screwdriver-api 4.1.203 → 4.1.207

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/Dockerfile.local +1 -1
  2. package/package.json +2 -2
  3. package/plugins/builds/artifacts/unzip.js +8 -2
  4. package/plugins/builds/index.js +0 -5
package/Dockerfile.local CHANGED
@@ -1,4 +1,4 @@
1
- FROM node:8
1
+ FROM node:12
2
2
 
3
3
  # Create our application directory
4
4
  RUN mkdir -p /usr/src/app
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "screwdriver-api",
3
- "version": "4.1.203",
3
+ "version": "4.1.207",
4
4
  "description": "API server for the Screwdriver.cd service",
5
5
  "main": "index.js",
6
6
  "scripts": {
@@ -23,7 +23,7 @@
23
23
  "url": "git@github.com:screwdriver-cd/screwdriver.git"
24
24
  },
25
25
  "engines": {
26
- "node": ">=8.9.0"
26
+ "node": ">=12.0.0"
27
27
  },
28
28
  "greenkeeper": {
29
29
  "ignore": [
package/plugins/builds/artifacts/unzip.js CHANGED
@@ -14,7 +14,7 @@ module.exports = config => ({
14
14
  tags: ['api', 'builds', 'artifacts'],
15
15
  auth: {
16
16
  strategies: ['token'],
17
- scope: ['build']
17
+ scope: ['user', 'build']
18
18
  },
19
19
 
20
20
  handler: async (req, h) => {
@@ -26,9 +26,15 @@ module.exports = config => ({
26
26
  return h.response(data).code(200);
27
27
  }
28
28
  const buildId = req.params.id;
29
- const { username, scope } = req.auth.credentials;
29
+ const { username, scope, scmContext } = req.auth.credentials;
30
30
  const isBuild = scope.includes('build');
31
31
  const { buildFactory } = req.server.app;
32
+ const scmDisplayName = buildFactory.scm.getDisplayName({ scmContext })
33
+ const adminDetails = req.server.plugins.banners.screwdriverAdminDetails(username, scmDisplayName);
34
+
35
+ if (scope.includes('user') && !adminDetails.isAdmin) {
36
+ return boom.forbidden(`User ${adminDetails.userDisplayName} does not have Screwdriver administrative privileges.`)
37
+ }
32
38
 
33
39
  if (isBuild && username !== buildId) {
34
40
  return boom.forbidden(`Credential only valid for ${username}`);
package/plugins/builds/index.js CHANGED
@@ -410,11 +410,6 @@ function parseJobInfo({ joinObj = {}, current, nextJobName, nextPipelineId }) {
410
410
  * @return {Promise} All finished builds
411
411
  */
412
412
  async function getFinishedBuilds(event, buildFactory) {
413
- if (!event.parentEventId) {
414
- // FIXME: remove this flow to always use buildFactory.getLatestBuilds
415
- return event.getBuilds();
416
- }
417
-
418
413
  // FIXME: buildFactory.getLatestBuilds doesn't return build model
419
414
  const builds = await buildFactory.getLatestBuilds({ groupEventId: event.groupEventId });
420
415