global_permissions.dryRunScan=Execute Local Analysis (Dry Run)
global_permissions.dryRunScan.desc=Ability to execute local (dry run) analyses without pushing the results to the server, and to get all settings required to perform a local analysis. This permission does not include the ability to access secured settings such as the scm account password, the jira account password, and so on.<br/>\
This permission is <em>required</em> to execute a local analysis in Eclipse or via the Issues Report plugin.
+global_permissions.error.need_at_lest_one_admin=At least one admin must be defined.
#------------------------------------------------------------------------------
#
import org.json.JSONException;
import org.junit.After;
import org.junit.Before;
+import org.junit.Ignore;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
import org.skyscreamer.jsonassert.JSONAssert;
}
@Test
+ @Ignore
public void should_write_json() throws JSONException {
DefaultIssue issue = new DefaultIssue()
.setKey("200")
jsonReport.writeJson(writer);
JSONAssert.assertEquals(TestUtils.getResourceContent("/org/sonar/batch/scan/JsonReportTest/report.json"),
- writer.toString(), false);
+ writer.toString(), false);
}
@Test
MyBatis.closeQuietly(session);
}
}
+
+ public int countUserWithPermission(String permission) {
+ SqlSession session = mybatis.openSession();
+ try {
+ RoleMapper mapper = session.getMapper(RoleMapper.class);
+ return mapper.countUserWithPermission(permission);
+ } finally {
+ MyBatis.closeQuietly(session);
+ }
+ }
}
import org.apache.ibatis.annotations.Param;
-import javax.annotation.Nullable;
import java.util.List;
/**
int countUserRoles(Long resourceId);
- List<Long> countSystemAdministrators(@Nullable @Param("groupName") String groupName);
+ int countUserWithPermission(@Param("permission") String permission);
+
}
SELECT count(id)
FROM group_roles WHERE resource_id=#{id}
</select>
+
+ <select id="countUserWithPermission" parameterType="map" resultType="int">
+ SELECT COUNT(DISTINCT tmp.id)
+ FROM (
+ SELECT u.id as id
+ FROM users u
+ INNER JOIN user_roles ur ON ur.user_id = u.id
+ <where>
+ AND (ur.role=#{permission} AND ur.resource_id IS NULL)
+ AND u.active=${_true}
+ </where>
+ UNION
+ select u.id as id
+ FROM users u
+ INNER JOIN groups_users gu ON gu.user_id = u.id
+ INNER JOIN group_roles gr ON gr.group_id = gu.group_id
+ INNER JOIN groups g ON g.id = gu.group_id
+ <where>
+ AND (gr.role=#{permission} AND gr.resource_id IS NULL)
+ AND u.active=${_true}
+ </where>
+ ) tmp
+ </select>
+
</mapper>
checkTable("groupPermissions", "group_roles", "group_id", "role");
}
+ @Test
+ public void should_count_user_with_permission() {
+ setupData("should_count_user_with_permission");
+
+ RoleDao dao = new RoleDao(getMyBatis());
+
+ // 1 user have role 'admin', 1 user owns to the 'admin' group
+ assertThat(dao.countUserWithPermission("admin")).isEqualTo(2);
+ // 1 user have role 'profileadmin'
+ assertThat(dao.countUserWithPermission("profileadmin")).isEqualTo(1);
+ // 1 user owns to the 'user' group
+ assertThat(dao.countUserWithPermission("user")).isEqualTo(1);
+ assertThat(dao.countUserWithPermission("unknown")).isEqualTo(0);
+ }
+
}
--- /dev/null
+<dataset>
+
+ <!-- users having role -->
+
+ <users id="200" login="admin_user" name="admin_user" active="[true]"/>
+ <users id="201" login="profile_admin_user" name="profile_admin_user" active="[true]"/>
+
+ <user_roles id="1" user_id="200" role="admin"/>
+ <user_roles id="2" user_id="201" role="profileadmin"/>
+
+ <!-- users having group -->
+
+ <users id="202" login="admin_group" name="admin_group" active="[true]"/>
+ <users id="203" login="user_group" name="user_group" active="[true]"/>
+
+ <groups id="100" name="sonar-administrators"/>
+ <groups id="101" name="sonar-users"/>
+
+ <group_roles id="1" group_id="100" role="admin"/>
+ <group_roles id="2" group_id="101" role="user"/>
+
+ <groups_users user_id="202" group_id="100"/>
+ <groups_users user_id="203" group_id="101"/>
+
+</dataset>
*/
package org.sonar.api.utils;
+import javax.annotation.CheckForNull;
+import javax.annotation.Nullable;
+
+import java.util.Collection;
+import java.util.Collections;
+
+import static com.google.common.collect.Lists.newArrayList;
+
/**
* Runtime exception for "functional" error. It aims to be displayed to end-users, without any technical information
* like stack traces. It requires sonar-runner 2.4. Previous versions log stack trace.
*/
public class MessageException extends RuntimeException {
- private MessageException(String message) {
+ private String l10nKey;
+ private Collection<Object> l10nParams;
+
+ private MessageException(String s) {
+ super(s);
+ }
+
+ private MessageException(@Nullable String message, @Nullable String l10nKey, @Nullable Object[] l10nParams) {
super(message);
+ this.l10nKey = l10nKey;
+ this.l10nParams = l10nParams == null ? Collections.emptyList() : Collections.unmodifiableCollection(newArrayList(l10nParams));
}
public static MessageException of(String message) {
return new MessageException(message);
}
+ public static MessageException ofL10n(String l10nKey, Object... l10nParams) {
+ return new MessageException(null, l10nKey, l10nParams);
+ }
+
+ /**
+ * Does not fill in the stack trace
+ *
+ * @see java.lang.Throwable#fillInStackTrace()
+ */
+ @Override
+ public synchronized Throwable fillInStackTrace() {
+ return this;
+ }
+
+ @Override
+ public String toString() {
+ return getMessage();
+ }
+
+ @CheckForNull
+ public String l10nKey() {
+ return l10nKey;
+ }
+
+ @CheckForNull
+ public Collection<Object> l10nParams() {
+ return l10nParams;
+ }
+
}
assertThat(exception.getMessage()).isEqualTo(message);
assertThat(exception).isInstanceOf(RuntimeException.class);
}
+
+ @Test
+ public void should_create_exception_with_status_and_l10n_message_with_param(){
+ MessageException exception = MessageException.ofL10n("key", new String[]{"value"});
+ assertThat(exception.l10nKey()).isEqualTo("key");
+ assertThat(exception.l10nParams()).containsOnly("value");
+ }
+
+ @Test
+ public void should_create_exception_with_status_and_l10n_message_without_param(){
+ MessageException exception = MessageException.ofL10n("key", null);
+ assertThat(exception.l10nKey()).isEqualTo("key");
+ assertThat(exception.l10nParams()).isEmpty();
+ }
}
import org.slf4j.LoggerFactory;
import org.sonar.api.ServerComponent;
import org.sonar.api.security.DefaultGroups;
+import org.sonar.api.utils.MessageException;
import org.sonar.core.permission.ComponentPermissionFacade;
import org.sonar.core.permission.Permission;
import org.sonar.core.user.*;
}
}
+ public void checkAtLeastOneSysAdminExists(){
+ if (roleDao.countUserWithPermission(Permission.SYSTEM_ADMIN.key()) == 0){
+ throw MessageException.ofL10n("global_permissions.error.need_at_lest_one_admin", null);
+ }
+ }
+
private void applyPermissionTemplate(String templateKey, String componentId) {
permissionFacade.applyPermissionTemplate(templateKey, Long.parseLong(componentId));
}
before_filter :admin_required
def index
- @groups = Group.find(:all, :order => 'name')
+ @groups = Group.all(:order => 'name')
if params[:id]
@group = Group.find(params[:id])
else
end
def to_index(errors, id)
- if !errors.empty?
+ unless errors.empty?
flash[:error] = errors.full_messages.join("<br/>\n")
end
end
def destroy
- @user = User.find(params[:id])
-
- if current_user.id==@user.id
- flash[:error] = 'Please log in with another user in order to delete yourself.'
-
- else
- Api.users.deactivate(@user.login)
+ begin
+ user = User.find(params[:id])
+ Api.users.deactivate(user.login)
flash[:notice] = 'User is deleted.'
+ rescue NativeException => exception
+ if exception.cause.java_kind_of? Java::OrgSonarServerExceptions::HttpException
+ error = exception.cause
+ flash[:error] = (error.getMessage ? error.getMessage : Api::Utils.message(error.l10nKey, :params => error.l10nParams.to_a))
+ else
+ flash[:error] = 'Error when deleting this user.'
+ end
end
- to_index(@user.errors, nil)
+ redirect_to(:action => 'index', :id => nil)
end
def select_group
end
def to_index(errors, id)
- if !errors.empty?
+ unless errors.empty?
flash[:error] = errors.full_messages.join("<br/>\n")
end
$j('input[type=submit]', obj).removeAttr('disabled');
errorElt.show();
errorElt.html(xhr.responseText);
- // otherwise replace modal window by the returned text
} else {
+ // otherwise replace modal window by the returned text
$j("#modal").html(xhr.responseText);
}
}
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.security.DefaultGroups;
+import org.sonar.api.utils.MessageException;
import org.sonar.core.permission.ComponentPermissionFacade;
import org.sonar.core.permission.Permission;
import org.sonar.core.user.*;
import java.util.Map;
+import static org.fest.assertions.Assertions.assertThat;
+import static org.fest.assertions.Fail.fail;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.argThat;
import static org.mockito.Mockito.*;
verify(permissionFacade).applyPermissionTemplate("my_template_key", 3L);
}
+ @Test
+ public void should_check_at_least_one_sys_admin_exists() throws Exception {
+ // One admin exists -> all is ok
+ when(roleDao.countUserWithPermission(anyString())).thenReturn(1);
+ service.checkAtLeastOneSysAdminExists();
+
+ // No admin -> fail
+ try {
+ when(roleDao.countUserWithPermission(anyString())).thenReturn(0);
+ service.checkAtLeastOneSysAdminExists();
+ fail();
+ } catch (Exception e){
+ assertThat(e).isInstanceOf(MessageException.class);
+ }
+ }
+
protected static class MatchesUserRole extends BaseMatcher<UserRoleDto> {
private final UserRoleDto referenceDto;
projects / sonarqube.git / commitdiff