package org.sonar.server.permission.ws;
+import com.google.common.base.Optional;
+import com.google.common.collect.ImmutableSortedSet;
import com.google.common.io.Resources;
import java.util.List;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
-import org.sonar.api.utils.text.JsonWriter;
+import org.sonar.api.server.ws.WebService.Param;
+import org.sonar.api.server.ws.WebService.SelectionMode;
+import org.sonar.core.permission.ComponentPermissions;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.permission.GroupWithPermission;
-import org.sonar.core.util.ProtobufJsonFormat;
+import org.sonar.db.component.ComponentDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.server.permission.GroupWithPermissionQueryResult;
import org.sonar.server.permission.PermissionFinder;
-import org.sonar.server.plugins.MimeTypes;
-import org.sonar.server.user.UserSession;
import org.sonarqube.ws.Common;
import org.sonarqube.ws.Permissions;
import static com.google.common.base.Objects.firstNonNull;
+import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING;
import static org.sonar.server.permission.PermissionQueryParser.toMembership;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PERMISSION;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_KEY;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_UUID;
+import static org.sonar.server.ws.WsUtils.writeProtobuf;
public class GroupsAction implements PermissionsWsAction {
- private final UserSession userSession;
private final PermissionFinder permissionFinder;
+ private final PermissionWsCommons permissionWsCommons;
- public GroupsAction(UserSession userSession, PermissionFinder permissionFinder) {
- this.userSession = userSession;
+ public GroupsAction(PermissionFinder permissionFinder, PermissionWsCommons permissionWsCommons) {
this.permissionFinder = permissionFinder;
+ this.permissionWsCommons = permissionWsCommons;
}
@Override
.setSince("5.2")
.setInternal(true)
.setDescription(String.format("List permission's groups.<br /> " +
+ "If the project id or project key is provided, groups with project permissions are returned.<br />" +
"If the query parameter '%s' is specified, the '%s' parameter is '%s'.",
- WebService.Param.TEXT_QUERY, WebService.Param.SELECTED, WebService.SelectionMode.ALL.value()))
+ Param.TEXT_QUERY, Param.SELECTED, SelectionMode.ALL.value()))
.addPagingParams(100)
.addSearchQuery("sonar", "names")
.addSelectionModeParam()
.setResponseExample(Resources.getResource(getClass(), "groups-example.json"))
.setHandler(this);
- action.createParam("permission")
- .setExampleValue("scan")
+ action.createParam(PARAM_PERMISSION)
+ .setExampleValue(DASHBOARD_SHARING)
.setRequired(true)
- .setPossibleValues(GlobalPermissions.ALL);
+ .setPossibleValues(ImmutableSortedSet.naturalOrder()
+ .addAll(GlobalPermissions.ALL)
+ .addAll(ComponentPermissions.ALL)
+ .build());
+
+ action.createParam(PARAM_PROJECT_UUID)
+ .setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d")
+ .setDescription("Project id");
+
+ action.createParam(PARAM_PROJECT_KEY)
+ .setExampleValue("org.apache.hbas:hbase")
+ .setDescription("Project key");
}
@Override
- public void handle(Request request, Response response) throws Exception {
- String permission = request.mandatoryParam("permission");
- String selected = request.param(WebService.Param.SELECTED);
- int page = request.mandatoryParamAsInt(WebService.Param.PAGE);
- int pageSize = request.mandatoryParamAsInt(WebService.Param.PAGE_SIZE);
- String query = request.param(WebService.Param.TEXT_QUERY);
- if (query != null) {
- selected = WebService.SelectionMode.ALL.value();
- }
+ public void handle(Request wsRequest, Response wsResponse) throws Exception {
+ int page = wsRequest.mandatoryParamAsInt(Param.PAGE);
+ int pageSize = wsRequest.mandatoryParamAsInt(Param.PAGE_SIZE);
- userSession
- .checkLoggedIn()
- .checkGlobalPermission(GlobalPermissions.SYSTEM_ADMIN);
+ Optional<ComponentDto> project = permissionWsCommons.searchProject(wsRequest);
+ permissionWsCommons.checkPermissions(project);
- PermissionQuery.Builder permissionQuery = PermissionQuery.builder()
- .permission(permission)
- .pageIndex(page)
- .pageSize(pageSize)
- .membership(toMembership(firstNonNull(selected, WebService.SelectionMode.SELECTED.value())));
- if (query != null) {
- permissionQuery.search(query);
- }
+ PermissionQuery permissionQuery = buildPermissionQuery(wsRequest, project);
+ Permissions.GroupsResponse groupsResponse = groupsResponse(permissionQuery, page, pageSize);
+
+ writeProtobuf(groupsResponse, wsRequest, wsResponse);
+ }
- GroupWithPermissionQueryResult groupsResult = permissionFinder.findGroupsWithPermission(permissionQuery.build());
+ private Permissions.GroupsResponse groupsResponse(PermissionQuery permissionQuery, int page, int pageSize) {
+ GroupWithPermissionQueryResult groupsResult = permissionFinder.findGroupsWithPermission(permissionQuery);
List<GroupWithPermission> groupsWithPermission = groupsResult.groups();
Permissions.GroupsResponse.Builder groupsResponse = Permissions.GroupsResponse.newBuilder();
.setTotal(groupsResult.total())
);
- response.stream().setMediaType(MimeTypes.JSON);
- JsonWriter json = response.newJsonWriter();
- ProtobufJsonFormat.write(groupsResponse.build(), json);
- json.close();
+ return groupsResponse.build();
+ }
+
+ private static PermissionQuery buildPermissionQuery(Request wsRequest, Optional<ComponentDto> project) {
+ String permission = wsRequest.mandatoryParam("permission");
+ String selected = wsRequest.param(Param.SELECTED);
+ int page = wsRequest.mandatoryParamAsInt(Param.PAGE);
+ int pageSize = wsRequest.mandatoryParamAsInt(Param.PAGE_SIZE);
+ String query = wsRequest.param(Param.TEXT_QUERY);
+ if (query != null) {
+ selected = SelectionMode.ALL.value();
+ }
+
+ PermissionQuery.Builder permissionQuery = PermissionQuery.builder()
+ .permission(permission)
+ .pageIndex(page)
+ .pageSize(pageSize)
+ .membership(toMembership(firstNonNull(selected, SelectionMode.SELECTED.value())));
+ if (query != null) {
+ permissionQuery.search(query);
+ }
+ if (project.isPresent()) {
+ permissionQuery.component(project.get().getKey());
+ }
+
+ return permissionQuery.build();
}
}
package org.sonar.server.permission.ws;
+import com.google.common.base.Joiner;
+import com.google.common.base.Optional;
import javax.annotation.Nullable;
import org.sonar.api.server.ws.Request;
+import org.sonar.api.web.UserRole;
+import org.sonar.core.permission.ComponentPermissions;
+import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.permission.PermissionChange;
+import org.sonar.server.user.UserSession;
+
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
public class PermissionWsCommons {
public static final String PARAM_PROJECT_UUID = "projectId";
public static final String PARAM_PROJECT_KEY = "projectKey";
public static final String PARAM_USER_LOGIN = "login";
+ private static final String PROJECT_PERMISSIONS_ONE_LINE = Joiner.on(",").join(ComponentPermissions.ALL);
+ private static final String GLOBAL_PERMISSIONS_ONE_LINE = Joiner.on(",").join(GlobalPermissions.ALL);
private final DbClient dbClient;
private final ComponentFinder componentFinder;
+ private final UserSession userSession;
- public PermissionWsCommons(DbClient dbClient, ComponentFinder componentFinder) {
+ public PermissionWsCommons(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession) {
this.dbClient = dbClient;
this.componentFinder = componentFinder;
+ this.userSession = userSession;
}
public String searchGroupName(DbSession dbSession, @Nullable String groupNameParam, @Nullable Long groupId) {
throw new BadRequestException("Group name or group id must be provided, not both");
}
- private static boolean isProjectUuidOrProjectKeyProvided(@Nullable String projectUuid, @Nullable String projectKey) {
+ static boolean isProjectUuidOrProjectKeyProvided(@Nullable String projectUuid, @Nullable String projectKey) {
return projectUuid != null || projectKey != null;
}
+
+ Optional<ComponentDto> searchProject(Request request) {
+ String projectUuid = request.param(PARAM_PROJECT_UUID);
+ String projectKey = request.param(PARAM_PROJECT_KEY);
+
+ DbSession dbSession = dbClient.openSession(false);
+ try {
+ if (isProjectUuidOrProjectKeyProvided(projectUuid, projectKey)) {
+ return Optional.of(componentFinder.getProjectByUuidOrKey(dbSession, projectUuid, projectKey));
+ }
+ return Optional.absent();
+ } finally {
+ dbClient.closeSession(dbSession);
+ }
+ }
+
+ void checkPermissions(Optional<ComponentDto> project) {
+ userSession.checkLoggedIn();
+
+ if (userSession.hasGlobalPermission(SYSTEM_ADMIN) || projectPresentAndAdminPermissionsOnIt(project)) {
+ return;
+ }
+
+ userSession.checkGlobalPermission(SYSTEM_ADMIN);
+ }
+
+ boolean projectPresentAndAdminPermissionsOnIt(Optional<ComponentDto> project) {
+ return project.isPresent() && userSession.hasProjectPermissionByUuid(UserRole.ADMIN, project.get().projectUuid());
+ }
}
package org.sonar.server.permission.ws;
-import com.google.common.io.Resources;
+import com.google.common.base.Optional;
import java.util.List;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.server.ws.WebService.SelectionMode;
-import org.sonar.api.utils.text.JsonWriter;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.permission.UserWithPermission;
-import org.sonar.core.util.ProtobufJsonFormat;
+import org.sonar.db.component.ComponentDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.server.permission.PermissionFinder;
import org.sonar.server.permission.UserWithPermissionQueryResult;
-import org.sonar.server.plugins.MimeTypes;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.Common;
-import org.sonarqube.ws.Permissions;
+import org.sonarqube.ws.Permissions.UsersResponse;
import static com.google.common.base.Objects.firstNonNull;
import static org.sonar.server.permission.PermissionQueryParser.toMembership;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PERMISSION;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_KEY;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_UUID;
+import static org.sonar.server.ws.WsUtils.writeProtobuf;
public class UsersAction implements PermissionsWsAction {
private final UserSession userSession;
private final PermissionFinder permissionFinder;
+ private final PermissionWsCommons permissionWsCommons;
- public UsersAction(UserSession userSession, PermissionFinder permissionFinder) {
+ public UsersAction(UserSession userSession, PermissionFinder permissionFinder, PermissionWsCommons permissionWsCommons) {
+ this.permissionWsCommons = permissionWsCommons;
this.userSession = userSession;
this.permissionFinder = permissionFinder;
}
WebService.NewAction action = context.createAction("users")
.setSince("5.2")
.setDescription(String.format("List permission's users.<br /> " +
+ "If the project id or project key is provided, users with project permissions are returned.<br />" +
"If the query parameter '%s' is specified, the '%s' parameter is '%s'.",
Param.TEXT_QUERY, Param.SELECTED, SelectionMode.ALL.value()))
.addPagingParams(100)
.addSearchQuery("stas", "names")
.addSelectionModeParam()
.setInternal(true)
- .setResponseExample(Resources.getResource(getClass(), "users-example.json"))
+ .setResponseExample(getClass().getResource("users-example.json"))
.setHandler(this);
- action.createParam("permission")
+ action.createParam(PARAM_PERMISSION)
.setExampleValue("scan")
.setRequired(true)
.setPossibleValues(GlobalPermissions.ALL);
+
+ action.createParam(PARAM_PROJECT_UUID)
+ .setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d")
+ .setDescription("Project id");
+
+ action.createParam(PARAM_PROJECT_KEY)
+ .setExampleValue("org.apache.hbas:hbase")
+ .setDescription("Project key");
}
@Override
- public void handle(Request request, Response response) throws Exception {
- String permission = request.mandatoryParam("permission");
- String selected = request.param(Param.SELECTED);
- int page = request.mandatoryParamAsInt(Param.PAGE);
- int pageSize = request.mandatoryParamAsInt(Param.PAGE_SIZE);
- String query = request.param(Param.TEXT_QUERY);
- if (query != null) {
- selected = SelectionMode.ALL.value();
- }
+ public void handle(Request wsRequest, Response wsResponse) throws Exception {
+ int page = wsRequest.mandatoryParamAsInt(Param.PAGE);
+ int pageSize = wsRequest.mandatoryParamAsInt(Param.PAGE_SIZE);
- userSession
- .checkLoggedIn()
- .checkGlobalPermission(GlobalPermissions.SYSTEM_ADMIN);
+ Optional<ComponentDto> project = permissionWsCommons.searchProject(wsRequest);
+ permissionWsCommons.checkPermissions(project);
+ PermissionQuery permissionQuery = buildPermissionQuery(wsRequest, project);
+ UsersResponse usersResponse = usersResponse(permissionQuery, page, pageSize);
- PermissionQuery.Builder permissionQuery = PermissionQuery.builder()
- .permission(permission)
- .pageIndex(page)
- .pageSize(pageSize)
- .membership(toMembership(firstNonNull(selected, SelectionMode.SELECTED.value())));
- if (query != null) {
- permissionQuery.search(query);
- }
+ writeProtobuf(usersResponse, wsRequest, wsResponse);
+ }
- UserWithPermissionQueryResult usersResult = permissionFinder.findUsersWithPermission(permissionQuery.build());
+ private UsersResponse usersResponse(PermissionQuery permissionQuery, int page, int pageSize) {
+ UserWithPermissionQueryResult usersResult = permissionFinder.findUsersWithPermission(permissionQuery);
List<UserWithPermission> usersWithPermission = usersResult.users();
- Permissions.UsersResponse.Builder userResponse = Permissions.UsersResponse.newBuilder();
- Permissions.UsersResponse.User.Builder user = Permissions.UsersResponse.User.newBuilder();
+ UsersResponse.Builder userResponse = UsersResponse.newBuilder();
+ UsersResponse.User.Builder user = UsersResponse.User.newBuilder();
Common.Paging.Builder paging = Common.Paging.newBuilder();
for (UserWithPermission userWithPermission : usersWithPermission) {
userResponse.addUsers(
);
}
- response.stream().setMediaType(MimeTypes.JSON);
- JsonWriter json = response.newJsonWriter();
- ProtobufJsonFormat.write(userResponse.build(), json);
- json.close();
+ return userResponse.build();
+ }
+
+ private static PermissionQuery buildPermissionQuery(Request request, Optional<ComponentDto> project) {
+ String permission = request.mandatoryParam(PARAM_PERMISSION);
+ String selected = request.param(Param.SELECTED);
+ int page = request.mandatoryParamAsInt(Param.PAGE);
+ int pageSize = request.mandatoryParamAsInt(Param.PAGE_SIZE);
+ String query = request.param(Param.TEXT_QUERY);
+ if (query != null) {
+ selected = SelectionMode.ALL.value();
+ }
+
+ PermissionQuery.Builder permissionQuery = PermissionQuery.builder()
+ .permission(permission)
+ .pageIndex(page)
+ .pageSize(pageSize)
+ .membership(toMembership(firstNonNull(selected, SelectionMode.SELECTED.value())));
+ if (query != null) {
+ permissionQuery.search(query);
+ }
+ if (project.isPresent()) {
+ permissionQuery.component(project.get().getKey());
+ }
+
+ return permissionQuery.build();
}
}
permissionChangeCaptor = ArgumentCaptor.forClass(PermissionChange.class);
dbClient = db.getDbClient();
ws = new WsTester(new PermissionsWs(
- new AddGroupAction(dbClient, new PermissionWsCommons(dbClient, new ComponentFinder(dbClient)), permissionUpdater)));
+ new AddGroupAction(dbClient, new PermissionWsCommons(dbClient, new ComponentFinder(dbClient), userSession), permissionUpdater)));
userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN);
}
dbClient = db.getDbClient();
dbSession = db.getSession();
ws = new WsTester(new PermissionsWs(
- new AddUserAction(permissionUpdater, new PermissionWsCommons(dbClient, new ComponentFinder(dbClient)))));
+ new AddUserAction(permissionUpdater, new PermissionWsCommons(dbClient, new ComponentFinder(dbClient), userSession))));
userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN);
}
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.server.ws.WebService.SelectionMode;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
+import org.sonar.api.web.UserRole;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
+import org.sonar.db.component.ComponentDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.GroupRoleDto;
+import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.permission.PermissionFinder;
import org.sonar.test.DbTests;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
+import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.component.ComponentTesting.newProjectDto;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PERMISSION;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_UUID;
import static org.sonar.test.JsonAssert.assertJson;
@Category(DbTests.class)
DbClient dbClient;
DbSession dbSession;
WsActionTester ws;
- PermissionFinder permissionFinder;
GroupsAction underTest;
public void setUp() {
dbClient = db.getDbClient();
dbSession = db.getSession();
- permissionFinder = new PermissionFinder(dbClient);
- userSession.login("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- underTest = new GroupsAction(userSession, permissionFinder);
+ PermissionFinder permissionFinder = new PermissionFinder(dbClient);
+ PermissionWsCommons permissionWsCommons = new PermissionWsCommons(dbClient, new ComponentFinder(dbClient), userSession);
+ underTest = new GroupsAction(permissionFinder, permissionWsCommons);
ws = new WsActionTester(underTest);
- GroupDto group1 = dbClient.groupDao().insert(dbSession, new GroupDto()
- .setName("group-1-name")
- .setDescription("group-1-description"));
- GroupDto group2 = dbClient.groupDao().insert(dbSession, new GroupDto()
- .setName("group-2-name")
- .setDescription("group-2-description"));
- GroupDto group3 = dbClient.groupDao().insert(dbSession, new GroupDto()
- .setName("group-3-name")
- .setDescription("group-3-description"));
- dbClient.roleDao().insertGroupRole(dbSession, new GroupRoleDto()
- .setGroupId(group1.getId())
- .setRole(GlobalPermissions.SCAN_EXECUTION));
- dbClient.roleDao().insertGroupRole(dbSession, new GroupRoleDto()
- .setGroupId(group2.getId())
- .setRole(GlobalPermissions.SCAN_EXECUTION));
- dbClient.roleDao().insertGroupRole(dbSession, new GroupRoleDto()
- .setGroupId(group3.getId())
- .setRole(GlobalPermissions.SYSTEM_ADMIN));
- dbSession.commit();
+ userSession.login("login").setGlobalPermissions(SYSTEM_ADMIN);
+
+ GroupDto group1 = insertGroup(new GroupDto().setName("group-1-name").setDescription("group-1-description"));
+ GroupDto group2 = insertGroup(new GroupDto().setName("group-2-name").setDescription("group-2-description"));
+ GroupDto group3 = insertGroup(new GroupDto().setName("group-3-name").setDescription("group-3-description"));
+ insertGroupRole(new GroupRoleDto().setGroupId(group1.getId()).setRole(SCAN_EXECUTION));
+ insertGroupRole(new GroupRoleDto().setGroupId(group2.getId()).setRole(SCAN_EXECUTION));
+ insertGroupRole(new GroupRoleDto().setGroupId(group3.getId()).setRole(SYSTEM_ADMIN));
}
@Test
public void search_for_groups_with_one_permission() {
String result = ws.newRequest()
- .setParam("permission", "scan")
+ .setParam(PARAM_PERMISSION, SCAN_EXECUTION)
.execute().getInput();
assertJson(result).isSimilarTo(Resources.getResource(getClass(), "GroupsActionTest/groups.json"));
assertThat(result)
.contains("group-1", "group-2", "group-3")
.doesNotContain(DefaultGroups.ANYONE);
+ }
+
+ @Test
+ public void search_groups_with_project_permissions() {
+ dbClient.componentDao().insert(dbSession, newProjectDto("project-uuid").setKey("project-key"));
+ ComponentDto project = dbClient.componentDao().selectOrFailByUuid(dbSession, "project-uuid");
+ GroupDto group = insertGroup(new GroupDto().setName("project-group-name"));
+ insertGroupRole(new GroupRoleDto()
+ .setGroupId(group.getId())
+ .setRole(ISSUE_ADMIN)
+ .setResourceId(project.getId()));
+ userSession.login().addProjectUuidPermissions(UserRole.ADMIN, "project-uuid");
+ String result = ws.newRequest()
+ .setParam(PARAM_PERMISSION, ISSUE_ADMIN)
+ .setParam(PARAM_PROJECT_UUID, "project-uuid")
+ .execute().getInput();
+
+ assertThat(result).contains("project-group-name")
+ .doesNotContain("group-1")
+ .doesNotContain("group-2")
+ .doesNotContain("group-3");
}
@Test
ws.newRequest()
.execute();
}
+
+ private GroupDto insertGroup(GroupDto group) {
+ GroupDto result = dbClient.groupDao().insert(dbSession, group);
+ commit();
+
+ return result;
+ }
+
+ private void insertGroupRole(GroupRoleDto groupRole) {
+ dbClient.roleDao().insertGroupRole(dbSession, groupRole);
+ commit();
+ }
+
+ private void commit() {
+ dbSession.commit();
+ }
}
public void setUp() {
permissionUpdater = mock(PermissionUpdater.class);
ws = new WsTester(new PermissionsWs(
- new RemoveGroupAction(db.getDbClient(), new PermissionWsCommons(db.getDbClient(), new ComponentFinder(db.getDbClient())), permissionUpdater)));
+ new RemoveGroupAction(db.getDbClient(), new PermissionWsCommons(db.getDbClient(), new ComponentFinder(db.getDbClient()), userSession), permissionUpdater)));
userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN);
}
dbClient = db.getDbClient();
dbSession = db.getSession();
ws = new WsTester(new PermissionsWs(
- new RemoveUserAction(permissionUpdater, new PermissionWsCommons(dbClient, new ComponentFinder(dbClient)))));
+ new RemoveUserAction(permissionUpdater, new PermissionWsCommons(dbClient, new ComponentFinder(dbClient), userSession))));
userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN);
}
package org.sonar.server.permission.ws;
-import com.google.common.io.Resources;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.server.ws.WebService.SelectionMode;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
+import org.sonar.db.component.ComponentDto;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserRoleDto;
+import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.permission.PermissionFinder;
import org.sonar.test.DbTests;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.component.ComponentTesting.newProjectDto;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PERMISSION;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_UUID;
import static org.sonar.test.JsonAssert.assertJson;
@Category(DbTests.class)
DbClient dbClient = db.getDbClient();
DbSession dbSession = db.getSession();
WsActionTester ws;
- PermissionFinder permissionFinder;
UsersAction underTest;
@Before
public void setUp() {
- permissionFinder = new PermissionFinder(dbClient);
- userSession.login("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- underTest = new UsersAction(userSession, permissionFinder);
+ PermissionFinder permissionFinder = new PermissionFinder(dbClient);
+ PermissionWsCommons permissionWsCommons = new PermissionWsCommons(dbClient, new ComponentFinder(dbClient), userSession);
+ underTest = new UsersAction(userSession, permissionFinder, permissionWsCommons);
ws = new WsActionTester(underTest);
- UserDto user1 = dbClient.userDao().insert(dbSession, new UserDto()
- .setActive(true)
- .setLogin("login-1")
- .setName("name-1"));
- UserDto user2 = dbClient.userDao().insert(dbSession, new UserDto()
- .setActive(true)
- .setLogin("login-2")
- .setName("name-2"));
- UserDto user3 = dbClient.userDao().insert(dbSession, new UserDto()
- .setActive(true)
- .setLogin("login-3")
- .setName("name-3"));
- dbClient.roleDao().insertUserRole(dbSession, new UserRoleDto()
- .setRole(GlobalPermissions.SCAN_EXECUTION)
- .setUserId(user1.getId()));
- dbClient.roleDao().insertUserRole(dbSession, new UserRoleDto()
- .setRole(GlobalPermissions.SCAN_EXECUTION)
- .setUserId(user2.getId()));
- dbClient.roleDao().insertUserRole(dbSession, new UserRoleDto()
- .setRole(GlobalPermissions.SYSTEM_ADMIN)
- .setUserId(user3.getId()));
- dbSession.commit();
+ userSession.login("login").setGlobalPermissions(SYSTEM_ADMIN);
+
+ UserDto user1 = insertUser(new UserDto().setLogin("login-1").setName("name-1"));
+ UserDto user2 = insertUser(new UserDto().setLogin("login-2").setName("name-2"));
+ UserDto user3 = insertUser(new UserDto().setLogin("login-3").setName("name-3"));
+ insertUserRole(new UserRoleDto().setRole(SCAN_EXECUTION).setUserId(user1.getId()));
+ insertUserRole(new UserRoleDto().setRole(SCAN_EXECUTION).setUserId(user2.getId()));
+ insertUserRole(new UserRoleDto().setRole(SYSTEM_ADMIN).setUserId(user3.getId()));
+ commit();
+ }
+
+ @Test
+ public void search_for_users_with_response_example() {
+ db.truncateTables();
+ UserDto user1 = insertUser(new UserDto().setLogin("admin").setName("Administrator"));
+ UserDto user2 = insertUser(new UserDto().setLogin("george.orwell").setName("George Orwell"));
+ insertUserRole(new UserRoleDto().setRole(SCAN_EXECUTION).setUserId(user1.getId()));
+ insertUserRole(new UserRoleDto().setRole(SCAN_EXECUTION).setUserId(user2.getId()));
+ commit();
+
+ String result = ws.newRequest().setParam("permission", "scan").execute().getInput();
+
+ assertJson(result).isSimilarTo(getClass().getResource("users-example.json"));
}
@Test
public void search_for_users_with_one_permission() {
String result = ws.newRequest().setParam("permission", "scan").execute().getInput();
- assertJson(result).isSimilarTo(Resources.getResource(getClass(), "UsersActionTest/users.json"));
+ assertJson(result).isSimilarTo(getClass().getResource("UsersActionTest/users.json"));
}
@Test
- public void search_for_users_with_response_example() {
- db.truncateTables();
- UserDto user1 = dbClient.userDao().insert(dbSession, new UserDto()
- .setActive(true)
- .setLogin("admin")
- .setName("Administrator"));
- UserDto user2 = dbClient.userDao().insert(dbSession, new UserDto()
- .setActive(true)
- .setLogin("george.orwell")
- .setName("George Orwell"));
- dbClient.roleDao().insertUserRole(dbSession, new UserRoleDto()
- .setRole(GlobalPermissions.SCAN_EXECUTION)
- .setUserId(user1.getId()));
- dbClient.roleDao().insertUserRole(dbSession, new UserRoleDto()
- .setRole(GlobalPermissions.SCAN_EXECUTION)
- .setUserId(user2.getId()));
- dbSession.commit();
+ public void search_for_users_with_permission_on_project() {
+ dbClient.componentDao().insert(dbSession, newProjectDto("project-uuid").setKey("project-key"));
+ ComponentDto project = dbClient.componentDao().selectOrFailByUuid(dbSession, "project-uuid");
+ UserDto user = insertUser(new UserDto().setLogin("project-user-login").setName("project-user-name"));
+ insertUserRole(new UserRoleDto().setRole(SCAN_EXECUTION).setUserId(user.getId()).setResourceId(project.getId()));
+ commit();
+ userSession.login().addProjectUuidPermissions(SYSTEM_ADMIN, "project-uuid");
- String result = ws.newRequest().setParam("permission", "scan").execute().getInput();
+ String result = ws.newRequest()
+ .setParam(PARAM_PERMISSION, SCAN_EXECUTION)
+ .setParam(PARAM_PROJECT_UUID, "project-uuid")
+ .execute().getInput();
- assertJson(result).isSimilarTo(Resources.getResource(getClass(), "users-example.json"));
+ assertThat(result).contains("project-user-login")
+ .doesNotContain("login-1");
}
@Test
userSession.login("login");
ws.newRequest()
- .setParam("permission", GlobalPermissions.SYSTEM_ADMIN)
+ .setParam("permission", SYSTEM_ADMIN)
.execute();
}
userSession.anonymous();
ws.newRequest()
- .setParam("permission", GlobalPermissions.SYSTEM_ADMIN)
+ .setParam("permission", SYSTEM_ADMIN)
.execute();
}
+
+ private UserDto insertUser(UserDto userDto) {
+ UserDto user = dbClient.userDao().insert(dbSession, userDto.setActive(true));
+ commit();
+ return user;
+ }
+
+ private void insertUserRole(UserRoleDto userRoleDto) {
+ dbClient.roleDao().insertUserRole(dbSession, userRoleDto);
+ commit();
+ }
+
+ private void commit() {
+ dbSession.commit();
+ }
}
projects / sonarqube.git / commitdiff