SONAR-8260 verify authorization on organization

author Simon Brandhof <simon.brandhof@sonarsource.com>

Fri, 14 Oct 2016 08:00:47 +0000 (10:00 +0200)

committer Simon Brandhof <simon.brandhof@sonarsource.com>

Sun, 16 Oct 2016 17:10:45 +0000 (19:10 +0200)
author Simon Brandhof <simon.brandhof@sonarsource.com>
Fri, 14 Oct 2016 08:00:47 +0000 (10:00 +0200)
committer Simon Brandhof <simon.brandhof@sonarsource.com>
Sun, 16 Oct 2016 17:10:45 +0000 (19:10 +0200)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java

index 5bc9589095365ecdfed6c3e811feb389e23a9b84..d6155c7b5a45b19a978fbaddfb46c02584908730 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
@@ -34,7 +34,7 @@ import org.sonar.server.permission.UserPermissionChange;
  import org.sonar.server.user.UserSession;
  
  import static java.util.Arrays.asList;
-import static org.sonar.server.permission.PermissionPrivilegeChecker.checkAdministrationPermission;
+import static org.sonar.server.permission.PermissionPrivilegeChecker.checkAdministratorOfProjectOrOrganization;
  import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createOrganizationParameter;
  import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createPermissionParameter;
  import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectParameters;
@@ -82,7 +82,7 @@ public class AddUserAction implements PermissionsWsAction {
        Optional<ProjectId> projectId = support.findProject(dbSession, request);
        OrganizationDto org = support.findOrganization(dbSession, request.param(PARAM_ORGANIZATION_KEY));
  
-      checkAdministrationPermission(userSession, projectId);
+      checkAdministratorOfProjectOrOrganization(userSession, org.getUuid(), projectId);
  
        PermissionChange change = new UserPermissionChange(
          PermissionChange.Operation.ADD,
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java

index 6c2814976343e4059e3e38331dccd999558c6ed9..20cf09ab0986aff9855a133dfcd90d55a8e22eea 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
@@ -23,6 +23,7 @@ import org.junit.Before;
  import org.junit.Test;
  import org.sonar.api.web.UserRole;
  import org.sonar.db.component.ComponentDto;
+import org.sonar.db.organization.OrganizationDto;
  import org.sonar.db.user.UserDto;
  import org.sonar.server.exceptions.BadRequestException;
  import org.sonar.server.exceptions.ForbiddenException;
@@ -246,6 +247,10 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> {
    }
  
    private void loginAsAdmin() {
-    userSession.login().setGlobalPermissions(SYSTEM_ADMIN);
+    loginAsOrganizationAdmin(db.getDefaultOrganization());
+  }
+
+  private void loginAsOrganizationAdmin(OrganizationDto org) {
+    userSession.login().addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
    }
  }
author	Simon Brandhof <simon.brandhof@sonarsource.com>
	Fri, 14 Oct 2016 08:00:47 +0000 (10:00 +0200)
committer	Simon Brandhof <simon.brandhof@sonarsource.com>
	Sun, 16 Oct 2016 17:10:45 +0000 (19:10 +0200)
server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java		patch \| blob \| history
server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java		patch \| blob \| history