SONAR-8019 Implement same behaviour for /api/permissions/add_user

than /api/permissions/remove_user
 /api/permissions/add_group
 /api/permissions/remove_group

diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
index 0467bd1d702018c4f736c66920ff7872bc3de4d6..7929a0a30a331f956f1fef5c40ab2a846ae91a89 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
@@ -20,6 +20,7 @@
 package org.sonar.server.permission.ws;
 
 import java.util.Optional;
+import org.sonar.api.server.ws.Change;
 import org.sonar.api.server.ws.Request;
 import org.sonar.api.server.ws.Response;
 import org.sonar.api.server.ws.WebService;
@@ -40,13 +41,10 @@ import static com.google.common.base.Preconditions.checkArgument;
 import static java.util.Collections.singletonList;
 import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
 import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter;
-
 import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;
 import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter;
 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
 
 public class AddUserAction implements PermissionsWsAction {
@@ -82,14 +80,15 @@ public class AddUserAction implements PermissionsWsAction {
         "</ul>")
       .setSince("5.2")
       .setPost(true)
-      .setHandler(this);
+      .setHandler(this)
+      .setChangelog(
+        new Change("7.4", "If organizationKey and projectId are both set, the organisationKey must be the key of the organization of the project"));
 
     wsParameters.createPermissionParameter(action);
     createUserLoginParameter(action);
     createProjectParameters(action);
     createOrganizationParameter(action)
-      .setSince("6.2")
-      .setDescription("Key of organization, cannot be used at the same time with %s and %s", PARAM_PROJECT_ID, PARAM_PROJECT_KEY);
+      .setSince("6.2");
   }
 
   @Override
@@ -98,11 +97,11 @@ public class AddUserAction implements PermissionsWsAction {
       UserId user = wsSupport.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN));
       Optional<ComponentDto> project = wsSupport.findProject(dbSession, request);
       String organizationKey = request.param(PARAM_ORGANIZATION);
-      checkArgument(!project.isPresent() || organizationKey == null, "Organization must not be set when project is set.");
       OrganizationDto org = project
         .map(dto -> dbClient.organizationDao().selectByUuid(dbSession, dto.getOrganizationUuid()))
         .orElseGet(() -> Optional.ofNullable(wsSupport.findOrganization(dbSession, organizationKey)))
         .orElseThrow(() -> new NotFoundException(String.format("Organization with key '%s' not found", organizationKey)));
+      checkArgument(organizationKey == null || org.getKey().equals(organizationKey), "Organization key is incorrect.");
       wsSupport.checkMembership(dbSession, org, user);
 
       Optional<ProjectId> projectId = project.map(ProjectId::new);

diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
index c45cfbebb876df0707b3f7212b8493318c2b3df9..f5cdef3517e7d009ec77fa52e1963bed0d1bfffd 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
@@ -323,12 +323,12 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> {
   }
 
   @Test
-  public void organization_parameter_must_not_be_set_on_project_permissions() {
+  public void organization_parameter_must_be_the_organization_of_the_project() {
     ComponentDto project = db.components().insertPrivateProject();
     loginAsAdmin(db.getDefaultOrganization());
 
     expectedException.expect(IllegalArgumentException.class);
-    expectedException.expectMessage("Organization must not be set when project is set.");
+    expectedException.expectMessage("Organization key is incorrect.");
 
     newRequest()
       .setParam(PARAM_USER_LOGIN, user.getLogin())
@@ -338,6 +338,21 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> {
       .execute();
   }
 
+  @Test
+  public void organization_parameter_and_project_is_working_when_it_s_the_organization_of_the_project() {
+    OrganizationDto org = db.organizations().insert();
+    ComponentDto project = db.components().insertPrivateProject(org);
+    addUserAsMemberOfOrganization(org);
+    userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
+
+    newRequest()
+      .setParam(PARAM_USER_LOGIN, user.getLogin())
+      .setParam(PARAM_PROJECT_KEY, project.getDbKey())
+      .setParam(PARAM_ORGANIZATION, org.getKey())
+      .setParam(PARAM_PERMISSION, ISSUE_ADMIN)
+      .execute();
+  }
+
   @Test
   public void fail_to_add_permission_when_user_is_not_member_of_given_organization() {
     // User is not member of given organization