Fix Authorization Matrix property support on jobs in a folder

Without the fix:

> 2020-05-11 10:56:12.238+0000 [id=29522]	WARNING
> o.e.j.s.h.ContextHandler$Context#log: Error while serving http://localhost/job/someFolder/createItem
> java.lang.ClassCastException: com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty cannot be cast to hudson.model.JobProperty

It turns out com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty
should only be applied to Folders, not Jobs. The latter should use
hudson.security.AuthorizationMatrixProperty.

Task: 39760
Story: 2007666

Change-Id: I64907265b214fb1e489e1e657a30c90d6ee08c3f

jenkins_jobs/modules/properties.py

@@ -521,6 +521,9 @@ def authorization(registry, xml_parent, data):
     # get the folder name if it exists
     in_a_folder = data.pop("_use_folder_perms", None) if data else None
 
+    # check if it's a folder or a job
+    is_a_folder = data.pop("_is_a_folder", None) if data else False
+
     credentials = "com.cloudbees.plugins.credentials.CredentialsProvider."
     ownership = "com.synopsys.arc.jenkins.plugins.ownership.OwnershipPlugin."
 
@@ -549,10 +552,11 @@ def authorization(registry, xml_parent, data):
 
     if data:
         if in_a_folder:
-            matrix = XML.SubElement(
+            if is_a_folder:
-                xml_parent,
+                element_name = "com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty"
-                "com.cloudbees.hudson.plugins.folder.properties.AuthorizationMatrixProperty",
+            else:
-            )
+                element_name = "hudson.security.AuthorizationMatrixProperty"
+            matrix = XML.SubElement(xml_parent, element_name)
             XML.SubElement(
                 matrix,
                 "inheritanceStrategy",
@@ -1266,13 +1270,14 @@ class Properties(jenkins_jobs.modules.base.Base):
             if next(iter(prop)) == "authorization":
                 # Only projects are placed in folders
                 if "project-type" in data:
-                    if data["project-type"] == "folder":
+                    if data["project-type"] in ("folder", "multibranch"):
-                        prop["authorization"]["_use_folder_perms"] = True
-                    elif data["project-type"] == "multibranch":
                         prop["authorization"]["_use_folder_perms"] = True
+                        prop["authorization"]["_is_a_folder"] = True
                     else:
                         prop["authorization"]["_use_folder_perms"] = "folder" in data
+                        prop["authorization"]["_is_a_folder"] = False
                 else:
                     prop["authorization"]["_use_folder_perms"] = False
+                    prop["authorization"]["_is_a_folder"] = False
 
             self.registry.dispatch("property", properties, prop)

tests/yamlparser/fixtures/auth-jobs/project-in-folder-with-auth-properties.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="utf-8"?>
+<project>
+  <actions/>
+  <description>&lt;!-- Managed by Jenkins Job Builder --&gt;</description>
+  <keepDependencies>false</keepDependencies>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <concurrentBuild>false</concurrentBuild>
+  <canRoam>true</canRoam>
+  <properties>
+    <hudson.security.AuthorizationMatrixProperty>
+      <inheritanceStrategy class="org.jenkinsci.plugins.matrixauth.inheritance.InheritParentStrategy"/>
+      <permission>hudson.model.Item.Build:auser</permission>
+    </hudson.security.AuthorizationMatrixProperty>
+  </properties>
+  <scm class="hudson.scm.NullSCM"/>
+  <builders/>
+  <publishers/>
+  <buildWrappers/>
+</project>

tests/yamlparser/fixtures/project-in-folder-with-auth-properties.yaml

@@ -0,0 +1,8 @@
+- job:
+    folder: auth-jobs
+    name: auth-job-test
+    project-type: freestyle
+    properties:
+    - authorization:
+        auser:
+          - job-build