3 * Copyright (C) 2009-2016 SonarSource SA
4 * mailto:contact AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.permission.ws;
22 import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
23 import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdminUserByComponentKey;
24 import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdminUserByComponentUuid;
25 import static org.sonar.server.permission.ws.PermissionRequestValidator.validateQualifier;
26 import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectParameters;
27 import static org.sonar.server.permission.ws.WsProjectRef.newOptionalWsProjectRef;
28 import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
29 import static org.sonar.server.ws.WsParameterBuilder.createRootQualifierParameter;
30 import static org.sonar.server.ws.WsUtils.writeProtobuf;
31 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
32 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
33 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
35 import com.google.common.base.Optional;
36 import org.sonar.api.i18n.I18n;
37 import org.sonar.api.resources.ResourceTypes;
38 import org.sonar.api.server.ws.Request;
39 import org.sonar.api.server.ws.Response;
40 import org.sonar.api.server.ws.WebService;
41 import org.sonar.api.server.ws.WebService.Param;
42 import org.sonar.api.utils.Paging;
43 import org.sonar.core.permission.ProjectPermissions;
44 import org.sonar.db.DbClient;
45 import org.sonar.db.DbSession;
46 import org.sonar.db.component.ComponentDto;
47 import org.sonar.server.user.UserSession;
48 import org.sonarqube.ws.Common;
49 import org.sonarqube.ws.WsPermissions.Permission;
50 import org.sonarqube.ws.WsPermissions.SearchProjectPermissionsWsResponse;
51 import org.sonarqube.ws.WsPermissions.SearchProjectPermissionsWsResponse.Project;
52 import org.sonarqube.ws.client.permission.SearchProjectPermissionsWsRequest;
54 public class SearchProjectPermissionsAction implements PermissionsWsAction {
55 private static final String PROPERTY_PREFIX = "projects_role.";
56 private static final String DESCRIPTION_SUFFIX = ".desc";
58 private final DbClient dbClient;
59 private final UserSession userSession;
60 private final I18n i18n;
61 private final ResourceTypes resourceTypes;
62 private final SearchProjectPermissionsDataLoader dataLoader;
64 public SearchProjectPermissionsAction(DbClient dbClient, UserSession userSession, I18n i18n, ResourceTypes resourceTypes, SearchProjectPermissionsDataLoader dataLoader) {
65 this.dbClient = dbClient;
66 this.userSession = userSession;
68 this.resourceTypes = resourceTypes;
69 this.dataLoader = dataLoader;
73 public void define(WebService.NewController context) {
74 WebService.NewAction action = context.createAction("search_project_permissions")
75 .setDescription("List project permissions. A project can be a technical project, a view or a developer.<br />" +
76 "Requires 'Administer System' permission or 'Administer' rights on the specified project.")
77 .setResponseExample(getClass().getResource("search_project_permissions-example.json"))
82 action.createParam(Param.TEXT_QUERY)
83 .setDescription("Limit search to: <ul>" +
84 "<li>project names that contain the supplied string</li>" +
85 "<li>project keys that are exactly the same as the supplied string</li>" +
87 .setExampleValue("apac");
88 createProjectParameters(action);
89 createRootQualifierParameter(action, newQualifierParameterContext(i18n, resourceTypes))
94 public void handle(Request wsRequest, Response wsResponse) throws Exception {
95 SearchProjectPermissionsWsResponse searchProjectPermissionsWsResponse = doHandle(toSearchProjectPermissionsWsRequest(wsRequest));
96 writeProtobuf(searchProjectPermissionsWsResponse, wsRequest, wsResponse);
99 private SearchProjectPermissionsWsResponse doHandle(SearchProjectPermissionsWsRequest request) {
100 checkRequestAndPermissions(request);
101 DbSession dbSession = dbClient.openSession(false);
103 validateQualifier(request.getQualifier(), resourceTypes);
104 SearchProjectPermissionsData data = dataLoader.load(request);
105 return buildResponse(data);
107 dbClient.closeSession(dbSession);
111 private static SearchProjectPermissionsWsRequest toSearchProjectPermissionsWsRequest(Request request) {
112 return new SearchProjectPermissionsWsRequest()
113 .setProjectId(request.param(PARAM_PROJECT_ID))
114 .setProjectKey(request.param(PARAM_PROJECT_KEY))
115 .setQualifier(request.param(PARAM_QUALIFIER))
116 .setPage(request.mandatoryParamAsInt(Param.PAGE))
117 .setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE))
118 .setQuery(request.param(Param.TEXT_QUERY));
121 private void checkRequestAndPermissions(SearchProjectPermissionsWsRequest request) {
122 Optional<WsProjectRef> project = newOptionalWsProjectRef(request.getProjectId(), request.getProjectKey());
123 boolean hasProject = project.isPresent();
124 boolean hasProjectUuid = hasProject && project.get().uuid() != null;
125 boolean hasProjectKey = hasProject && project.get().key() != null;
127 if (hasProjectUuid) {
128 checkProjectAdminUserByComponentUuid(userSession, project.get().uuid());
129 } else if (hasProjectKey) {
130 checkProjectAdminUserByComponentKey(userSession, project.get().key());
132 checkGlobalAdminUser(userSession);
136 private SearchProjectPermissionsWsResponse buildResponse(SearchProjectPermissionsData data) {
137 SearchProjectPermissionsWsResponse.Builder response = SearchProjectPermissionsWsResponse.newBuilder();
138 Permission.Builder permissionResponse = Permission.newBuilder();
140 Project.Builder rootComponentBuilder = Project.newBuilder();
141 for (ComponentDto rootComponent : data.rootComponents()) {
144 .setId(rootComponent.uuid())
145 .setKey(rootComponent.key())
146 .setQualifier(rootComponent.qualifier())
147 .setName(rootComponent.name());
148 for (String permission : data.permissions(rootComponent.getId())) {
149 rootComponentBuilder.addPermissions(
153 .setUsersCount(data.userCount(rootComponent.getId(), permission))
154 .setGroupsCount(data.groupCount(rootComponent.getId(), permission)));
156 response.addProjects(rootComponentBuilder);
159 for (String permissionKey : ProjectPermissions.ALL) {
160 response.addPermissions(
163 .setKey(permissionKey)
164 .setName(i18nName(permissionKey))
165 .setDescription(i18nDescriptionMessage(permissionKey)));
168 Paging paging = data.paging();
170 Common.Paging.newBuilder()
171 .setPageIndex(paging.pageIndex())
172 .setPageSize(paging.pageSize())
173 .setTotal(paging.total()));
175 return response.build();
178 private String i18nDescriptionMessage(String permissionKey) {
179 return i18n.message(userSession.locale(), PROPERTY_PREFIX + permissionKey + DESCRIPTION_SUFFIX, "");
182 private String i18nName(String permissionKey) {
183 return i18n.message(userSession.locale(), PROPERTY_PREFIX + permissionKey, permissionKey);