package org.sonar.server.batch;
import org.apache.commons.io.IOUtils;
+import org.sonar.api.config.Settings;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.RequestHandler;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.batch.protocol.input.GlobalReferentials;
import org.sonar.core.measure.db.MetricDto;
+import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.persistence.DbSession;
import org.sonar.core.persistence.MyBatis;
import org.sonar.server.db.DbClient;
import org.sonar.server.plugins.MimeTypes;
+import org.sonar.server.user.UserSession;
+
+import java.util.Map;
public class GlobalReferentialsAction implements RequestHandler {
private final DbClient dbClient;
+ private final Settings settings;
- public GlobalReferentialsAction(DbClient dbClient) {
+ public GlobalReferentialsAction(DbClient dbClient, Settings settings) {
this.dbClient = dbClient;
+ this.settings = settings;
}
void define(WebService.NewController controller) {
@Override
public void handle(Request request, Response response) throws Exception {
- // TODO check user permission
+ UserSession userSession = UserSession.get();
+ boolean hasScanPerm = userSession.hasGlobalPermission(GlobalPermissions.SCAN_EXECUTION);
+ boolean hasDryRunPerm = userSession.hasGlobalPermission(GlobalPermissions.DRY_RUN_EXECUTION);
DbSession session = dbClient.openSession(false);
try {
GlobalReferentials ref = new GlobalReferentials();
- for (MetricDto metric : dbClient.metricDao().findEnabled(session)) {
- Boolean optimizedBestValue = metric.isOptimizedBestValue();
- ref.metrics().add(
- new org.sonar.batch.protocol.input.Metric(metric.getId(), metric.getKey(),
- metric.getValueType(),
- metric.getDescription(),
- metric.getDirection(),
- metric.getName(),
- metric.isQualitative(),
- metric.isUserManaged(),
- metric.getWorstValue(),
- metric.getBestValue(),
- optimizedBestValue != null ? optimizedBestValue : false));
- }
+ addMetrics(ref, session);
+ addSettings(ref, hasScanPerm, hasDryRunPerm);
response.stream().setMediaType(MimeTypes.JSON);
IOUtils.write(ref.toJson(), response.stream().output());
}
}
+ private void addMetrics(GlobalReferentials ref, DbSession session) {
+ for (MetricDto metric : dbClient.metricDao().findEnabled(session)) {
+ Boolean optimizedBestValue = metric.isOptimizedBestValue();
+ ref.addMetric(
+ new org.sonar.batch.protocol.input.Metric(metric.getId(), metric.getKey(),
+ metric.getValueType(),
+ metric.getDescription(),
+ metric.getDirection(),
+ metric.getName(),
+ metric.isQualitative(),
+ metric.isUserManaged(),
+ metric.getWorstValue(),
+ metric.getBestValue(),
+ optimizedBestValue != null ? optimizedBestValue : false));
+ }
+ }
+
+ private void addSettings(GlobalReferentials ref, boolean hasScanPerm, boolean hasDryRunPerm) {
+ for (Map.Entry<String, String> entry : settings.getProperties().entrySet()) {
+ String key = entry.getKey();
+ String value = entry.getValue();
+
+ if (isPropertyAllowed(key, hasScanPerm, hasDryRunPerm)) {
+ ref.addGlobalSetting(key, value);
+ }
+ }
+ }
+
+ private boolean isPropertyAllowed(String key, boolean hasScanPerm, boolean hasDryRunPerm){
+ return !key.contains(".secured") || hasScanPerm || (key.contains(".license") && hasDryRunPerm);
+ }
+
}
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
+import org.sonar.api.config.Settings;
import org.sonar.server.db.DbClient;
import org.sonar.server.ws.WsTester;
@Before
public void before() throws IOException {
- tester = new WsTester(new BatchWs(batchIndex, new GlobalReferentialsAction(mock(DbClient.class))));
+ tester = new WsTester(new BatchWs(batchIndex, new GlobalReferentialsAction(mock(DbClient.class), mock(Settings.class))));
}
@Test
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
+import org.sonar.api.config.Settings;
import org.sonar.core.measure.db.MetricDto;
+import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.persistence.DbSession;
import org.sonar.server.db.DbClient;
import org.sonar.server.measure.persistence.MetricDao;
+import org.sonar.server.user.MockUserSession;
import org.sonar.server.ws.WsTester;
import static com.google.common.collect.Lists.newArrayList;
@Mock
MetricDao metricDao;
+ Settings settings;
+
WsTester tester;
@Before
when(dbClient.openSession(false)).thenReturn(session);
when(dbClient.metricDao()).thenReturn(metricDao);
- tester = new WsTester(new BatchWs(mock(BatchIndex.class), new GlobalReferentialsAction(dbClient)));
+ settings = new Settings();
+
+ tester = new WsTester(new BatchWs(mock(BatchIndex.class), new GlobalReferentialsAction(dbClient, settings)));
}
@Test
- public void return_global_referentials() throws Exception {
+ public void return_metrics() throws Exception {
when(metricDao.findEnabled(session)).thenReturn(newArrayList(
MetricDto.createFor("coverage").setDescription("Coverage by unit tests").setValueType("PERCENT").setQualitative(true)
.setWorstValue(0d).setBestValue(100d).setOptimizedBestValue(false).setDirection(1).setEnabled(true)
WsTester.TestRequest request = tester.newGetRequest("batch", "global");
request.execute().assertJson(getClass(), "return_global_referentials.json");
}
+
+ @Test
+ public void return_global_settings() throws Exception {
+ MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION, GlobalPermissions.DRY_RUN_EXECUTION);
+
+ settings.setProperty("foo", "bar");
+ settings.setProperty("foo.secured", "1234");
+ settings.setProperty("foo.license.secured", "5678");
+
+ WsTester.TestRequest request = tester.newGetRequest("batch", "global");
+ request.execute().assertJson(getClass(), "return_global_settings.json");
+ }
+
+ @Test
+ public void return_only_license_settings_without_scan_but_with_preview_permission() throws Exception {
+ MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.DRY_RUN_EXECUTION);
+
+ settings.setProperty("foo", "bar");
+ settings.setProperty("foo.secured", "1234");
+ settings.setProperty("foo.license.secured", "5678");
+
+ WsTester.TestRequest request = tester.newGetRequest("batch", "global");
+ request.execute().assertJson(getClass(), "return_only_license_settings_without_scan_but_with_preview_permission.json");
+ }
+
+ @Test
+ public void return_no_secured_settings_without_scan_and_preview_permission() throws Exception {
+ MockUserSession.set().setLogin("john").setGlobalPermissions();
+
+ settings.setProperty("foo", "bar");
+ settings.setProperty("foo.secured", "1234");
+ settings.setProperty("foo.license.secured", "5678");
+
+ WsTester.TestRequest request = tester.newGetRequest("batch", "global");
+ request.execute().assertJson(getClass(), "return_no_secured_settings_without_scan_and_preview_permission.json");
+ }
}
--- /dev/null
+{
+ "timestamp": 0,
+ "metrics": [],
+ "globalSettings": {
+ "foo" : "bar",
+ "foo.secured" : "1234",
+ "foo.license.secured" : "5678"
+ }
+}
--- /dev/null
+{
+ "timestamp": 0,
+ "metrics": [],
+ "globalSettings": {
+ "foo" : "bar"
+ }
+}
--- /dev/null
+{
+ "timestamp": 0,
+ "metrics": [],
+ "globalSettings": {
+ "foo" : "bar",
+ "foo.license.secured" : "5678"
+ }
+}
return globalSettings;
}
+ public GlobalReferentials addGlobalSetting(String key, String value){
+ globalSettings.put(key, value);
+ return this;
+ }
+
public Collection<Metric> metrics() {
return metrics;
}
+ public GlobalReferentials addMetric(Metric metric){
+ metrics.add(metric);
+ return this;
+ }
+
public long timestamp() {
return timestamp;
}
public class GlobalReferentialsTest {
@Test
- public void testToJson() throws Exception {
+ public void to_json() throws Exception {
GlobalReferentials ref = new GlobalReferentials();
- ref.metrics().add(new Metric(1, "ncloc", "INT", "Description", -1, "NCLOC", true, false, 2.0, 1.0, true));
- ref.globalSettings().put("prop", "value");
+ ref.addMetric(new Metric(1, "ncloc", "INT", "Description", -1, "NCLOC", true, false, 2.0, 1.0, true));
+ ref.addGlobalSetting("prop", "value");
ref.setTimestamp(10);
- System.out.println(ref.toJson());
JSONAssert
.assertEquals(
"{timestamp:10,"
}
@Test
- public void testFromJson() throws JSONException {
+ public void from_json() throws JSONException {
GlobalReferentials ref = GlobalReferentials
.fromJson(new StringReader(
"{timestamp:1,"