masterzen · March 12, 2018 15:55
diff --git a/jenkins-github-auth.groovy b/jenkins-github-auth.groovy
 import org.jenkinsci.plugins.GithubAuthenticationToken
 import org.jenkinsci.plugins.GithubRequireOrganizationMembershipACL
 import org.jenkinsci.plugins.GithubAuthorizationStrategy
 import org.jenkinsci.plugins.GithubSecurityRealm
 import org.jenkinsci.plugins.workflow.job.WorkflowJob;
 import org.jenkinsci.plugins.workflow.multibranch.BranchJobProperty;


 def token = hudson.util.Secret.fromString('{AQAAABAAAAAwvtwoemJy9LUqX59EEP5/qn+zg5H8WOHhH1GYHEm3uZNLndNWdgpf4h9SO6DtxALbliiYWno+AzcnasDhyIeIRg==}')

 def githubToken = new GithubAuthenticationToken(token.toString(), 'https://api.github.com')

 //println(githubToken.myRepositories())


 def jenkins = Jenkins.getInstance();
 def realm = (GithubSecurityRealm) jenkins.getSecurityRealm();
 def strat = (GithubAuthorizationStrategy)jenkins.getAuthorizationStrategy();
 def acl = (GithubRequireOrganizationMembershipACL)strat.getRootACL()

 println("rootACL: can cancel " + acl.hasPermission(githubToken, Item.CANCEL))
 println("is authenticated " + githubToken.isAuthenticated())

 println("rootACL: is repo using permissions: " + acl.isUseRepositoryPermissions())


 for (item in Jenkins.instance.allItems) {
  if (item.class.canonicalName == "com.cloudbees.hudson.plugins.folder.Folder") {
    println "folder      [" + item.fullName + "]"

    item.properties.each { p -> 
      try {
 	      println p.fullName
      }catch (err) {
      	println " item -> " + item.class.canonicalName 
      }
    } 
  } else {
    print "item        [" + item.fullName + "] -> " 
    def itemAcl = acl.cloneForProject(item)
    try {
 	    println itemAcl.hasRepositoryPermission(githubToken, Item.CANCEL)
    }catch(err) {
       if (item instanceof WorkflowJob) {
            def project = (WorkflowJob) item;
            println("scm: " + project.getTypicalSCM())
            println("bjp: " + project.getProperty(BranchJobProperty.class));
            println("branch: " + project.getProperty(BranchJobProperty.class).getBranch());
            println("scm: " + project.getProperty(BranchJobProperty.class).getBranch().getScm());
       }

      	println "ERROR " + err.getMessage()
    }
  }
 }

 //def item = jenkins.getItemByFullName('/t2r2/continuous-integration-pipeline', AbstractProject.class)
 //
 //def t2r2 = acl.cloneForProject(item)
 //println(item.getFullDisplayName())
 //println(t2r2.hasRepositoryPermission(githubToken, Item.CANCEL))
	import org.jenkinsci.plugins.GithubAuthenticationToken
	import org.jenkinsci.plugins.GithubRequireOrganizationMembershipACL
	import org.jenkinsci.plugins.GithubAuthorizationStrategy
	import org.jenkinsci.plugins.GithubSecurityRealm
	import org.jenkinsci.plugins.workflow.job.WorkflowJob;
	import org.jenkinsci.plugins.workflow.multibranch.BranchJobProperty;


	def token = hudson.util.Secret.fromString('{AQAAABAAAAAwvtwoemJy9LUqX59EEP5/qn+zg5H8WOHhH1GYHEm3uZNLndNWdgpf4h9SO6DtxALbliiYWno+AzcnasDhyIeIRg==}')

	def githubToken = new GithubAuthenticationToken(token.toString(), 'https://api.github.com')

	//println(githubToken.myRepositories())


	def jenkins = Jenkins.getInstance();
	def realm = (GithubSecurityRealm) jenkins.getSecurityRealm();
	def strat = (GithubAuthorizationStrategy)jenkins.getAuthorizationStrategy();
	def acl = (GithubRequireOrganizationMembershipACL)strat.getRootACL()

	println("rootACL: can cancel " + acl.hasPermission(githubToken, Item.CANCEL))
	println("is authenticated " + githubToken.isAuthenticated())

	println("rootACL: is repo using permissions: " + acl.isUseRepositoryPermissions())


	for (item in Jenkins.instance.allItems) {
	if (item.class.canonicalName == "com.cloudbees.hudson.plugins.folder.Folder") {
	println "folder [" + item.fullName + "]"

	item.properties.each { p ->
	try {
	println p.fullName
	}catch (err) {
	println " item -> " + item.class.canonicalName
	}
	}
	} else {
	print "item [" + item.fullName + "] -> "
	def itemAcl = acl.cloneForProject(item)
	try {
	println itemAcl.hasRepositoryPermission(githubToken, Item.CANCEL)
	}catch(err) {
	if (item instanceof WorkflowJob) {
	def project = (WorkflowJob) item;
	println("scm: " + project.getTypicalSCM())
	println("bjp: " + project.getProperty(BranchJobProperty.class));
	println("branch: " + project.getProperty(BranchJobProperty.class).getBranch());
	println("scm: " + project.getProperty(BranchJobProperty.class).getBranch().getScm());
	}

	println "ERROR " + err.getMessage()
	}
	}
	}

	//def item = jenkins.getItemByFullName('/t2r2/continuous-integration-pipeline', AbstractProject.class)
	//
	//def t2r2 = acl.cloneForProject(item)
	//println(item.getFullDisplayName())
	//println(t2r2.hasRepositoryPermission(githubToken, Item.CANCEL))