SONAR-7242 Update error message

 Update error generate in issues mode when no browse permission

diff --git a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
index 6cd82019487c7366e3f4865d71bec33e6b551c6f..91f0fd59be4a2aae396a6826e1ae3d53bdaf3666 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
@@ -66,11 +66,6 @@ public class ProjectDataLoader {
       boolean hasBrowsePerm = userSession.hasComponentUuidPermission(USER, module.projectUuid());
       checkPermission(query.isIssuesMode(), hasScanPerm, hasBrowsePerm);
 
-      // Scan permission is enough to analyze all projects but browse permission is limited to projects user can access
-      if (query.isIssuesMode() && !userSession.hasComponentUuidPermission(USER, module.projectUuid())) {
-        throw new ForbiddenException("You're not authorized to access to project '" + module.name() + "', please contact your SonarQube administrator.");
-      }
-
       ComponentDto project = getProject(module, session);
       if (!project.key().equals(module.key())) {
         addSettings(data, module.getKey(), getSettingsFromParents(module, hasScanPerm, session));
@@ -190,7 +185,7 @@ public class ProjectDataLoader {
         "Please contact your SonarQube administrator.");
     }
     if (preview && !hasBrowsePerm) {
-      throw new ForbiddenException("You're not authorized to execute a preview analysis. Please contact your SonarQube administrator.");
+      throw new ForbiddenException("You don't have the required permissions to access this project. Please contact your SonarQube administrator.");
     }
   }
 

diff --git a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderMediumTest.java
index 2597d104c4479a7b0d0da415f372752cd80a2e1a..63c5d6c84c3fde491bfd9f213345c2cff4624041 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderMediumTest.java
@@ -31,6 +31,7 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.web.UserRole;
 import org.sonar.batch.protocol.input.FileData;
 import org.sonar.batch.protocol.input.ProjectRepositories;
+import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.component.ComponentDto;
@@ -474,6 +475,19 @@ public class ProjectDataLoaderMediumTest {
     underTest.load(ProjectDataQuery.create().setModuleKey(project.key()).setIssuesMode(false));
   }
 
+  @Test
+  public void fail_when_preview_and_only_scan_permission_without_browse_permission() {
+    ComponentDto project = ComponentTesting.newProjectDto();
+    tester.get(DbClient.class).componentDao().insert(dbSession, project);
+    dbSession.commit();
+
+    userSessionRule.login("john").addProjectUuidPermissions(GlobalPermissions.SCAN_EXECUTION, project.projectUuid());
+
+    thrown.expect(ForbiddenException.class);
+    thrown.expectMessage("You don't have the required permissions to access this project. Please contact your SonarQube administrator.");
+    underTest.load(ProjectDataQuery.create().setModuleKey(project.key()).setIssuesMode(true));
+  }
+
   @Test
   public void return_file_data_from_single_project() {
     ComponentDto project = ComponentTesting.newProjectDto();