masterzen/jenkins-github-auth.groovy

## jenkins-github-auth.groovy
import org.jenkinsci.plugins.GithubAuthenticationToken
import org.jenkinsci.plugins.GithubRequireOrganizationMembershipACL
import org.jenkinsci.plugins.GithubAuthorizationStrategy
import org.jenkinsci.plugins.GithubSecurityRealm
import org.jenkinsci.plugins.workflow.job.WorkflowJob;
import org.jenkinsci.plugins.workflow.multibranch.BranchJobProperty;


def token = hudson.util.Secret.fromString('{AQAAABAAAAAwvtwoemJy9LUqX59EEP5/qn+zg5H8WOHhH1GYHEm3uZNLndNWdgpf4h9SO6DtxALbliiYWno+AzcnasDhyIeIRg==}')

def githubToken = new GithubAuthenticationToken(token.toString(), 'https://api.github.com')

//println(githubToken.myRepositories())


def jenkins = Jenkins.getInstance();
def realm = (GithubSecurityRealm) jenkins.getSecurityRealm();
def strat = (GithubAuthorizationStrategy)jenkins.getAuthorizationStrategy();
def acl = (GithubRequireOrganizationMembershipACL)strat.getRootACL()

println("rootACL: can cancel " + acl.hasPermission(githubToken, Item.CANCEL))
println("is authenticated " + githubToken.isAuthenticated())

println("rootACL: is repo using permissions: " + acl.isUseRepositoryPermissions())


for (item in Jenkins.instance.allItems) {
  if (item.class.canonicalName == "com.cloudbees.hudson.plugins.folder.Folder") {
    println "folder      [" + item.fullName + "]"

    item.properties.each { p ->
      try {
	      println p.fullName
      }catch (err) {
      	println " item -> " + item.class.canonicalName
      }
    }
  } else {
    print "item        [" + item.fullName + "] -> "
    def itemAcl = acl.cloneForProject(item)
    try {
	    println itemAcl.hasRepositoryPermission(githubToken, Item.CANCEL)
    }catch(err) {
       if (item instanceof WorkflowJob) {
            def project = (WorkflowJob) item;
            println("scm: " + project.getTypicalSCM())
            println("bjp: " + project.getProperty(BranchJobProperty.class));
            println("branch: " + project.getProperty(BranchJobProperty.class).getBranch());
            println("scm: " + project.getProperty(BranchJobProperty.class).getBranch().getScm());
       }

      	println "ERROR " + err.getMessage()
    }
  }
}

//def item = jenkins.getItemByFullName('/t2r2/continuous-integration-pipeline', AbstractProject.class)
//
//def t2r2 = acl.cloneForProject(item)
//println(item.getFullDisplayName())
//println(t2r2.hasRepositoryPermission(githubToken, Item.CANCEL))
	import org.jenkinsci.plugins.GithubAuthenticationToken
	import org.jenkinsci.plugins.GithubRequireOrganizationMembershipACL
	import org.jenkinsci.plugins.GithubAuthorizationStrategy
	import org.jenkinsci.plugins.GithubSecurityRealm
	import org.jenkinsci.plugins.workflow.job.WorkflowJob;
	import org.jenkinsci.plugins.workflow.multibranch.BranchJobProperty;


	def token = hudson.util.Secret.fromString('{AQAAABAAAAAwvtwoemJy9LUqX59EEP5/qn+zg5H8WOHhH1GYHEm3uZNLndNWdgpf4h9SO6DtxALbliiYWno+AzcnasDhyIeIRg==}')

	def githubToken = new GithubAuthenticationToken(token.toString(), 'https://api.github.com')

	//println(githubToken.myRepositories())


	def jenkins = Jenkins.getInstance();
	def realm = (GithubSecurityRealm) jenkins.getSecurityRealm();
	def strat = (GithubAuthorizationStrategy)jenkins.getAuthorizationStrategy();
	def acl = (GithubRequireOrganizationMembershipACL)strat.getRootACL()

	println("rootACL: can cancel " + acl.hasPermission(githubToken, Item.CANCEL))
	println("is authenticated " + githubToken.isAuthenticated())

	println("rootACL: is repo using permissions: " + acl.isUseRepositoryPermissions())


	for (item in Jenkins.instance.allItems) {
	if (item.class.canonicalName == "com.cloudbees.hudson.plugins.folder.Folder") {
	println "folder [" + item.fullName + "]"

	item.properties.each { p ->
	try {
	println p.fullName
	}catch (err) {
	println " item -> " + item.class.canonicalName
	}
	}
	} else {
	print "item [" + item.fullName + "] -> "
	def itemAcl = acl.cloneForProject(item)
	try {
	println itemAcl.hasRepositoryPermission(githubToken, Item.CANCEL)
	}catch(err) {
	if (item instanceof WorkflowJob) {
	def project = (WorkflowJob) item;
	println("scm: " + project.getTypicalSCM())
	println("bjp: " + project.getProperty(BranchJobProperty.class));
	println("branch: " + project.getProperty(BranchJobProperty.class).getBranch());
	println("scm: " + project.getProperty(BranchJobProperty.class).getBranch().getScm());
	}

	println "ERROR " + err.getMessage()
	}
	}
	}

	//def item = jenkins.getItemByFullName('/t2r2/continuous-integration-pipeline', AbstractProject.class)
	//
	//def t2r2 = acl.cloneForProject(item)
	//println(item.getFullDisplayName())
	//println(t2r2.hasRepositoryPermission(githubToken, Item.CANCEL))