source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2019 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.qualityprofile.ws;
  21
  22 import java.util.Optional;
  23 import javax.annotation.Nullable;
  24 import org.sonar.api.rule.RuleKey;
  25 import org.sonar.api.server.ServerSide;
  26 import org.sonar.api.server.ws.WebService.NewAction;
  27 import org.sonar.api.server.ws.WebService.NewParam;
  28 import org.sonar.db.DbClient;
  29 import org.sonar.db.DbSession;
  30 import org.sonar.db.organization.OrganizationDto;
  31 import org.sonar.db.permission.OrganizationPermission;
  32 import org.sonar.db.qualityprofile.QProfileDto;
  33 import org.sonar.db.rule.RuleDefinitionDto;
  34 import org.sonar.db.user.GroupDto;
  35 import org.sonar.db.user.UserDto;
  36 import org.sonar.server.organization.DefaultOrganizationProvider;
  37 import org.sonar.server.user.UserSession;
  38
  39 import static com.google.common.base.Preconditions.checkArgument;
  40 import static com.google.common.base.Preconditions.checkState;
  41 import static java.util.Objects.requireNonNull;
  42 import static org.sonar.db.organization.OrganizationDto.Subscription.PAID;
  43 import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
  44 import static org.sonar.server.exceptions.NotFoundException.checkFound;
  45 import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional;
  46 import static org.sonar.server.exceptions.BadRequestException.checkRequest;
  47 import static org.sonarqube.ws.client.component.ComponentsWsParameters.PARAM_ORGANIZATION;
  48
  49 @ServerSide
  50 public class QProfileWsSupport {
  51
  52   private final DbClient dbClient;
  53   private final UserSession userSession;
  54   private final DefaultOrganizationProvider defaultOrganizationProvider;
  55
  56   public QProfileWsSupport(DbClient dbClient, UserSession userSession, DefaultOrganizationProvider defaultOrganizationProvider) {
  57     this.dbClient = dbClient;
  58     this.userSession = userSession;
  59     this.defaultOrganizationProvider = defaultOrganizationProvider;
  60   }
  61
  62   public static NewParam createOrganizationParam(NewAction action) {
  63     return action
  64       .createParam(PARAM_ORGANIZATION)
  65       .setDescription("Organization key. If no organization is provided, the default organization is used.")
  66       .setRequired(false)
  67       .setInternal(true)
  68       .setExampleValue("my-org");
  69   }
  70
  71   public OrganizationDto getOrganization(DbSession dbSession, QProfileDto profile) {
  72     requireNonNull(profile);
  73     String organizationUuid = profile.getOrganizationUuid();
  74     OrganizationDto organization = dbClient.organizationDao().selectByUuid(dbSession, organizationUuid)
  75       .orElseThrow(() -> new IllegalStateException("Cannot load organization with uuid=" + organizationUuid));
  76     checkMembershipOnPaidOrganization(organization);
  77     return organization;
  78   }
  79
  80   public OrganizationDto getOrganizationByKey(DbSession dbSession, @Nullable String organizationKey) {
  81     String organizationOrDefaultKey = Optional.ofNullable(organizationKey)
  82       .orElseGet(defaultOrganizationProvider.get()::getKey);
  83     OrganizationDto organization = checkFoundWithOptional(
  84       dbClient.organizationDao().selectByKey(dbSession, organizationOrDefaultKey),
  85       "No organization with key '%s'", organizationOrDefaultKey);
  86     checkMembershipOnPaidOrganization(organization);
  87     return organization;
  88   }
  89
  90   public RuleDefinitionDto getRule(DbSession dbSession, RuleKey ruleKey) {
  91     Optional<RuleDefinitionDto> ruleDefinitionDto = dbClient.ruleDao().selectDefinitionByKey(dbSession, ruleKey);
  92     RuleDefinitionDto rule = checkFoundWithOptional(ruleDefinitionDto, "Rule with key '%s' not found", ruleKey);
  93     checkRequest(!rule.isExternal(), "Operation forbidden for rule '%s' imported from an external rule engine.", ruleKey);
  94     return rule;
  95   }
  96
  97   /**
  98    * Get the Quality profile specified by the reference {@code ref}.
  99    *
 100    * @throws org.sonar.server.exceptions.NotFoundException if the specified organization or profile do not exist
 101    */
 102   public QProfileDto getProfile(DbSession dbSession, QProfileReference ref) {
 103     QProfileDto profile;
 104     if (ref.hasKey()) {
 105       profile = dbClient.qualityProfileDao().selectByUuid(dbSession, ref.getKey());
 106       checkFound(profile, "Quality Profile with key '%s' does not exist", ref.getKey());
 107       // Load organization to execute various checks (existence, membership if paid organization, etc.)
 108       getOrganization(dbSession, profile);
 109     } else {
 110       OrganizationDto org = getOrganizationByKey(dbSession, ref.getOrganizationKey().orElse(null));
 111       profile = dbClient.qualityProfileDao().selectByNameAndLanguage(dbSession, org, ref.getName(), ref.getLanguage());
 112       checkFound(profile, "Quality Profile for language '%s' and name '%s' does not exist%s", ref.getLanguage(), ref.getName(),
 113         ref.getOrganizationKey().map(o -> " in organization '" + o + "'").orElse(""));
 114     }
 115     return profile;
 116   }
 117
 118   public QProfileDto getProfile(DbSession dbSession, OrganizationDto organization, String name, String language) {
 119     QProfileDto profile = dbClient.qualityProfileDao().selectByNameAndLanguage(dbSession, organization, name, language);
 120     checkFound(profile, "Quality Profile for language '%s' and name '%s' does not exist in organization '%s'", language, name, organization.getKey());
 121     return profile;
 122   }
 123
 124   public UserDto getUser(DbSession dbSession, OrganizationDto organization, String login) {
 125     UserDto user = dbClient.userDao().selectActiveUserByLogin(dbSession, login);
 126     checkFound(user, "User with login '%s' is not found'", login);
 127     checkMembership(dbSession, organization, user);
 128     return user;
 129   }
 130
 131   GroupDto getGroup(DbSession dbSession, OrganizationDto organization, String groupName) {
 132     Optional<GroupDto> group = dbClient.groupDao().selectByName(dbSession, organization.getUuid(), groupName);
 133     checkFoundWithOptional(group, "No group with name '%s' in organization '%s'", groupName, organization.getKey());
 134     return group.get();
 135   }
 136
 137   public void checkPermission(DbSession dbSession, QProfileDto profile) {
 138     OrganizationDto organization = getOrganization(dbSession, profile);
 139     userSession.checkPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, organization);
 140   }
 141
 142   boolean canEdit(DbSession dbSession, OrganizationDto organization, QProfileDto profile) {
 143     if (profile.isBuiltIn() || !userSession.isLoggedIn()) {
 144       return false;
 145     }
 146     if (userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, organization)) {
 147       return true;
 148     }
 149
 150     UserDto user = dbClient.userDao().selectByLogin(dbSession, userSession.getLogin());
 151     checkState(user != null, "User from session does not exist");
 152     return dbClient.qProfileEditUsersDao().exists(dbSession, profile, user)
 153       || dbClient.qProfileEditGroupsDao().exists(dbSession, profile, userSession.getGroups());
 154   }
 155
 156   public void checkCanEdit(DbSession dbSession, OrganizationDto organization, QProfileDto profile) {
 157     checkNotBuiltIn(profile);
 158     if (!canEdit(dbSession, organization, profile)) {
 159       throw insufficientPrivilegesException();
 160     }
 161   }
 162
 163   void checkNotBuiltIn(QProfileDto profile) {
 164     checkRequest(!profile.isBuiltIn(), "Operation forbidden for built-in Quality Profile '%s' with language '%s'", profile.getName(), profile.getLanguage());
 165   }
 166
 167   private void checkMembership(DbSession dbSession, OrganizationDto organization, UserDto user) {
 168     checkArgument(isMember(dbSession, organization, user.getId()),
 169       "User '%s' is not member of organization '%s'", user.getLogin(), organization.getKey());
 170   }
 171
 172   private boolean isMember(DbSession dbSession, OrganizationDto organization, int userId) {
 173     return dbClient.organizationMemberDao().select(dbSession, organization.getUuid(), userId).isPresent();
 174   }
 175
 176   private void checkMembershipOnPaidOrganization(OrganizationDto organization) {
 177     if (!organization.getSubscription().equals(PAID)) {
 178       return;
 179     }
 180     userSession.checkMembership(organization);
 181   }
 182
 183 }