WS api/projects/delete post request only - SONAR-6528

author Teryk Bellahsene <teryk.bellahsene@sonarsource.com>

Thu, 21 May 2015 09:15:35 +0000 (11:15 +0200)

committer Teryk Bellahsene <teryk.bellahsene@sonarsource.com>

Thu, 21 May 2015 10:14:41 +0000 (12:14 +0200)
author Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Thu, 21 May 2015 09:15:35 +0000 (11:15 +0200)
committer Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Thu, 21 May 2015 10:14:41 +0000 (12:14 +0200)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java

index 660d095ed4b4a7a553b54b3b7f6b18ab380ca160..6b6b08add26d4df227c808ff3a9a9af924b2e56e 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
@@ -54,6 +54,7 @@ public class DeleteAction implements ProjectsWsAction {
    public void define(WebService.NewController context) {
      WebService.NewAction action = context
        .createAction(ACTION)
+      .setPost(true)
        .setDescription("Delete one or several projects.<br /> Requires 'Administer System' permission.")
        .setSince("5.2")
        .setHandler(this);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java

index 38915debf48b63cab6b4a7271e3728c0aa9a5d18..7f85f27ec4ab9838eac4e3ca0b0eb95bb923de7b 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
@@ -123,7 +123,7 @@ public class DeleteActionTest {
      long snapshotId3 = insertNewProjectInDbAndReturnSnapshotId(3);
      long snapshotId4 = insertNewProjectInDbAndReturnSnapshotId(4);
  
-    ws.newGetRequest("api/projects", "delete")
+    ws.newPostRequest("api/projects", "delete")
        .setParam("uuids", "project-uuid-1, project-uuid-3, project-uuid-4").execute();
      dbSession.commit();
  
@@ -145,7 +145,7 @@ public class DeleteActionTest {
      insertNewProjectInDbAndReturnSnapshotId(3);
      insertNewProjectInDbAndReturnSnapshotId(4);
  
-    ws.newGetRequest("api/projects", "delete")
+    ws.newPostRequest("api/projects", "delete")
        .setParam("keys", "project-key-1, project-key-3, project-key-4").execute();
      dbSession.commit();
  
@@ -161,7 +161,7 @@ public class DeleteActionTest {
      insertNewProjectInIndexes(3);
      insertNewProjectInIndexes(4);
  
-    ws.newGetRequest("api/projects", "delete")
+    ws.newPostRequest("api/projects", "delete")
        .setParam("keys", "project-key-1, project-key-3, project-key-4").execute();
  
      String remainingProjectUuid = "project-uuid-2";
@@ -180,7 +180,7 @@ public class DeleteActionTest {
      userSessionRule.setGlobalPermissions(UserRole.ADMIN);
      insertNewProjectInDbAndReturnSnapshotId(1);
  
-    WsTester.Result result = ws.newGetRequest("api/projects", "delete").setParam("uuids", "project-uuid-1").execute();
+    WsTester.Result result = ws.newPostRequest("api/projects", "delete").setParam("uuids", "project-uuid-1").execute();
  
      result.assertNoContent();
    }
@@ -190,7 +190,7 @@ public class DeleteActionTest {
      userSessionRule.setGlobalPermissions(UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.USER);
      expectedException.expect(ForbiddenException.class);
  
-    ws.newGetRequest("api/projects", "delete").setParam("uuids", "whatever-the-uuid").execute();
+    ws.newPostRequest("api/projects", "delete").setParam("uuids", "whatever-the-uuid").execute();
    }
  
    @Test
@@ -200,7 +200,7 @@ public class DeleteActionTest {
      dbClient.componentDao().insert(dbSession, ComponentTesting.newFileDto(ComponentTesting.newProjectDto(), "file-uuid"));
      dbSession.commit();
  
-    ws.newGetRequest("api/projects", "delete").setParam("uuids", "file-uuid").execute();
+    ws.newPostRequest("api/projects", "delete").setParam("uuids", "file-uuid").execute();
    }
  
    @Test
@@ -211,7 +211,7 @@ public class DeleteActionTest {
      dbSession.commit();
      when(resourceType.getBooleanProperty(anyString())).thenReturn(false);
  
-    ws.newGetRequest("api/projects", "delete").setParam("uuids", "project-uuid").execute();
+    ws.newPostRequest("api/projects", "delete").setParam("uuids", "project-uuid").execute();
    }
  
    private long insertNewProjectInDbAndReturnSnapshotId(int id) {
author	Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
	Thu, 21 May 2015 09:15:35 +0000 (11:15 +0200)
committer	Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
	Thu, 21 May 2015 10:14:41 +0000 (12:14 +0200)
server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java		patch \| blob \| history
server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java		patch \| blob \| history