SONAR-7753 allow system admins to access project permissions page

author Stas Vilchik <vilchiks@gmail.com>

Tue, 12 Jul 2016 13:04:47 +0000 (15:04 +0200)

committer Stas Vilchik <vilchiks@gmail.com>

Wed, 13 Jul 2016 16:12:50 +0000 (18:12 +0200)
author Stas Vilchik <vilchiks@gmail.com>
Tue, 12 Jul 2016 13:04:47 +0000 (15:04 +0200)
committer Stas Vilchik <vilchiks@gmail.com>
Wed, 13 Jul 2016 16:12:50 +0000 (18:12 +0200)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentNavigationAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentNavigationAction.java

index 3d42c845fc56b6d47e618fdb35f1bd8bbaf1e4b2..a3ea8cdc1702ba2bc47ac2d1801dc9981d8b31ff 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentNavigationAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentNavigationAction.java
@@ -52,6 +52,7 @@ import org.sonar.db.property.PropertyDto;
  import org.sonar.db.property.PropertyQuery;
  import org.sonar.server.ce.ws.ActivityAction;
  import org.sonar.server.component.ComponentFinder;
+import org.sonar.server.exceptions.ForbiddenException;
  import org.sonar.server.ui.ViewProxy;
  import org.sonar.server.ui.Views;
  import org.sonar.server.user.UserSession;
@@ -114,7 +115,9 @@ public class ComponentNavigationAction implements NavigationWsAction {
      try {
        ComponentDto component = componentFinder.getByKey(session, componentKey);
  
-      userSession.checkComponentUuidPermission(UserRole.USER, component.projectUuid());
+      if (!(userSession.hasComponentUuidPermission(UserRole.USER, component.projectUuid()) || userSession.hasComponentUuidPermission(UserRole.ADMIN, component.projectUuid()))) {
+        throw new ForbiddenException("Insufficient privileges");
+      }
  
        Optional<SnapshotDto> analysis = dbClient.snapshotDao().selectLastAnalysisByRootComponentUuid(session, component.projectUuid());
  
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentNavigationActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentNavigationActionTest.java

index f7c5ecfcf6cb5a2880aac2d4d62b7c747f003056..94de7d1cea70d6ef606a87163d3c35f134a4121b 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentNavigationActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentNavigationActionTest.java
@@ -364,6 +364,20 @@ public class ComponentNavigationActionTest {
      wsTester.newGetRequest("api/navigation", "component").setParam("componentKey", "palap:src/main/xoo/Source.xoo").execute().assertJson(getClass(), "breadcrumbs.json");
    }
  
+  @Test
+  public void work_with_only_system_admin() throws Exception {
+    ComponentDto project = ComponentTesting.newProjectDto("abcd")
+      .setKey("polop").setName("Polop").setLanguage("xoo");
+    dbClient.componentDao().insert(dbTester.getSession(), project);
+    dbClient.snapshotDao().insert(dbTester.getSession(), SnapshotTesting.newAnalysis(project));
+    dbTester.getSession().commit();
+
+    userSessionRule.setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+
+    WsTester wsTester = newdWsTester(createViews());
+    wsTester.newGetRequest("api/navigation", "component").setParam("componentKey", "polop").execute();
+  }
+
    private WsTester newdWsTester(View... views) {
      return new WsTester(new NavigationWs(new ComponentNavigationAction(dbClient, new Views(userSessionRule, views), i18n, resourceTypes, userSessionRule,
        new ComponentFinder(dbClient))));
diff --git a/server/sonar-web/src/main/js/api/ce.js b/server/sonar-web/src/main/js/api/ce.js

index f7ec5e042ba5869ce50dd7840e9045a186624fc5..9eb33301774eace90d91a5c9cbfacac9b99433fe 100644 (file)
--- a/server/sonar-web/src/main/js/api/ce.js
+++ b/server/sonar-web/src/main/js/api/ce.js
@@ -18,7 +18,7 @@
   * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
   */
  import $ from 'jquery';
-import { getJSON, post } from '../helpers/request.js';
+import { getJSON, post } from '../helpers/request';
  
  export function getQueue (data) {
    const url = window.baseUrl + '/api/ce/queue';
@@ -58,9 +58,9 @@ export function cancelAllTasks () {
  }
  
  export function getTasksForComponent (componentId) {
-  const url = window.baseUrl + '/api/ce/component';
+  const url = '/api/ce/component';
    const data = { componentId };
-  return new Promise(resolve => $.get(url, data).done(resolve));
+  return getJSON(url, data);
  }
  
  export function getTypes () {
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_roles_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_roles_controller.rb

index 2dab45040b0166240fdf57b7bc005b6f8c695e17..179f5b85fd7cbe3c9ba3768c7e47d5223a5a3937 100644 (file)
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_roles_controller.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_roles_controller.rb
@@ -24,7 +24,7 @@ class ProjectRolesController < ApplicationController
  
    def index
      @project = Project.by_key(params[:id])
-    access_denied unless is_admin?(@project)
+    access_denied unless is_admin? || is_admin?(@project)
    end
  
  end
author	Stas Vilchik <vilchiks@gmail.com>
	Tue, 12 Jul 2016 13:04:47 +0000 (15:04 +0200)
committer	Stas Vilchik <vilchiks@gmail.com>
	Wed, 13 Jul 2016 16:12:50 +0000 (18:12 +0200)
server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentNavigationAction.java		patch \| blob \| history
server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentNavigationActionTest.java		patch \| blob \| history
server/sonar-web/src/main/js/api/ce.js		patch \| blob \| history
server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_roles_controller.rb		patch \| blob \| history