try {
applyChange(Operation.ADD, change, session);
} finally {
- session.close();
+ dbClient.closeSession(session);
}
}
--- /dev/null
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.sonar.server.permission.ws;
+
+import org.sonar.api.server.ws.Request;
+import org.sonar.api.server.ws.Response;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.core.permission.GlobalPermissions;
+import org.sonar.server.permission.InternalPermissionService;
+import org.sonar.server.permission.PermissionChange;
+
+public class AddGroupAction implements PermissionsWsAction {
+
+ public static final String ACTION = "add_group";
+ public static final String PARAM_PERMISSION = "permission";
+ public static final String PARAM_GROUP_NAME = "groupName";
+
+ private final InternalPermissionService permissionService;
+
+ public AddGroupAction(InternalPermissionService permissionService) {
+ this.permissionService = permissionService;
+ }
+
+ @Override
+ public void define(WebService.NewController context) {
+ WebService.NewAction action = context.createAction(ACTION)
+ .setDescription("Add permission to a group.<br /> Requires 'Administer System' permission.")
+ .setSince("5.2")
+ .setPost(true)
+ .setHandler(this);
+
+ action.createParam(PARAM_PERMISSION)
+ .setDescription("Permission")
+ .setRequired(true)
+ .setPossibleValues(GlobalPermissions.ALL);
+
+ action.createParam(PARAM_GROUP_NAME)
+ .setRequired(true)
+ .setDescription("Group name or 'anyone' (whatever the case)")
+ .setExampleValue("sonar-administrators");
+ }
+
+ @Override
+ public void handle(Request request, Response response) throws Exception {
+ String permission = request.mandatoryParam(PARAM_PERMISSION);
+ String groupName = request.mandatoryParam(PARAM_GROUP_NAME);
+ permissionService.addPermission(
+ new PermissionChange()
+ .setPermission(permission)
+ .setGroup(groupName)
+ );
+
+ response.noContent();
+ }
+}
public class PermissionsWs implements WebService {
+ public static final String ENDPOINT = "api/permissions";
+
+ private final PermissionsWsAction[] actions;
+
+ public PermissionsWs(PermissionsWsAction... actions) {
+ this.actions = actions;
+ }
+
@Override
public void define(Context context) {
- NewController controller = context.createController("api/permissions");
- controller.setDescription("Permissions");
+ NewController controller = context.createController(ENDPOINT);
+ controller.setDescription("Permissions management");
controller.setSince("3.7");
+ for (PermissionsWsAction action : actions) {
+ action.define(controller);
+ }
+
defineAddAction(controller);
defineRemoveAction(controller);
--- /dev/null
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.sonar.server.permission.ws;
+
+import org.sonar.server.ws.WsAction;
+
+public interface PermissionsWsAction extends WsAction {
+ // marker interface
+}
--- /dev/null
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.sonar.server.permission.ws;
+
+import org.sonar.core.platform.Module;
+
+public class PermissionsWsModule extends Module {
+ @Override
+ protected void configureModule() {
+ add(
+ PermissionsWs.class,
+ AddGroupAction.class);
+ }
+}
import org.sonar.server.permission.InternalPermissionService;
import org.sonar.server.permission.InternalPermissionTemplateService;
import org.sonar.server.permission.PermissionFinder;
-import org.sonar.server.permission.ws.PermissionsWs;
+import org.sonar.server.permission.ws.PermissionsWsModule;
import org.sonar.server.platform.BackendCleanup;
import org.sonar.server.platform.SettingsChangeNotifier;
import org.sonar.server.platform.monitoring.DatabaseMonitor;
InternalPermissionService.class,
InternalPermissionTemplateService.class,
PermissionFinder.class,
- PermissionsWs.class,
+ PermissionsWsModule.class,
// components
ProjectsWsModule.class,
import org.sonar.api.server.ws.WebService.NewController;
import org.sonar.api.utils.text.JsonWriter;
import org.sonar.core.permission.GlobalPermissions;
+import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.GroupDto;
-import org.sonar.server.db.DbClient;
import org.sonar.server.user.UserSession;
import static org.sonar.db.MyBatis.closeQuietly;
--- /dev/null
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.sonar.server.permission.ws;
+
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.ExpectedException;
+import org.mockito.ArgumentCaptor;
+import org.sonar.api.utils.System2;
+import org.sonar.db.DbTester;
+import org.sonar.server.exceptions.ServerException;
+import org.sonar.server.permission.InternalPermissionService;
+import org.sonar.server.permission.PermissionChange;
+import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.ws.WsTester;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.ws.AddGroupAction.ACTION;
+
+public class AddGroupActionTest {
+ UserSessionRule userSession = UserSessionRule.standalone();
+ WsTester ws;
+ @Rule
+ public DbTester db = DbTester.create(System2.INSTANCE);
+ @Rule
+ public ExpectedException expectedException = ExpectedException.none();
+ private InternalPermissionService permissionService;
+
+ @Before
+ public void setUp() {
+ permissionService = mock(InternalPermissionService.class);
+ ws = new WsTester(new PermissionsWs(
+ new AddGroupAction(permissionService)));
+ userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN);
+ }
+
+ @Test
+ public void call_permission_service_with_right_data() throws Exception {
+ ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
+ .setParam(AddGroupAction.PARAM_GROUP_NAME, "sonar-administrators")
+ .setParam(AddGroupAction.PARAM_PERMISSION, SYSTEM_ADMIN)
+ .execute();
+
+ ArgumentCaptor<PermissionChange> permissionChangeCaptor = ArgumentCaptor.forClass(PermissionChange.class);
+ verify(permissionService).addPermission(permissionChangeCaptor.capture());
+ PermissionChange permissionChange = permissionChangeCaptor.getValue();
+ assertThat(permissionChange.group()).isEqualTo("sonar-administrators");
+ assertThat(permissionChange.permission()).isEqualTo(SYSTEM_ADMIN);
+ }
+
+ @Test
+ public void get_request_are_not_authorized() throws Exception {
+ expectedException.expect(ServerException.class);
+
+ ws.newGetRequest(PermissionsWs.ENDPOINT, ACTION)
+ .setParam(AddGroupAction.PARAM_GROUP_NAME, "sonar-administrators")
+ .setParam(AddGroupAction.PARAM_PERMISSION, SYSTEM_ADMIN)
+ .execute();
+ }
+
+ @Test
+ public void fail_when_group_name_is_missing() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
+
+ ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
+ .setParam(AddGroupAction.PARAM_PERMISSION, SYSTEM_ADMIN)
+ .execute();
+ }
+
+ @Test
+ public void fail_when_permission_is_missing() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
+
+ ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
+ .setParam(AddGroupAction.PARAM_GROUP_NAME, "sonar-administrators")
+ .execute();
+ }
+}
--- /dev/null
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.sonar.server.permission.ws;
+
+import org.junit.Test;
+import org.sonar.core.platform.ComponentContainer;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class PermissionsWsModuleTest {
+ @Test
+ public void verify_count_of_added_components() {
+ ComponentContainer container = new ComponentContainer();
+ new PermissionsWsModule().configure(container);
+ assertThat(container.size()).isEqualTo(4);
+ }
+}