@Override
public void handle(Request request, Response response) throws Exception {
- userSession.checkLoggedIn().checkIsRoot();
+ userSession.checkIsRoot();
writeProtobuf(CheckSecretKeyWsResponse.newBuilder().setSecretKeyAvailable(settings.getEncryption().hasSecretKey()).build(), request, response);
}
@Override
public void handle(Request request, Response response) throws Exception {
- userSession.checkLoggedIn().checkIsRoot();
+ userSession.checkIsRoot();
String value = request.mandatoryParam(PARAM_VALUE);
checkRequest(!value.isEmpty(), "Parameter '%s' must not be empty", PARAM_VALUE);
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.user.UserDto;
import org.sonar.server.user.ExternalIdentity;
import org.sonar.server.user.NewUser;
@Override
public void handle(Request request, Response response) throws Exception {
- userSession.checkLoggedIn().checkPermission(GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkIsRoot();
writeProtobuf(doHandle(toWsRequest(request)), request, response);
}
@Override
public void handle(Request request, Response response) throws Exception {
- userSession.checkLoggedIn().checkPermission(SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkIsRoot();
String login = request.mandatoryParam(PARAM_LOGIN);
checkRequest(!login.equals(userSession.getLogin()), "Self-deactivation is not possible");
import org.sonar.api.server.ws.WebService.SelectionMode;
import org.sonar.api.utils.Paging;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.GroupMembershipDto;
@Override
public void define(NewController context) {
NewAction action = context.createAction("groups")
- .setDescription("List the groups a user belongs to.")
+ .setDescription("Lists the groups a user belongs to. Requires Administer System permission.")
.setHandler(this)
.setResponseExample(getClass().getResource("example-groups.json"))
.setSince("5.2");
@Override
public void handle(Request request, Response response) throws Exception {
- userSession.checkLoggedIn().checkPermission(GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkIsRoot();
String login = request.mandatoryParam(PARAM_LOGIN);
int pageSize = request.mandatoryParamAsInt(Param.PAGE_SIZE);
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
@Override
public void handle(Request request, Response response) throws Exception {
- userSession.checkLoggedIn().checkPermission(GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkIsRoot();
UpdateRequest updateRequest = toWsRequest(request);
try (DbSession dbSession = dbClient.openSession(false)) {
doHandle(dbSession, toWsRequest(request));
@Rule
public ExpectedException expectedException = ExpectedException.none();
@Rule
- public UserSessionRule userSession = UserSessionRule.standalone().login().setRoot();
+ public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot();
@Rule
public DbTester db = DbTester.create(System2.INSTANCE);
@Test
public void throw_ForbiddenException_if_not_root() {
- userSession.login();
+ userSession.logIn();
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@Test
public void throw_ForbiddenException_if_not_administrator_of_requested_project() {
- userSession.login();
+ userSession.logIn();
ComponentDto project = db.components().insertProject();
expectedException.expect(ForbiddenException.class);
import org.sonar.api.config.Settings;
import org.sonar.api.server.ws.WebService;
import org.sonar.server.exceptions.ForbiddenException;
-import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;
assertThat(definition.params()).hasSize(0);
}
- @Test
- public void throw_UnauthorizedException_if_not_logged_in() {
- userSession.anonymous();
-
- expectedException.expect(UnauthorizedException.class);
- expectedException.expectMessage("Authentication is required");
-
- call();
- }
-
@Test
public void throw_ForbiddenException_if_not_root() {
- userSession.login();
+ userSession.logIn();
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
}
private void logInAsRoot() {
- userSession.login().setRoot();
+ userSession.logIn().setRoot();
}
}
import org.sonar.api.server.ws.WebService;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
-import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;
@Test
public void throw_ForbiddenException_if_not_root() throws Exception {
- userSession.login().setNonRoot();
+ userSession.logIn().setNonRoot();
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
call("my value");
}
- @Test
- public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
- userSession.anonymous();
-
- expectedException.expect(UnauthorizedException.class);
- expectedException.expectMessage("Authentication is required");
-
- call("my value");
- }
-
@Test
public void fail_if_value_is_not_provided() {
logInAsRoot();
}
private void logInAsRoot() {
- userSession.login().setRoot();
+ userSession.logIn().setRoot();
}
}
@Rule
public ExpectedException expectedException = ExpectedException.none();
@Rule
- public UserSessionRule userSession = UserSessionRule.standalone().login().setRoot();
+ public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot();
@Rule
public TemporaryFolder temporaryFolder = new TemporaryFolder();
@Test
public void throw_ForbiddenException_if_not_root() {
- userSession.login();
+ userSession.logIn();
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@Rule
public ExpectedException expectedException = ExpectedException.none();
@Rule
- public UserSessionRule userSession = UserSessionRule.standalone().login().setRoot();
+ public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot();
@Rule
public DbTester db = DbTester.create(System2.INSTANCE);
@Test
public void persist_project_property_with_project_admin_permission() {
ComponentDto project = db.components().insertProject();
- userSession.login().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+ userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
callForProjectSettingByKey("my.key", "my value", project.key());
}
@Test
- public void persist_multi_value_with_type_login() {
+ public void persist_multi_value_with_type_logIn() {
definitions.addComponent(PropertyDefinition
.builder("my.key")
.name("foo")
@Test
public void throw_ForbiddenException_if_not_root() {
- userSession.login();
+ userSession.logIn();
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
}
@Test
- public void fail_when_data_and_login_type_with_invalid_login() {
+ public void fail_when_data_and_login_type_with_invalid_logIn() {
definitions.addComponent(PropertyDefinition
.builder("my.key")
.name("foo")
import org.sonar.api.config.Settings;
import org.sonar.api.utils.System2;
import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
@Test
public void create_user() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
CreateWsResponse response = call(CreateRequest.builder()
.setLogin("john")
@Test
public void create_local_user() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
call(CreateRequest.builder()
.setLogin("john")
@Test
public void create_none_local_user() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
call(CreateRequest.builder()
.setLogin("john")
@Test
public void create_user_with_comma_in_scm_account() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
CreateWsResponse response = call(CreateRequest.builder()
.setLogin("john")
@Test
public void create_user_with_deprecated_scmAccounts_parameter() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
tester.newRequest()
.setParam("login", "john")
@Test
public void create_user_with_deprecated_scm_accounts_parameter() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
tester.newRequest()
.setParam("login", "john")
@Test
public void reactivate_user() throws Exception {
- userSessionRule.logIn("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ logInAsRoot();
db.users().insertUser(newUserDto("john", "John", "john@email.com"));
db.getDbClient().userDao().deactivateUserByLogin(db.getSession(), "john");
@Test
public void create_user_with_root_flag_to_false_if_default_group_is_unset() throws Exception {
unsetDefaultGroupProperty();
- authenticateAsAdmin();
+ logInAsRoot();
executeRequest("john");
public void create_user_with_root_flag_to_false_if_default_group_is_non_admin_on_default_organization() throws Exception {
GroupDto adminGroup = db.users().insertGroup(db.getDefaultOrganization());
setDefaultGroupProperty(adminGroup);
- authenticateAsAdmin();
+ logInAsRoot();
executeRequest("foo");
OrganizationDto otherOrganization = db.organizations().insert();
GroupDto group = db.users().insertGroup(otherOrganization);
setDefaultGroupProperty(group);
- authenticateAsAdmin();
+ logInAsRoot();
expectedException.expect(ServerException.class);
expectedException.expectMessage("The default group '" + group.getName() + "' for new users does not exist. " +
public void create_user_with_root_flag_to_true_if_default_group_is_admin_on_default_organization() throws Exception {
GroupDto adminGroup = db.users().insertAdminGroup(db.getDefaultOrganization());
setDefaultGroupProperty(adminGroup);
- authenticateAsAdmin();
+ logInAsRoot();
executeRequest("doh");
db.rootFlag().verify("doh", true);
}
- private void unsetDefaultGroupProperty() {
- settings.setProperty("sonar.defaultGroup", (String) null);
- }
-
- private void setDefaultGroupProperty(GroupDto adminGroup) {
- settings.setProperty("sonar.defaultGroup", adminGroup.getName());
- }
-
@Test
public void fail_when_missing_login() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
expectedException.expect(IllegalArgumentException.class);
expectedException.expectMessage("Login is mandatory and must not be empty");
@Test
public void fail_when_missing_name() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
expectedException.expect(IllegalArgumentException.class);
expectedException.expectMessage("Name is mandatory and must not be empty");
@Test
public void fail_when_missing_password() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
expectedException.expect(IllegalArgumentException.class);
expectedException.expectMessage("Password is mandatory and must not be empty");
@Test
public void fail_when_password_is_set_on_none_local_user() throws Exception {
- authenticateAsAdmin();
+ logInAsRoot();
expectedException.expect(IllegalArgumentException.class);
expectedException.expectMessage("Password should only be set on local user");
}
@Test
- public void fail_on_missing_permission() throws Exception {
- userSessionRule.logIn("not_admin");
+ public void throw_ForbiddenException_if_not_root() throws Exception {
+ userSessionRule.logIn();
+
+ expectedException.expect(ForbiddenException.class);
+ expectedException.expectMessage("");
expectedException.expect(ForbiddenException.class);
executeRequest("john");
}
+ private void unsetDefaultGroupProperty() {
+ settings.setProperty("sonar.defaultGroup", (String) null);
+ }
+
+ private void setDefaultGroupProperty(GroupDto adminGroup) {
+ settings.setProperty("sonar.defaultGroup", adminGroup.getName());
+ }
+
private CreateWsResponse executeRequest(String login) throws Exception {
return call(CreateRequest.builder()
.setLogin(login)
.build());
}
- private void authenticateAsAdmin() {
- userSessionRule.logIn("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ private void logInAsRoot() {
+ userSessionRule.logIn().setRoot();
}
private CreateWsResponse call(CreateRequest createRequest) {
.setEmail("ada.lovelace@noteg.com")
.setName("Ada Lovelace")
.setScmAccounts(singletonList("al")));
- loginAsAdmin();
+ logInAsRoot();
String json = deactivate(user.getLogin()).getInput();
@Test
public void cannot_deactivate_self() throws Exception {
UserDto user = createUser();
- userSession.logIn(user.getLogin()).setGlobalPermissions(SYSTEM_ADMIN);
+ userSession.logIn(user.getLogin()).setRoot();
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Self-deactivation is not possible");
@Test
public void fail_if_user_does_not_exist() throws Exception {
- loginAsAdmin();
+ logInAsRoot();
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("User 'someone' doesn't exist");
@Test
public void fail_if_login_is_blank() throws Exception {
- loginAsAdmin();
+ logInAsRoot();
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("User '' doesn't exist");
public void fail_to_deactivate_last_administrator_of_default_organization() throws Exception {
UserDto admin = createUser();
db.users().insertPermissionOnUser(admin, SYSTEM_ADMIN);
- loginAsAdmin();
+ logInAsRoot();
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("User is last administrator, and cannot be deactivated");
db.users().insertPermissionOnUser(org3, user1, SYSTEM_ADMIN);
UserDto user2 = createUser();
db.users().insertPermissionOnUser(org3, user2, SYSTEM_ADMIN);
- loginAsAdmin();
+ logInAsRoot();
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("User is last administrator of organizations [org1, org2], and cannot be deactivated");
db.users().insertPermissionOnUser(admin, SYSTEM_ADMIN);
db.users().insertPermissionOnUser(anotherAdmin, SYSTEM_ADMIN);
db.commit();
- loginAsAdmin();
+ logInAsRoot();
deactivate(admin.getLogin());
return user;
}
- private void loginAsAdmin() {
- userSession.logIn("admin").setGlobalPermissions(SYSTEM_ADMIN);
+ private void logInAsRoot() {
+ userSession.logIn().setRoot();
}
private TestResponse deactivate(String login) {
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.server.ws.WebService.SelectionMode;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@Rule
public UserSessionRule userSession = UserSessionRule.standalone();
- WsTester tester;
- DbClient dbClient;
- DbSession session;
+ private WsTester tester;
+ private DbClient dbClient;
+ private DbSession session;
@Before
public void setUp() {
session.commit();
tester = new WsTester(new UsersWs(new GroupsAction(dbClient, userSession)));
- userSession.logIn("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().setRoot();
}
@After
import org.sonar.api.config.MapSettings;
import org.sonar.api.config.Settings;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@Rule
public EsTester esTester = new EsTester(new UserIndexDefinition(settings));
@Rule
- public UserSessionRule userSessionRule = UserSessionRule.standalone().logIn("admin")
- .setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ public UserSessionRule userSessionRule = UserSessionRule.standalone().logIn().setRoot();
private DbClient dbClient = dbTester.getDbClient();
private DbSession session = dbTester.getSession();
projects / sonarqube.git / commitdiff