jenkinsci · masterzen · Mar 13, 2018 · jglick · Apr 11, 2018 · masterzen
@@ -102,7 +102,7 @@ public ACL getACL(@Nonnull AbstractItem item) {
 
     @Nonnull
     public ACL getACL(@Nonnull Job<?,?> job) {
-        if(job instanceof WorkflowJob && job.getProperty(BranchJobProperty.class) != null || job instanceof AbstractProject) {
+        if(job instanceof WorkflowJob || job instanceof AbstractProject) {
             GithubRequireOrganizationMembershipACL githubACL = (GithubRequireOrganizationMembershipACL) getRootACL();
             return githubACL.cloneForProject(job);
         } else {

@@ -283,7 +283,11 @@ private String getRepositoryName() {
         Describable scm = null;
         if (this.item instanceof WorkflowJob) {
             WorkflowJob project = (WorkflowJob) item;
-            scm = project.getProperty(BranchJobProperty.class).getBranch().getScm();
+            if (project.getProperty(BranchJobProperty.class) != null) {
+                scm = project.getProperty(BranchJobProperty.class).getBranch().getScm();
+            } else {
+                scm = project.getTypicalSCM();
+            }
         } else if (this.item instanceof MultiBranchProject) {
             MultiBranchProject project = (MultiBranchProject) item;
             scm = (SCMSource) project.getSCMSources().get(0);

@@ -243,7 +243,7 @@ private Project mockProject(String url) {
         PowerMockito.when(userRemoteConfig.getUrl()).thenReturn(url);
         return project;
     }
-    private WorkflowJob mockWorkflowJob(String url) {
+    private WorkflowJob mockWorkflowBranchJob(String url) {
         WorkflowJob project = PowerMockito.mock(WorkflowJob.class);
         GitSCM gitSCM = PowerMockito.mock(GitSCM.class);
         Branch branch = PowerMockito.mock(Branch.class);
@@ -257,6 +257,17 @@ private WorkflowJob mockWorkflowJob(String url) {
         PowerMockito.when(userRemoteConfig.getUrl()).thenReturn(url);
         return project;
     }
+    private WorkflowJob mockWorkflowJob(String url) {
+        WorkflowJob project = PowerMockito.mock(WorkflowJob.class);
+        GitSCM gitSCM = PowerMockito.mock(GitSCM.class);
+        Branch branch = PowerMockito.mock(Branch.class);
+        UserRemoteConfig userRemoteConfig = PowerMockito.mock(UserRemoteConfig.class);
+        List<UserRemoteConfig> userRemoteConfigs = Arrays.asList(userRemoteConfig);
+        PowerMockito.when(project.getTypicalSCM()).thenReturn(gitSCM);
+        PowerMockito.when(gitSCM.getUserRemoteConfigs()).thenReturn(userRemoteConfigs);
+        PowerMockito.when(userRemoteConfig.getUrl()).thenReturn(url);
+        return project;
+    }
 
     private MultiBranchProject mockMultiBranchProject(String url) {
         WorkflowMultiBranchProject multiBranchProject = PowerMockito.mock(WorkflowMultiBranchProject.class);
@@ -276,14 +287,18 @@ public void testCanReadAndBuildOneOfMyRepositories() throws IOException {
         String repoUrl = "https://github.com/me/a-repo.git";
         Project mockProject = mockProject(repoUrl);
         MultiBranchProject mockMultiBranchProject = mockMultiBranchProject(repoUrl);
+        WorkflowJob mockWorkflowBranchJob = mockWorkflowBranchJob(repoUrl);
         WorkflowJob mockWorkflowJob = mockWorkflowJob(repoUrl);
+        GithubRequireOrganizationMembershipACL workflowJobBranchAcl = aclForWorkflowJob(mockWorkflowBranchJob);
         GithubRequireOrganizationMembershipACL workflowJobAcl = aclForWorkflowJob(mockWorkflowJob);
         GithubRequireOrganizationMembershipACL multiBranchProjectAcl = aclForMultiBranchProject(mockMultiBranchProject);
         GithubRequireOrganizationMembershipACL projectAcl = aclForProject(mockProject);
         GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com");
 
         assertTrue(projectAcl.hasPermission(authenticationToken, Item.READ));
         assertTrue(projectAcl.hasPermission(authenticationToken, Item.BUILD));
+        assertTrue(workflowJobBranchAcl.hasPermission(authenticationToken, Item.READ));
+        assertTrue(workflowJobBranchAcl.hasPermission(authenticationToken, Item.BUILD));
         assertTrue(workflowJobAcl.hasPermission(authenticationToken, Item.READ));
         assertTrue(workflowJobAcl.hasPermission(authenticationToken, Item.BUILD));
         assertTrue(multiBranchProjectAcl.hasPermission(authenticationToken, Item.READ));
@@ -305,7 +320,9 @@ public void testCanReadAndBuildOrgRepositoryICollaborateOn() throws IOException
         String repoUrl = "https://github.com/some-org/a-private-repo.git";
         Project mockProject = mockProject(repoUrl);
         MultiBranchProject mockMultiBranchProject = mockMultiBranchProject(repoUrl);
+        WorkflowJob mockWorkflowBranchJob = mockWorkflowBranchJob(repoUrl);
         WorkflowJob mockWorkflowJob = mockWorkflowJob(repoUrl);
+        GithubRequireOrganizationMembershipACL workflowJobBranchAcl = aclForWorkflowJob(mockWorkflowBranchJob);
         GithubRequireOrganizationMembershipACL workflowJobAcl = aclForWorkflowJob(mockWorkflowJob);
         GithubRequireOrganizationMembershipACL multiBranchProjectAcl = aclForMultiBranchProject(mockMultiBranchProject);
         GithubRequireOrganizationMembershipACL projectAcl = aclForProject(mockProject);
@@ -336,7 +353,9 @@ public void testCanReadAndBuildOtherOrgPrivateRepositoryICollaborateOn() throws
         String repoUrl = "https://github.com/org-i-dont-belong-to/a-private-repo-i-collaborate-on.git";
         Project mockProject = mockProject(repoUrl);
         MultiBranchProject mockMultiBranchProject = mockMultiBranchProject(repoUrl);
+        WorkflowJob mockWorkflowBranchJob = mockWorkflowBranchJob(repoUrl);
         WorkflowJob mockWorkflowJob = mockWorkflowJob(repoUrl);
+        GithubRequireOrganizationMembershipACL workflowJobBranchAcl = aclForWorkflowJob(mockWorkflowBranchJob);
         GithubRequireOrganizationMembershipACL workflowJobAcl = aclForWorkflowJob(mockWorkflowJob);
         GithubRequireOrganizationMembershipACL multiBranchProjectAcl = aclForMultiBranchProject(mockMultiBranchProject);
         GithubRequireOrganizationMembershipACL projectAcl = aclForProject(mockProject);
@@ -347,6 +366,8 @@ public void testCanReadAndBuildOtherOrgPrivateRepositoryICollaborateOn() throws
         assertTrue(projectAcl.hasPermission(authenticationToken, Item.BUILD));
         assertTrue(multiBranchProjectAcl.hasPermission(authenticationToken, Item.READ));
         assertTrue(multiBranchProjectAcl.hasPermission(authenticationToken, Item.BUILD));
+        assertTrue(workflowJobBranchAcl.hasPermission(authenticationToken, Item.READ));
+        assertTrue(workflowJobBranchAcl.hasPermission(authenticationToken, Item.BUILD));
         assertTrue(workflowJobAcl.hasPermission(authenticationToken, Item.READ));
         assertTrue(workflowJobAcl.hasPermission(authenticationToken, Item.BUILD));
     }
@@ -359,7 +380,9 @@ public void testCanNotReadOrBuildRepositoryIDoNotCollaborateOn() throws IOExcept
         String repoUrl = "https://github.com/some-org/another-private-repo.git";
         Project mockProject = mockProject(repoUrl);
         MultiBranchProject mockMultiBranchProject = mockMultiBranchProject(repoUrl);
+        WorkflowJob mockWorkflowBranchJob = mockWorkflowBranchJob(repoUrl);
         WorkflowJob mockWorkflowJob = mockWorkflowJob(repoUrl);
+        GithubRequireOrganizationMembershipACL workflowJobBranchAcl = aclForWorkflowJob(mockWorkflowBranchJob);
         GithubRequireOrganizationMembershipACL workflowJobAcl = aclForWorkflowJob(mockWorkflowJob);
         GithubRequireOrganizationMembershipACL multiBranchProjectAcl = aclForMultiBranchProject(mockMultiBranchProject);
         GithubRequireOrganizationMembershipACL projectAcl = aclForProject(mockProject);
@@ -370,6 +393,8 @@ public void testCanNotReadOrBuildRepositoryIDoNotCollaborateOn() throws IOExcept
         assertFalse(projectAcl.hasPermission(authenticationToken, Item.BUILD));
         assertFalse(multiBranchProjectAcl.hasPermission(authenticationToken, Item.READ));
         assertFalse(multiBranchProjectAcl.hasPermission(authenticationToken, Item.BUILD));
+        assertFalse(workflowJobBranchAcl.hasPermission(authenticationToken, Item.READ));
+        assertFalse(workflowJobBranchAcl.hasPermission(authenticationToken, Item.BUILD));
         assertFalse(workflowJobAcl.hasPermission(authenticationToken, Item.READ));
         assertFalse(workflowJobAcl.hasPermission(authenticationToken, Item.BUILD));
     }