; rather, the intent is to
126 | exercise the right to control the distribution of derivative or
127 | collective works based on the Program.
128 |
129 | In addition, mere aggregation of another work not based on the Program
130 | with the Program (or with a work based on the Program) on a volume of
131 | a storage or distribution medium does not bring the other work under
132 | the scope of this License.
133 |
134 | 3. You may copy and distribute the Program (or a work based on it,
135 | under Section 2) in object code or executable form under the terms of
136 | Sections 1 and 2 above provided that you also do one of the following:
137 |
138 | a) Accompany it with the complete corresponding machine-readable
139 | source code, which must be distributed under the terms of Sections
140 | 1 and 2 above on a medium customarily used for software interchange; or,
141 |
142 | b) Accompany it with a written offer, valid for at least three
143 | years, to give any third party, for a charge no more than your
144 | cost of physically performing source distribution, a complete
145 | machine-readable copy of the corresponding source code, to be
146 | distributed under the terms of Sections 1 and 2 above on a medium
147 | customarily used for software interchange; or,
148 |
149 | c) Accompany it with the information you received as to the offer
150 | to distribute corresponding source code. (This alternative is
151 | allowed only for noncommercial distribution and only if you
152 | received the program in object code or executable form with such
153 | an offer, in accord with Subsection b above.)
154 |
155 | The source code for a work means the preferred form of the work for
156 | making modifications to it. For an executable work, complete source
157 | code means all the source code for all modules it contains, plus any
158 | associated interface definition files, plus the scripts used to
159 | control compilation and installation of the executable. However, as a
160 | special exception, the source code distributed need not include
161 | anything that is normally distributed (in either source or binary
162 | form) with the major components (compiler, kernel, and so on) of the
163 | operating system on which the executable runs, unless that component
164 | itself accompanies the executable.
165 |
166 | If distribution of executable or object code is made by offering
167 | access to copy from a designated place, then offering equivalent
168 | access to copy the source code from the same place counts as
169 | distribution of the source code, even though third parties are not
170 | compelled to copy the source along with the object code.
171 |
172 | 4. You may not copy, modify, sublicense, or distribute the Program
173 | except as expressly provided under this License. Any attempt
174 | otherwise to copy, modify, sublicense or distribute the Program is
175 | void, and will automatically terminate your rights under this License.
176 | However, parties who have received copies, or rights, from you under
177 | this License will not have their licenses terminated so long as such
178 | parties remain in full compliance.
179 |
180 | 5. You are not required to accept this License, since you have not
181 | signed it. However, nothing else grants you permission to modify or
182 | distribute the Program or its derivative works. These actions are
183 | prohibited by law if you do not accept this License. Therefore, by
184 | modifying or distributing the Program (or any work based on the
185 | Program), you indicate your acceptance of this License to do so, and
186 | all its terms and conditions for copying, distributing or modifying
187 | the Program or works based on it.
188 |
189 | 6. Each time you redistribute the Program (or any work based on the
190 | Program), the recipient automatically receives a license from the
191 | original licensor to copy, distribute or modify the Program subject to
192 | these terms and conditions. You may not impose any further
193 | restrictions on the recipients' exercise of the rights granted herein.
194 | You are not responsible for enforcing compliance by third parties to
195 | this License.
196 |
197 | 7. If, as a consequence of a court judgment or allegation of patent
198 | infringement or for any other reason (not limited to patent issues),
199 | conditions are imposed on you (whether by court order, agreement or
200 | otherwise) that contradict the conditions of this License, they do not
201 | excuse you from the conditions of this License. If you cannot
202 | distribute so as to satisfy simultaneously your obligations under this
203 | License and any other pertinent obligations, then as a consequence you
204 | may not distribute the Program at all. For example, if a patent
205 | license would not permit royalty-free redistribution of the Program by
206 | all those who receive copies directly or indirectly through you, then
207 | the only way you could satisfy both it and this License would be to
208 | refrain entirely from distribution of the Program.
209 |
210 | If any portion of this section is held invalid or unenforceable under
211 | any particular circumstance, the balance of the section is intended to
212 | apply and the section as a whole is intended to apply in other
213 | circumstances.
214 |
215 | It is not the purpose of this section to induce you to infringe any
216 | patents or other property right claims or to contest validity of any
217 | such claims; this section has the sole purpose of protecting the
218 | integrity of the free software distribution system, which is
219 | implemented by public license practices. Many people have made
220 | generous contributions to the wide range of software distributed
221 | through that system in reliance on consistent application of that
222 | system; it is up to the author/donor to decide if he or she is willing
223 | to distribute software through any other system and a licensee cannot
224 | impose that choice.
225 |
226 | This section is intended to make thoroughly clear what is believed to
227 | be a consequence of the rest of this License.
228 |
229 | 8. If the distribution and/or use of the Program is restricted in
230 | certain countries either by patents or by copyrighted interfaces, the
231 | original copyright holder who places the Program under this License
232 | may add an explicit geographical distribution limitation excluding
233 | those countries, so that distribution is permitted only in or among
234 | countries not thus excluded. In such case, this License incorporates
235 | the limitation as if written in the body of this License.
236 |
237 | 9. The Free Software Foundation may publish revised and/or new versions
238 | of the General Public License from time to time. Such new versions will
239 | be similar in spirit to the present version, but may differ in detail to
240 | address new problems or concerns.
241 |
242 | Each version is given a distinguishing version number. If the Program
243 | specifies a version number of this License which applies to it and "any
244 | later version", you have the option of following the terms and conditions
245 | either of that version or of any later version published by the Free
246 | Software Foundation. If the Program does not specify a version number of
247 | this License, you may choose any version ever published by the Free Software
248 | Foundation.
249 |
250 | 10. If you wish to incorporate parts of the Program into other free
251 | programs whose distribution conditions are different, write to the author
252 | to ask for permission. For software which is copyrighted by the Free
253 | Software Foundation, write to the Free Software Foundation; we sometimes
254 | make exceptions for this. Our decision will be guided by the two goals
255 | of preserving the free status of all derivatives of our free software and
256 | of promoting the sharing and reuse of software generally.
257 |
258 | NO WARRANTY
259 |
260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
268 | REPAIR OR CORRECTION.
269 |
270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
278 | POSSIBILITY OF SUCH DAMAGES.
279 |
280 | END OF TERMS AND CONDITIONS
281 |
282 | How to Apply These Terms to Your New Programs
283 |
284 | If you develop a new program, and you want it to be of the greatest
285 | possible use to the public, the best way to achieve this is to make it
286 | free software which everyone can redistribute and change under these terms.
287 |
288 | To do so, attach the following notices to the program. It is safest
289 | to attach them to the start of each source file to most effectively
290 | convey the exclusion of warranty; and each file should have at least
291 | the "copyright" line and a pointer to where the full notice is found.
292 |
293 | {description}
294 | Copyright (C) {year} {fullname}
295 |
296 | This program is free software; you can redistribute it and/or modify
297 | it under the terms of the GNU General Public License as published by
298 | the Free Software Foundation; either version 2 of the License, or
299 | (at your option) any later version.
300 |
301 | This program is distributed in the hope that it will be useful,
302 | but WITHOUT ANY WARRANTY; without even the implied warranty of
303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
304 | GNU General Public License for more details.
305 |
306 | You should have received a copy of the GNU General Public License along
307 | with this program; if not, write to the Free Software Foundation, Inc.,
308 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
309 |
310 | Also add information on how to contact you by electronic and paper mail.
311 |
312 | If the program is interactive, make it output a short notice like this
313 | when it starts in an interactive mode:
314 |
315 | Gnomovision version 69, Copyright (C) year name of author
316 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
317 | This is free software, and you are welcome to redistribute it
318 | under certain conditions; type `show c' for details.
319 |
320 | The hypothetical commands `show w' and `show c' should show the appropriate
321 | parts of the General Public License. Of course, the commands you use may
322 | be called something other than `show w' and `show c'; they could even be
323 | mouse-clicks or menu items--whatever suits your program.
324 |
325 | You should also get your employer (if you work as a programmer) or your
326 | school, if any, to sign a "copyright disclaimer" for the program, if
327 | necessary. Here is a sample; alter the names:
328 |
329 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program
330 | `Gnomovision' (which makes passes at compilers) written by James Hacker.
331 |
332 | {signature of Ty Coon}, 1 April 1989
333 | Ty Coon, President of Vice
334 |
335 | This General Public License does not permit incorporating your program into
336 | proprietary programs. If your program is a subroutine library, you may
337 | consider it more useful to permit linking proprietary applications with the
338 | library. If this is what you want to do, use the GNU Lesser General
339 | Public License instead of this License.
340 |
--------------------------------------------------------------------------------
/MANIFEST.in:
--------------------------------------------------------------------------------
1 | include *.md
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # jenkins-role-strategy-api-python **Pyjars**
2 | API python from Jenkins Plugin - Role Strategy Plugin - https://github.com/jenkinsci/role-strategy-plugin
3 |
4 | ## /!\ This API version is BETA /!\
5 | ----------
6 |
7 | ## I. Introduction
8 |
9 | This API allow to manage Role from [Role Strategy Plugin](https://github.com/jenkinsci/role-strategy-plugin)
10 |
11 | > Author: Le Gall Guillaume \
12 |
13 | > Date: 09/2017 | Based: python3
14 |
15 |
16 | This API python allow to :
17 |
18 | - Create **Role** *Role is (globalRoles, projectRoles, slaveRoles)*
19 |
20 | - Delete Role
21 |
22 | - Assign User/Group to Role
23 |
24 | - Unassign User/Group to Role
25 |
26 | - Unassign All User/Group to Role
27 |
28 | - Unassign User/Group from All Roles
29 |
30 | - Get All User/Group from Role
31 |
32 | - Custom permission easy to make
33 |
34 | Todo:
35 |
36 | - [x] setup.py **Most Important**
37 |
38 | - [ ] Get Role **(know his permissions), Role Strategy Plugin to modify**
39 |
40 | - [ ] *maybe your request*
41 |
42 |
43 | ----------
44 |
45 | ## II. Installation
46 |
47 |
48 | ```bash
49 | $ pip install .
50 | ```
51 |
52 | **or**
53 |
54 | ```bash
55 | $ python3 setup.py install
56 | ```
57 |
58 |
59 | ----------
60 |
61 | ## III. Python DEV
62 |
63 |
64 | ### a. Create function
65 |
66 | **Example:**
67 |
68 | ```python
69 |
70 | from pyjars import RoleStrategy, permission, Role
71 |
72 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
73 |
74 | new_role = Role(rs, 'globalRoles', 'builder')
75 |
76 | agentPerm = permission.AgentPermission()
77 | agentPerm.Build = True
78 |
79 | jobPerm = permission.JobPermission()
80 | jobPerm.Build = True
81 |
82 | new_role.add_permission([jobPerm, agentPerm])
83 |
84 | response = new_role.create(pattern=None)
85 | if response.status_code == 200:
86 | print('created successfully')
87 | else:
88 | print('Failed create role')
89 |
90 | ```
91 |
92 | ### b. Delete function
93 |
94 | **Example:**
95 |
96 | ```python
97 |
98 | from pyjars import RoleStrategy, Role
99 |
100 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
101 |
102 | builder_role = Role(rs, 'globalRoles', 'builder')
103 |
104 | response = builder_role.delete()
105 | if response.status_code == 200:
106 | print('deleted successfully')
107 | else:
108 | print('Failed delete role')
109 |
110 | ```
111 |
112 | ### c. Assign function
113 |
114 | **Example:**
115 |
116 | ```python
117 |
118 | from pyjars import RoleStrategy, Role
119 |
120 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
121 |
122 | builder_role = Role(rs, 'globalRoles', 'builder')
123 |
124 | response = builder_role.assign_sid('username_or_group')
125 | if response.status_code == 200:
126 | print('Assign successfully')
127 | else:
128 | print('Failed assign role')
129 |
130 | ```
131 |
132 | ### d. Unassign function
133 |
134 | **Example:**
135 |
136 | ```python
137 |
138 | from pyjars import RoleStrategy, Role
139 |
140 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
141 |
142 | builder_role = Role(rs, 'globalRoles', 'builder')
143 |
144 | response = builder_role.unassign_sid('username_or_group')
145 | if response.status_code == 200:
146 | print('Unassign successfully')
147 | else:
148 | print('Failed unassign role')
149 |
150 | ```
151 |
152 | ### e. Unassign All function
153 |
154 | **Example:**
155 |
156 | ```python
157 |
158 | from pyjars import RoleStrategy, Role
159 |
160 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
161 |
162 | builder_role = Role(rs, 'globalRoles', 'builder')
163 |
164 | response = builder_role.unassign_all()
165 | if response.status_code == 200:
166 | print('Unassign all user/group successfully')
167 | else:
168 | print('Failed unassign all user/group role')
169 |
170 | ```
171 |
172 | ### f. list user/group from role function
173 |
174 | **Example:**
175 |
176 | ```python
177 |
178 | from pyjars import RoleStrategy, Role
179 |
180 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
181 |
182 | builder_role = Role(rs, 'globalRoles', 'builder')
183 |
184 | members = builder_role.list_sid()
185 | if members:
186 | print('list of members is:', members)
187 | else:
188 | print('There are no members')
189 |
190 | ```
191 |
192 | ### g. Permissions
193 |
194 | > **Agent Permission:** *AgentPermission()*
195 | > - Create
196 | > - Build
197 | > - Configure
198 | > - Connect
199 | > - Delete
200 | > - Disconnect
201 | > - Provision
202 |
203 | > **Job Permission:** *JobPermission()*
204 | > - Build
205 | > - Cancel
206 | > - Configure
207 | > - Create
208 | > - Delete
209 | > - Discover
210 | > - Move
211 | > - Read
212 | > - Workspace
213 |
214 | > **Run Permission:** *RunPermission()*
215 | > - Artifacts
216 | > - Delete
217 | > - Replay
218 | > - Update
219 |
220 | > **View Permission:** *ViewPermission()*
221 | > - Configure
222 | > - Create
223 | > - Delete
224 | > - Read
225 |
226 | > **Scm Permission:** *ScmPermission()*
227 | > - Tag
228 |
229 | > **Credential Permission:** *CredentialPermission()*
230 | > - Create
231 | > - Delete
232 | > - ManageDomains
233 | > - Update
234 | > - View
235 |
236 | > **Overall Permission:** *OverallPermission()*
237 | > - Administer
238 | > - Read
239 |
240 | ```python
241 |
242 | overPerm = OverallPermission()
243 | overPerm.Administer = True
244 |
245 | overPerm.attributes
246 | #---------Result-------
247 | {
248 | 'Administer': True,
249 | 'Read': False
250 | }
251 | #---------Result-------
252 |
253 | overPerm.get_true_permission()
254 | #---------Result-------
255 | ['hudson.model.Hudson.Administer']
256 | #---------Result-------
257 |
258 | overPerm.get_false_permission()
259 | #---------Result-------
260 | ['hudson.model.Hudson.Read']
261 | #---------Result-------
262 | ```
263 |
--------------------------------------------------------------------------------
/doc/Role.md:
--------------------------------------------------------------------------------
1 | ## Role
2 | ----------
3 |
4 |
5 | ### Import
6 | ----------
7 |
8 |
9 | ```python
10 | from pyjars import Role
11 | ```
12 |
13 |
14 | ### Create Role
15 | ----------
16 |
17 | We'll create a role named builder
18 |
19 | ```python
20 |
21 | from pyjars import RoleStrategy, permission, Role
22 |
23 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
24 |
25 | new_role = Role(rs, 'globalRoles', 'builder')
26 |
27 | agentPerm = permission.AgentPermission()
28 | agentPerm.Build = True
29 |
30 | jobPerm = permission.JobPermission()
31 | jobPerm.Build = True
32 |
33 | new_role.add_permission([jobPerm, agentPerm])
34 |
35 | response = new_role.create(pattern=None)
36 | if response.status_code == 200:
37 | print('created successfully')
38 | else:
39 | print('Failed create role')
40 |
41 | ```
42 |
43 |
44 | ### Delete Role
45 | ----------
46 |
47 | We'll delete a role named builder
48 |
49 | ```python
50 |
51 | from pyjars import RoleStrategy, permission, Role
52 |
53 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
54 |
55 | new_role = Role(rs, 'globalRoles', 'builder')
56 | response = new_role.delete()
57 | if response.status_code == 200:
58 | print('deleted successfully')
59 | else:
60 | print('Failed deleted role')
61 |
62 | ```
63 |
64 | ### Functions & Attributes
65 | ----------
66 |
67 | ```python
68 | new_role = Role(rs, 'globalRoles', 'builder')
69 | agent_perm = permission.AgentPermission()
70 | agent_perm.Build = True
71 | new_role.add_permission(agent_perm)
72 | new_role.create()
73 | ```
74 | > ***Result:***
75 | > ```python
76 | True or False
77 | ```
78 |
79 | ```python
80 | new_role = Role(rs, 'globalRoles', 'builder')
81 | agent_perm = permission.AgentPermission()
82 | agent_perm.Build = True
83 | new_role.remove_permission(agent_perm)
84 | new_role.save()
85 | ```
86 | > ***Result:***
87 | > ```python
88 | True or False
89 | ```
90 |
91 | ```python
92 | new_role = Role(rs, 'globalRoles', 'builder')
93 | new_role.assign_sid('username_or_group')
94 | new_role.save()
95 | ```
96 | > ***Result:***
97 | > ```python
98 | True or False
99 | ```
100 |
101 | ```python
102 | new_role = Role(rs, 'globalRoles', 'builder')
103 | new_role.unassign_sid('username_or_group')
104 | new_role.save()
105 | ```
106 | > ***Result:***
107 | > ```python
108 | True or False
109 | ```
110 |
111 | ```python
112 | new_role = Role(rs, 'globalRoles', 'builder')
113 | new_role.unassign_all()
114 | new_role.save()
115 | ```
116 | > ***Result:***
117 | > ```python
118 | True or False
119 | ```
120 |
121 | ```python
122 | new_role = Role(rs, 'globalRoles', 'builder')
123 | new_role.list_sid()
124 | ```
125 | > ***Result:***
126 | > ```python
127 | ['group1', 'username1', 'user2]
128 | ```
129 |
130 | ```python
131 | new_role = Role(rs, 'globalRoles', 'builder')
132 | agent_perm = permission.AgentPermission()
133 | agent_perm.Build = True
134 | run_perm = permission.RunPermission()
135 | run_perm.Replay = True
136 | new_role.add_permission([agent_perm, run_perm])
137 | new_role.save()
138 | new_role.list_permission()
139 | ```
140 | > ***Result:***
141 | > ```python
142 | [
143 | pyjars.permission.RunPermission, pyjars.permission.AgentPermission
144 | ]
145 | ```
146 |
147 | ### Example
148 | ----------
149 |
150 | > We'll create creator into globalRoles
151 |
152 | ```python
153 | from pyjars import RoleStrategy, Role, permission
154 |
155 | agent_perm = permission.AgentPermission()
156 | agent_perm.Create = True
157 | agent_perm.Delete = True
158 |
159 | job_perm = JobPermission()
160 | job_perm.Create = True
161 | job_perm.Delete = True
162 |
163 | run_perm = RunPermission()
164 | run_perm.Delete = True
165 |
166 | view_perm = ViewPermission()
167 | view_perm.Create = True
168 | view_perm.Delete = True
169 |
170 | credential_perm = CredentialPermission()
171 | credential_perm.Create = True
172 | credential_perm.Delete = True
173 |
174 | set_permission = [agent_perm, job_perm, run_perm, view_perm, credential_perm]
175 |
176 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
177 |
178 | creator_role = Role(rs, 'globalRoles', 'creator')
179 |
180 | response = creator_role.add_permission(set_permission)
181 |
182 | ```
183 | ``response is object``
184 |
185 |
--------------------------------------------------------------------------------
/doc/Rolestrategy.md:
--------------------------------------------------------------------------------
1 | ## RoleStrategy
2 | ----------
3 |
4 |
5 | ### Import
6 | ----------
7 |
8 |
9 | ```python
10 | from pyjars import RoleStrategy
11 | ```
12 |
13 |
14 | ### Start Connection
15 | ----------
16 |
17 | ```python
18 |
19 | from pyjars import RoleStrategy
20 |
21 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
22 | ```
23 |
24 | *ssl_cert is path/to/your/cert.crt*
25 |
26 |
27 | ### Exception
28 | ----------
29 |
30 | RoleStrategy function can raise a PyjarsException:
31 |
32 | - message *string*
33 |
34 | - status code *int*
35 |
36 | - data *dict*
37 |
--------------------------------------------------------------------------------
/doc/permission.md:
--------------------------------------------------------------------------------
1 | ## Permission
2 | ----------
3 |
4 |
5 | ### Import
6 | ----------
7 |
8 |
9 | ```python
10 | from pyjars import permission
11 | ```
12 |
13 |
14 | ### Permission Type
15 | ----------
16 |
17 | **Agent Permission:** *AgentPermission()*
18 | > - Create
19 | > - Build
20 | > - Configure
21 | > - Connect
22 | > - Delete
23 | > - Disconnect
24 | > - Provision
25 |
26 | **Job Permission:** *JobPermission()*
27 | > - Build
28 | > - Cancel
29 | > - Configure
30 | > - Create
31 | > - Delete
32 | > - Discover
33 | > - Move
34 | > - Read
35 | > - Workspace
36 |
37 | **Run Permission:** *RunPermission()*
38 | > - Artifacts
39 | > - Delete
40 | > - Replay
41 | > - Update
42 |
43 | **View Permission:** *ViewPermission()*
44 | > - Configure
45 | > - Create
46 | > - Delete
47 | > - Read
48 |
49 | **Scm Permission:** *ScmPermission()*
50 | > - Tag
51 |
52 | **Credential Permission:** *CredentialPermission()*
53 | > - Create
54 | > - Delete
55 | > - ManageDomains
56 | > - Update
57 | > - View
58 |
59 | **Overall Permission:** *OverallPermission()*
60 | > - Administer
61 | > - Read
62 |
63 | ```python
64 | from pyjars import permission
65 |
66 | agent_perm = permission.AgentPermission()
67 | job_perm = JobPermission()
68 | run_perm = RunPermission()
69 | view_perm = ViewPermission()
70 | scm_perm = ScmPermission()
71 | credential_perm = CredentialPermission()
72 | overall_perm = OverallPermission()
73 | ```
74 |
75 | ### Functions & Attributes
76 | ----------
77 |
78 | ```python
79 | agent_perm = permission.AgentPermission()
80 | agent_perm.Build = True
81 | agent_perm.attributes
82 | ```
83 | > ***Result:***
84 | > ```python
85 | {'Build': True,
86 | 'Configure': False,
87 | 'Connect': False,
88 | 'Create': False,
89 | 'Delete': False,
90 | 'Disconnect': False,
91 | 'Provision': False}
92 | ```
93 |
94 | ```python
95 | agent_perm.get_true_permission()
96 | ```
97 | > ***Result:***
98 | > ```python
99 | 'hudson.model.Computer.Build'
100 | ```
101 |
102 | ```python
103 | agent_perm.get_false_permission()
104 | ```
105 | > ***Result:***
106 | > ```python
107 | 'hudson.model.Computer.Configure,hudson.model.Computer.Delete,
108 | hudson.model.Computer.Disconnect,hudson.model.Computer.Provision,
109 | hudson.model.Computer.Connect,hudson.model.Computer.Create'
110 | ```
111 |
112 | ```python
113 | agent_perm.get_details()
114 | ```
115 | > ***Result:***
116 | > ```python
117 | [hudson.model.Computer.Build]
118 | ```
119 |
120 | ### Example
121 | ----------
122 |
123 | > We'll create creator into globalRoles
124 |
125 | ```python
126 | from pyjars import RoleStrategy, Role, permission
127 |
128 | agent_perm = permission.AgentPermission()
129 | agent_perm.Create = True
130 | agent_perm.Delete = True
131 |
132 | job_perm = JobPermission()
133 | job_perm.Create = True
134 | job_perm.Delete = True
135 |
136 | run_perm = RunPermission()
137 | run_perm.Delete = True
138 |
139 | view_perm = ViewPermission()
140 | view_perm.Create = True
141 | view_perm.Delete = True
142 |
143 | credential_perm = CredentialPermission()
144 | credential_perm.Create = True
145 | credential_perm.Delete = True
146 |
147 | set_permission = [agent_perm, job_perm, run_perm, view_perm, credential_perm]
148 |
149 | rs = RoleStrategy('https://127.0.0.1:8080', 'admin', 'azerty123', ssl_verify=True, ssl_cert=None)
150 |
151 | creator_role = Role(rs, 'globalRoles', 'creator')
152 |
153 | response = creator_role.add_permission(set_permission)
154 |
155 | ```
156 | ``response is object``
157 |
158 |
--------------------------------------------------------------------------------
/pyjars/__init__.py:
--------------------------------------------------------------------------------
1 | from .rolestrategy import Role, RoleStrategy
2 | from .rolestrategy import PyjarsException
3 | from .permission import *
4 | __version__ = '0.0.1'
5 |
--------------------------------------------------------------------------------
/pyjars/permission.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 | """Permissions For Jenkins Roles"""
3 |
4 | __all__ = [
5 | "JobPermission", "ViewPermission", "RunPermission", "AgentPermission",
6 | "ScmPermission", "CredentialPermission", "OverallPermission"
7 | ]
8 |
9 |
10 | class PermissionModel:
11 | def __init__(self):
12 | self._base = ''
13 | self.attributes = {}
14 |
15 | def __getattr__(self, attr):
16 | try:
17 | super().__getattribute__(attr)
18 | except AttributeError:
19 | try:
20 | return self.attributes[attr]
21 | except KeyError:
22 | raise AttributeError
23 |
24 | def __setattr__(self, attr, value):
25 | try:
26 | if attr in self.attributes:
27 | self.attributes[attr] = value
28 | return
29 | except:
30 | pass
31 | super().__setattr__(attr, value)
32 |
33 | def attributes(self):
34 | return self.attributes
35 |
36 | def get_true_permission(self):
37 | return ','.join(self.get_details())
38 |
39 | def get_false_permission(self):
40 | return ','.join([
41 | '{}.{}'.format(self._base, perm)
42 | for perm, value in self.attributes.items() if value == False
43 | ])
44 |
45 | def get_details(self):
46 | return [
47 | '{}.{}'.format(self._base, perm)
48 | for perm, value in self.attributes.items() if value == True
49 | ]
50 |
51 |
52 | class JobPermission(PermissionModel):
53 | def __init__(self):
54 | self._base = 'hudson.model.Item'
55 | self.attributes = dict(
56 | Build=False,
57 | Cancel=False,
58 | Configure=False,
59 | Create=False,
60 | Delete=False,
61 | Discover=False,
62 | Move=False,
63 | Read=False,
64 | Workspace=False)
65 |
66 |
67 | class ViewPermission(PermissionModel):
68 | def __init__(self):
69 | self._base = 'hudson.model.View'
70 | self.attributes = dict(
71 | Configure=False, Create=False, Delete=False, Read=False)
72 |
73 |
74 | class RunPermission(PermissionModel):
75 | def __init__(self):
76 | self._base = 'hudson.model.Run'
77 | self.attributes = dict(
78 | Artifacts=False, Delete=False, Replay=False, Update=False)
79 |
80 |
81 | class AgentPermission(PermissionModel):
82 | def __init__(self):
83 | self._base = 'hudson.model.Computer'
84 | self.attributes = dict(
85 | Create=False,
86 | Build=False,
87 | Configure=False,
88 | Connect=False,
89 | Delete=False,
90 | Disconnect=False,
91 | Provision=False)
92 |
93 |
94 | class ScmPermission(PermissionModel):
95 | def __init__(self):
96 | self._base = 'hudson.scm.SCM'
97 | self.attributes = dict(Tag=False)
98 |
99 |
100 | class CredentialPermission(PermissionModel):
101 | def __init__(self):
102 | self._base = 'com.cloudbees.plugins.credentials.CredentialsProvider'
103 | self.attributes = dict(
104 | Create=False,
105 | Delete=False,
106 | ManageDomains=False,
107 | Update=False,
108 | View=False)
109 |
110 |
111 | class OverallPermission(PermissionModel):
112 | def __init__(self):
113 | self._base = 'hudson.model.Hudson'
114 | self.attributes = dict(Administer=False, Read=False)
115 |
--------------------------------------------------------------------------------
/pyjars/rolestrategy.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 | """Management Role Strategy Plugin from Jenkins with Python"""
3 |
4 | import logging
5 | import requests
6 |
7 |
8 | def convert_string(convert):
9 | if not convert:
10 | return ''
11 | if isinstance(convert, list):
12 | return ','.join(convert)
13 | return convert
14 |
15 |
16 | class RoleStrategy(object):
17 | def __init__(self, url, login, password, ssl_verify=True, ssl_cert=None):
18 | if 'http' not in url:
19 | raise PyjarsException('Missing http or https', 400, dict(url=url))
20 | if url[-1:] == '/':
21 | url = url[-1:]
22 | self._url = url + '/role-strategy/strategy'
23 | self._session = self._connect(login, password, ssl_verify, ssl_cert)
24 | crumb = self._get(
25 | url +
26 | '/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)'
27 | )
28 | #if there are no crumb we don't need this below
29 | if crumb.status_code == 200:
30 | head = crumb.text.split(':')
31 | self._session.headers = {str(head[0]): str(head[1])}
32 | if not self.is_connected():
33 | raise PyjarsException('Authentification Failed', 401,
34 | dict(
35 | login=login,
36 | password='****',
37 | url=url,
38 | ssl=ssl_verify,
39 | cert=ssl_cert))
40 |
41 | def is_connected(self):
42 | return self._get(self._url + '/getAllRoles').status_code == 200
43 |
44 | def _connect(self, login, password, ssl_verify, ssl_cert, header=None):
45 | _s = requests.Session()
46 | _s.auth = (login, password)
47 | _s.cert = ssl_cert
48 | _s.verify = ssl_verify
49 | _s.headers = header
50 | return _s
51 |
52 | def _post(self, api_url, data):
53 | """Return requests.models.Response"""
54 | return self._session.post(api_url, data=data)
55 |
56 | def _get(self, api_url, data=None):
57 | """Return requests.models.Response"""
58 | return self._session.get(api_url, params=data)
59 |
60 | def _delete(self, api_url):
61 | """Return requests.models.Response"""
62 | return self._session.delete(api_url, data=data)
63 |
64 | def Unassign_sid_from_all(self, type, sid):
65 | url = self._url + '/deleteSid'
66 | data = dict(
67 | type=type,
68 | sid=sid, )
69 | return self._post(url, data=data)
70 |
71 |
72 | class Role:
73 | def __init__(self, parent, type, roleName):
74 | self.type = type
75 | self.roleName = roleName
76 | self._parent = parent
77 | self._permissions = []
78 |
79 | def create(self, pattern=None):
80 | url = self._parent._url + '/addRole'
81 | data = dict(
82 | type=self.type,
83 | roleName=self.roleName,
84 | permissionIds=','.join(self.details_permission()),
85 | overwrite=True, )
86 | if pattern:
87 | data['pattern'] = pattern
88 | return self._parent._post(url, data=data)
89 |
90 | def add_permission(self, permissionModel):
91 | permission = permissionModel
92 | if not isinstance(permission, list):
93 | permission = [permission]
94 | ref_ret = []
95 | for perm in permission:
96 | has_perm = self.has_permissionModel(perm)
97 | if has_perm:
98 | self._permissions = list(
99 | set(self._permissions) - set([has_perm]))
100 | self._permissions.append(perm)
101 | ref_ret += [perm in self._permissions]
102 | return all(ref_ret)
103 |
104 | def remove_permission(self, permissionModel):
105 | permission = permissionModel
106 | if not isinstance(permission, list):
107 | permission = [permission]
108 | ref_ret = []
109 | for perm in permission:
110 | has_perm = has_permissionModel(perm)
111 | if has_perm:
112 | self._permissions = list(
113 | set(self._permissions) - set([has_perm]))
114 | ref_ret += [perm not in self._permissions]
115 | return all(ref_ret)
116 |
117 | def details_permission(self, permissionModel=None):
118 | if not permissionModel:
119 | return [per.get_true_permission() for per in self._permissions]
120 | else:
121 | return permissionModel.get_details()
122 |
123 | def has_permissionModel(self, permissionModel):
124 | if self._permissions:
125 | for perm in self.list_permission():
126 | if perm._base == permissionModel._base:
127 | return perm._base
128 | return None
129 |
130 | def list_permission(self):
131 | return self._permissions
132 |
133 | def delete(self):
134 | url = self._parent._url + '/removeRoles'
135 | data = dict(type=self.type, roleNames=self.roleName)
136 | return self._parent._post(url, data=data)
137 |
138 | def assign_sid(self, sid):
139 | url = self._parent._url + '/assignRole'
140 | data = dict(
141 | type=self.type,
142 | roleName=self.roleName,
143 | sid=convert_string(sid), )
144 | return self._parent._post(url, data=data)
145 |
146 | def unassign_sid(self, sid):
147 | url = self._parent._url + '/unassignRole'
148 | data = dict(
149 | type=self.type,
150 | roleName=self.roleName,
151 | sid=convert_string(sid), )
152 | return self._parent._post(url, data=data)
153 |
154 | def unassign_all(self):
155 | ref_ret = []
156 | for us_gr in self.list_sid():
157 | ref_ret += [self.unassign_sid(us_gr).status_code == 200]
158 | return all(ref_ret)
159 |
160 | def list_sid(self):
161 | url = self._parent._url + '/getAllRoles'
162 | query = self._parent._get(url)
163 | if query.status_code != 200:
164 | query.raise_for_status()
165 | try:
166 | return query.json()[self.roleName]
167 | except KeyError:
168 | return []
169 |
170 |
171 | class PyjarsException(Exception):
172 | def __init__(self, message, code, data):
173 | self.error = dict(
174 | message=message,
175 | status_code=code,
176 | data=data, )
177 |
--------------------------------------------------------------------------------
/setup.py:
--------------------------------------------------------------------------------
1 | from setuptools import setup, find_packages
2 |
3 | version = '0.0.1'
4 |
5 | setup(
6 | name='pyjars',
7 | version=version,
8 | author='Guillaume Le Gall',
9 | author_email='glegall@wyplay.com',
10 | packages=find_packages(),
11 | install_requires=[
12 | 'requests'
13 | ]
14 | )
15 |
--------------------------------------------------------------------------------