SONAR-9448 Sanitize api/qualityprofiles/change_parent

diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/ChangeParentAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/ChangeParentAction.java
index c5fa3ca4bfa8ae13a512b14e4c1406c54d651db5..6ab45451fbb68a4813f9906afd33f46370ab3659 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/ChangeParentAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/ChangeParentAction.java
@@ -24,7 +24,6 @@ import org.sonar.api.server.ws.Request;
 import org.sonar.api.server.ws.Response;
 import org.sonar.api.server.ws.WebService.NewAction;
 import org.sonar.api.server.ws.WebService.NewController;
-import org.sonar.core.util.Uuids;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.organization.OrganizationDto;
@@ -33,12 +32,13 @@ import org.sonar.server.qualityprofile.RuleActivator;
 import org.sonar.server.user.UserSession;
 
 import static org.apache.commons.lang.StringUtils.isEmpty;
+import static org.sonar.core.util.Uuids.UUID_EXAMPLE_02;
 import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LANGUAGE;
+import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PARENT_PROFILE;
 
 public class ChangeParentAction implements QProfileWsAction {
 
-  private static final String PARAM_PARENT_KEY = "parentKey";
   private static final String PARAM_PARENT_NAME = "parentName";
 
   private DbClient dbClient;
@@ -61,22 +61,25 @@ public class ChangeParentAction implements QProfileWsAction {
     NewAction inheritance = context.createAction("change_parent")
       .setSince("5.2")
       .setPost(true)
-      .setDescription("Change a quality profile's parent.")
+      .setDescription("Change a quality profile's parent.<br>" +
+        "Requires to be logged in and the 'Administer Quality Profiles' permission.")
       .setHandler(this);
 
     QProfileWsSupport.createOrganizationParam(inheritance)
       .setSince("6.4");
     QProfileReference.defineParams(inheritance, languages);
 
-    inheritance.createParam(PARAM_PARENT_KEY)
-      .setDescription("The key of the new parent profile. If this parameter is set, parentName must not be set. " +
-        "If both are left empty, the inheritance link with current parent profile (if any) is broken, which deactivates all rules " +
-        "which come from the parent and are not overridden. Require Administer Quality Profiles permission.")
-      .setExampleValue(Uuids.UUID_EXAMPLE_02);
+    inheritance.createParam(PARAM_PARENT_PROFILE)
+      .setDescription("New parent profile key.<br> " +
+        "If no profile is provided, the inheritance link with current parent profile (if any) is broken, which deactivates all rules " +
+        "which come from the parent and are not overridden.")
+      .setDeprecatedKey("parentKey", "6.5")
+      .setExampleValue(UUID_EXAMPLE_02);
+
     inheritance.createParam(PARAM_PARENT_NAME)
-      .setDescription("A quality profile name. If this parameter is set, profileKey must not be set and language must be set to disambiguate.")
+      .setDescription("Quality profile name. If this parameter is set, '%s' must not be set and '%s' must be set to disambiguate.", PARAM_PARENT_PROFILE, PARAM_LANGUAGE)
+      .setDeprecatedSince("6.5")
       .setExampleValue("Sonar way");
-
   }
 
   @Override
@@ -92,7 +95,7 @@ public class ChangeParentAction implements QProfileWsAction {
       userSession.checkPermission(ADMINISTER_QUALITY_PROFILES, organization);
       wsSupport.checkNotBuiltInt(profile);
 
-      String parentKey = request.param(PARAM_PARENT_KEY);
+      String parentKey = request.param(PARAM_PARENT_PROFILE);
       String parentName = request.param(PARAM_PARENT_NAME);
       if (isEmpty(parentKey) && isEmpty(parentName)) {
         ruleActivator.setParent(dbSession, profile, null);
@@ -103,6 +106,7 @@ public class ChangeParentAction implements QProfileWsAction {
         QProfileDto parent = wsSupport.getProfile(dbSession, parentRef);
         ruleActivator.setParent(dbSession, profile, parent);
       }
+
       response.noContent();
     }
   }

diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionTest.java
index 43681e40dcb6f7c88811d58538043c8ea5378339..5de88bfbdd7ccc9589899127acd0514daf8d01a6 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionTest.java
@@ -64,8 +64,6 @@ import org.sonar.server.tester.UserSessionRule;
 import org.sonar.server.util.TypeValidations;
 import org.sonar.server.ws.TestRequest;
 import org.sonar.server.ws.WsActionTester;
-import org.sonar.server.ws.WsTester;
-import org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters;
 
 import static java.util.Collections.emptySet;
 import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric;
@@ -73,7 +71,9 @@ import static org.assertj.core.api.Assertions.assertThat;
 import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
 import static org.sonarqube.ws.client.component.ComponentsWsParameters.PARAM_ORGANIZATION;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LANGUAGE;
-import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PROFILE_KEY;
+import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PARENT_NAME;
+import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PARENT_PROFILE;
+import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PROFILE;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PROFILE_NAME;
 
 public class ChangeParentActionTest {
@@ -92,12 +92,11 @@ public class ChangeParentActionTest {
   private RuleIndex ruleIndex;
   private RuleIndexer ruleIndexer;
   private ActiveRuleIndexer activeRuleIndexer;
-  private WsActionTester wsActionTester;
+  private WsActionTester ws;
   private OrganizationDto organization;
   private RuleActivator ruleActivator;
   private Language language = LanguageTesting.newLanguage(randomAlphanumeric(20));
   private String ruleRepository = randomAlphanumeric(5);
-  private ChangeParentAction underTest;
 
   @Before
   public void setUp() {
@@ -105,22 +104,13 @@ public class ChangeParentActionTest {
     dbSession = dbTester.getSession();
     EsClient esClient = esTester.client();
     ruleIndex = new RuleIndex(esClient);
-    ruleIndexer = new RuleIndexer(
-      esClient,
-      dbClient);
-    activeRuleIndexer = new ActiveRuleIndexer(
-      dbClient, esClient, new ActiveRuleIteratorFactory(dbClient));
+    ruleIndexer = new RuleIndexer(esClient, dbClient);
+    activeRuleIndexer = new ActiveRuleIndexer(dbClient, esClient, new ActiveRuleIteratorFactory(dbClient));
     RuleActivatorContextFactory ruleActivatorContextFactory = new RuleActivatorContextFactory(dbClient);
     TypeValidations typeValidations = new TypeValidations(Collections.emptyList());
-    ruleActivator = new RuleActivator(
-      System2.INSTANCE,
-      dbClient,
-      ruleIndex,
-      ruleActivatorContextFactory,
-      typeValidations,
-      activeRuleIndexer,
-      userSessionRule);
-    underTest = new ChangeParentAction(
+    ruleActivator = new RuleActivator(System2.INSTANCE, dbClient, ruleIndex, ruleActivatorContextFactory, typeValidations, activeRuleIndexer, userSessionRule);
+
+    ChangeParentAction underTest = new ChangeParentAction(
       dbClient,
       new RuleActivator(
         System2.INSTANCE,
@@ -136,20 +126,29 @@ public class ChangeParentActionTest {
         userSessionRule,
         TestDefaultOrganizationProvider.from(dbTester)),
       userSessionRule);
-    wsActionTester = new WsActionTester(underTest);
+
+    ws = new WsActionTester(underTest);
     organization = dbTester.organizations().insert();
     userSessionRule.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, organization.getUuid());
   }
 
   @Test
-  public void define_change_parent_action() {
-    WebService.Action changeParent = new WsTester(new QProfilesWs(underTest))
-      .action(QualityProfileWsParameters.CONTROLLER_QUALITY_PROFILES, "change_parent");
-    assertThat(changeParent).isNotNull();
-    assertThat(changeParent.isPost()).isTrue();
-    assertThat(changeParent.params()).extracting("key").containsExactlyInAnyOrder(
-      "organization", "profile", "profileName", "language", "parentKey", "parentName");
-    assertThat(changeParent.param("organization").since()).isEqualTo("6.4");
+  public void definition() {
+    WebService.Action definition = ws.getDef();
+    assertThat(definition.isPost()).isTrue();
+    assertThat(definition.params()).extracting("key").containsExactlyInAnyOrder(
+      "organization", "profile", "profileName", "language", "parentProfile", "parentName");
+    assertThat(definition.param("organization").since()).isEqualTo("6.4");
+    WebService.Param profile = definition.param("profile");
+    assertThat(profile.deprecatedKey()).isEqualTo("profileKey");
+    WebService.Param parentProfile = definition.param("parentProfile");
+    assertThat(parentProfile.deprecatedKey()).isEqualTo("parentKey");
+    WebService.Param profileName = definition.param("profileName");
+    assertThat(profileName.deprecatedSince()).isEqualTo("6.5");
+    WebService.Param language = definition.param("language");
+    assertThat(language.deprecatedSince()).isEqualTo("6.5");
+    WebService.Param parentName = definition.param("parentName");
+    assertThat(parentName.deprecatedSince()).isEqualTo("6.5");
   }
 
   @Test
@@ -165,10 +164,10 @@ public class ChangeParentActionTest {
     assertThat(dbClient.activeRuleDao().selectByProfileUuid(dbSession, child.getKee())).isEmpty();
 
     // Set parent
-    wsActionTester.newRequest()
+    ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee())
-      .setParam("parentKey", parent1.getKee())
+      .setParam(PARAM_PROFILE, child.getKee())
+      .setParam(PARAM_PARENT_PROFILE, parent1.getKee())
       .execute();
 
     // Check rule 1 enabled
@@ -196,10 +195,10 @@ public class ChangeParentActionTest {
     ruleActivator.setParent(dbSession, child, parent1);
 
     // Set parent 2 through WS
-    wsActionTester.newRequest()
+    ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee())
-      .setParam("parentKey", parent2.getKee())
+      .setParam(PARAM_PROFILE, child.getKee())
+      .setParam(PARAM_PARENT_PROFILE, parent2.getKee())
       .execute();
 
     // Check rule 2 enabled
@@ -224,9 +223,9 @@ public class ChangeParentActionTest {
     ruleActivator.setParent(dbSession, child, parent);
 
     // Remove parent through WS
-    wsActionTester.newRequest()
+    ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee())
+      .setParam(PARAM_PROFILE, child.getKee())
       .execute();
 
     // Check no rule enabled
@@ -254,12 +253,12 @@ public class ChangeParentActionTest {
     System.out.println("org key: " + organization.getKey());
 
     // 1. Set parent 1
-    wsActionTester.newRequest()
+    ws.newRequest()
       .setMethod("POST")
       .setParam(PARAM_LANGUAGE, child.getLanguage())
       .setParam(PARAM_PROFILE_NAME, child.getName())
       .setParam(PARAM_ORGANIZATION, organization.getKey())
-      .setParam("parentName", parent1.getName())
+      .setParam(PARAM_PARENT_NAME, parent1.getName())
       .execute();
 
     // 1. check rule 1 enabled
@@ -269,12 +268,12 @@ public class ChangeParentActionTest {
     assertThat(ruleIndex.search(new RuleQuery().setActivation(true).setQProfile(child), new SearchOptions()).getIds()).hasSize(1);
 
     // 2. Set parent 2
-    wsActionTester.newRequest()
+    ws.newRequest()
       .setMethod("POST")
       .setParam(PARAM_LANGUAGE, child.getLanguage())
       .setParam(PARAM_PROFILE_NAME, child.getName())
       .setParam(PARAM_ORGANIZATION, organization.getKey())
-      .setParam("parentName", parent2.getName())
+      .setParam(PARAM_PARENT_NAME, parent2.getName())
       .execute();
 
     // 2. check rule 2 enabled
@@ -283,12 +282,12 @@ public class ChangeParentActionTest {
     assertThat(activeRules2.get(0).getKey().getRuleKey().rule()).isEqualTo(rule2.getRuleKey());
 
     // 3. Remove parent
-    wsActionTester.newRequest()
+    ws.newRequest()
       .setMethod("POST")
       .setParam(PARAM_LANGUAGE, child.getLanguage())
       .setParam(PARAM_PROFILE_NAME, child.getName())
       .setParam(PARAM_ORGANIZATION, organization.getKey())
-      .setParam("parentName", "")
+      .setParam(PARAM_PARENT_NAME, "")
       .execute();
 
     // 3. check no rule enabled
@@ -313,10 +312,10 @@ public class ChangeParentActionTest {
     ruleActivator.setParent(dbSession, child, parent);
 
     // Remove parent
-    wsActionTester.newRequest()
+    ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee())
-      .setParam("parentKey", "")
+      .setParam(PARAM_PROFILE, child.getKee())
+      .setParam(PARAM_PARENT_PROFILE, "")
       .execute();
 
     // Check no rule enabled
@@ -333,10 +332,10 @@ public class ChangeParentActionTest {
     assertThat(dbClient.activeRuleDao().selectByProfileUuid(dbSession, child.getKee())).isEmpty();
     assertThat(ruleIndex.search(new RuleQuery().setActivation(true).setQProfile(child), new SearchOptions()).getIds()).isEmpty();
 
-    TestRequest request = wsActionTester.newRequest()
+    TestRequest request = ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee())
-      .setParam("parentKey", "palap");
+      .setParam(PARAM_PROFILE, child.getKee())
+      .setParam(PARAM_PARENT_PROFILE, "palap");
 
     thrown.expect(BadRequestException.class);
 
@@ -350,11 +349,11 @@ public class ChangeParentActionTest {
     assertThat(dbClient.activeRuleDao().selectByProfileUuid(dbSession, child.getKee())).isEmpty();
     assertThat(ruleIndex.search(new RuleQuery().setActivation(true).setQProfile(child), new SearchOptions()).getIds()).isEmpty();
 
-    TestRequest request = wsActionTester.newRequest()
+    TestRequest request = ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee())
-      .setParam("parentName", "polop")
-      .setParam("parentKey", "palap");
+      .setParam(PARAM_PROFILE, child.getKee())
+      .setParam(PARAM_PARENT_NAME, "polop")
+      .setParam(PARAM_PARENT_PROFILE, "palap");
     thrown.expect(IllegalArgumentException.class);
     request
       .execute();
@@ -367,12 +366,12 @@ public class ChangeParentActionTest {
     assertThat(dbClient.activeRuleDao().selectByProfileUuid(dbSession, child.getKee())).isEmpty();
     assertThat(ruleIndex.search(new RuleQuery().setActivation(true).setQProfile(child), new SearchOptions()).getIds()).isEmpty();
 
-    TestRequest request = wsActionTester.newRequest()
+    TestRequest request = ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee())
+      .setParam(PARAM_PROFILE, child.getKee())
       .setParam(PARAM_PROFILE_NAME, child.getName())
       .setParam(PARAM_ORGANIZATION, organization.getKey())
-      .setParam("parentKey", "palap");
+      .setParam(PARAM_PARENT_PROFILE, "palap");
 
     thrown.expect(IllegalArgumentException.class);
     request.execute();
@@ -384,9 +383,9 @@ public class ChangeParentActionTest {
 
     QProfileDto child = createProfile();
 
-    TestRequest request = wsActionTester.newRequest()
+    TestRequest request = ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee());
+      .setParam(PARAM_PROFILE, child.getKee());
 
     thrown.expect(ForbiddenException.class);
     thrown.expectMessage("Insufficient privileges");
@@ -400,9 +399,9 @@ public class ChangeParentActionTest {
 
     QProfileDto child = createProfile();
 
-    TestRequest request = wsActionTester.newRequest()
+    TestRequest request = ws.newRequest()
       .setMethod("POST")
-      .setParam(PARAM_PROFILE_KEY, child.getKee());
+      .setParam(PARAM_PROFILE, child.getKee());
 
     thrown.expect(ForbiddenException.class);
     thrown.expectMessage("Insufficient privileges");

diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfileWsParameters.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfileWsParameters.java
index 279045bd1710a9c95753efe4d1e4a15a5f67efe2..43850f02c2ba634b0ed4d57a78a827d4ab62d21a 100644 (file)
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfileWsParameters.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfileWsParameters.java
@@ -46,8 +46,8 @@ public class QualityProfileWsParameters {
   public static final String PARAM_ORGANIZATION = "organization";
   public static final String PARAM_LANGUAGE = "language";
   public static final String PARAM_PARAMS = "params";
-  public static final String PARAM_PARENT_KEY = "parentKey";
   public static final String PARAM_PARENT_NAME = "parentName";
+  public static final String PARAM_PARENT_PROFILE = "parentProfile";
   public static final String PARAM_PROFILE = "profile";
   public static final String PARAM_PROFILE_KEY = "profileKey";
   public static final String PARAM_PROFILE_NAME = "profileName";

diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfilesService.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfilesService.java
index 1c958ccfce9a4ac26ef78d977a841ff4d883cec8..46e327963ee1bab190d0acd8074d79107224f2a6 100644 (file)
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfilesService.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/qualityprofile/QualityProfilesService.java
@@ -45,8 +45,8 @@ import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LANGUAGE;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_ORGANIZATION;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PARAMS;
-import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PARENT_KEY;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PARENT_NAME;
+import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PARENT_PROFILE;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PROFILE;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PROFILE_KEY;
 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_PROFILE_NAME;
@@ -138,9 +138,9 @@ public class QualityProfilesService extends BaseService {
   public void changeParent(ChangeParentRequest request) {
     call(new PostRequest(path(ACTION_CHANGE_PARENT))
       .setParam(PARAM_LANGUAGE, request.getLanguage())
-      .setParam(PARAM_PARENT_KEY, request.getParentKey())
+      .setParam(PARAM_PARENT_PROFILE, request.getParentKey())
       .setParam(PARAM_PARENT_NAME, request.getParentName())
-      .setParam(PARAM_PROFILE_KEY, request.getProfileKey())
+      .setParam(PARAM_PROFILE, request.getProfileKey())
       .setParam(PARAM_PROFILE_NAME, request.getProfileName())
       .setParam(PARAM_ORGANIZATION, request.getOrganization()));
   }