commit 0ee470e197ea77c053b8286d10f66b324f980a9d
author Jakub Josef <jakub.josef@gmail.com> Tue Jan 17 11:46:58 2017 +0100
committer Jakub Josef <jakub.josef@gmail.com> Tue Jan 17 11:48:54 2017 +0100
tree 1b37108cfbdfe1bd9142beb0bf3a52189ba1e00e
parent f955eb421978f8e1cc05db9761fcf5ed05abf69c

Matrix security extended to use GlobalMatrixAuthStrategy or ProjectMatrixAuthStrategy

_states/jenkins_security.py

diff --git a/_states/jenkins_security.py b/_states/jenkins_security.py
index 24a8a67..299c974 100644
--- a/_states/jenkins_security.py
+++ b/_states/jenkins_security.py
@@ -33,15 +33,15 @@
 
 def instance = Jenkins.getInstance()
 try{{
-def strategy = Class.forName("hudson.security.ProjectMatrixAuthorizationStrategy").newInstance()
+def strategy = Class.forName("hudson.security.{matrix_class}").newInstance()
 {strategies}
 instance.setAuthorizationStrategy(strategy)
 instance.save()
 print("SUCCESS")
 }}catch(ClassNotFoundException e){{
-    print("Cannot instantiate ProjectMatrixAuthorizationStrategy, maybe auth-matrix plugin not installed")
+    print("Cannot instantiate {matrix_class}, maybe auth-matrix plugin not installed")
 }}
-""" # noqa
+"""  # noqa
 
 
 def ldap(name, server, root_dn, user_search_base, manager_dn, manager_password, user_search="", group_search_base="", inhibit_infer_root_dn=False):
@@ -78,23 +78,27 @@
         if call_result["code"] == 200 and call_result["msg"] == "SUCCESS":
             status = call_result["msg"]
             ret['changes'][name] = status
-            ret['comment'] = 'Jenkins LDAP setting %s %s' % (name, status.lower())
+            ret['comment'] = 'Jenkins LDAP setting %s %s' % (
+                name, status.lower())
             result = True
         else:
             status = 'FAILED'
             logger.error(
                 "Jenkins security API call failure: %s", call_result["msg"])
             ret['comment'] = 'Jenkins security API call failure: %s' % (call_result[
-                                                                           "msg"])
+                "msg"])
     ret['result'] = None if test else result
     return ret
 
-def matrix(name, strategies):
+
+def matrix(name, strategies, project_based=False):
     """
     Jenkins matrix security state method
 
     :param name: ldap state name
-    :param strategies: dict with matrix strategies 
+    :param strategies: dict with matrix strategies
+    :param procect_based: flag if we configuring
+        GlobalMatrix security or ProjectMatrix security
     :returns: salt-specified state dict
     """
     test = __opts__['test']  # noqa
@@ -111,18 +115,20 @@
         ret['comment'] = 'LDAP setup %s %s' % (name, status.lower())
     else:
         call_result = __salt__['jenkins_common.call_groovy_script'](
-            set_matrix_groovy, {"strategies":_build_strategies(strategies)})
+            set_matrix_groovy, {"strategies": _build_strategies(strategies),
+                                "matrix_class": "ProjectMatrixAuthorizationStrategy" if project_based else "GlobalMatrixAuthorizationStrategy"})
         if call_result["code"] == 200 and call_result["msg"] == "SUCCESS":
             status = call_result["msg"]
             ret['changes'][name] = status
-            ret['comment'] = 'Jenkins Matrix security setting %s %s' % (name, status.lower())
+            ret['comment'] = 'Jenkins Matrix security setting %s %s' % (
+                name, status.lower())
             result = True
         else:
             status = 'FAILED'
             logger.error(
                 "Jenkins security API call failure: %s", call_result["msg"])
             ret['comment'] = 'Jenkins security API call failure: %s' % (call_result[
-                                                                           "msg"])
+                "msg"])
     ret['result'] = None if test else result
     return ret