private final OAuth2AuthenticationParameters oAuthParameters;
public OAuth2ContextFactory(ThreadLocalUserSession threadLocalUserSession, UserRegistrar userRegistrar, Server server,
- OAuthCsrfVerifier csrfVerifier, JwtHttpHandler jwtHttpHandler, UserSessionFactory userSessionFactory, OAuth2AuthenticationParameters oAuthParameters) {
+ OAuthCsrfVerifier csrfVerifier, JwtHttpHandler jwtHttpHandler, UserSessionFactory userSessionFactory, OAuth2AuthenticationParameters oAuthParameters) {
this.threadLocalUserSession = threadLocalUserSession;
this.userRegistrar = userRegistrar;
this.server = server;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.server.ServerSide;
-import org.sonar.server.authentication.event.AuthenticationException;
import org.sonar.server.user.UserSession;
@ServerSide
public interface RequestAuthenticator {
- UserSession authenticate(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException;
+ /**
+ * @throws org.sonar.server.authentication.event.AuthenticationException if user is not authenticated
+ */
+ UserSession authenticate(HttpServletRequest request, HttpServletResponse response);
}
}
}
- private boolean isImplicitlyAlreadyDone(GroupPermissionChange change) {
+ private static boolean isImplicitlyAlreadyDone(GroupPermissionChange change) {
return change.getProjectId()
.map(projectId -> isImplicitlyAlreadyDone(projectId, change))
.orElse(false);
}
- private boolean isImplicitlyAlreadyDone(ProjectId projectId, GroupPermissionChange change) {
+ private static boolean isImplicitlyAlreadyDone(ProjectId projectId, GroupPermissionChange change) {
return isAttemptToAddPublicPermissionToPublicComponent(change, projectId)
|| isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(change, projectId);
}
- private boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, ProjectId projectId) {
+ private static boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, ProjectId projectId) {
return !projectId.isPrivate()
&& change.getOperation() == ADD
&& PUBLIC_PERMISSIONS.contains(change.getPermission());
&& change.getGroupIdOrAnyone().isAnyone();
}
- private void ensureConsistencyWithVisibility(GroupPermissionChange change) {
+ private static void ensureConsistencyWithVisibility(GroupPermissionChange change) {
change.getProjectId()
.ifPresent(projectId -> {
checkRequest(
&& change.getGroupIdOrAnyone().isAnyone();
}
- private boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, ProjectId projectId) {
+ private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, ProjectId projectId) {
return !projectId.isPrivate()
&& change.getOperation() == REMOVE
&& PUBLIC_PERMISSIONS.contains(change.getPermission());
private final ProjectIndexers projectIndexers;
private final UserSession userSession;
private final DefaultTemplatesResolver defaultTemplatesResolver;
- private final PermissionService permissionService;
public PermissionTemplateService(DbClient dbClient, ProjectIndexers projectIndexers, UserSession userSession,
- DefaultTemplatesResolver defaultTemplatesResolver, PermissionService permissionService) {
+ DefaultTemplatesResolver defaultTemplatesResolver) {
this.dbClient = dbClient;
this.projectIndexers = projectIndexers;
this.userSession = userSession;
this.defaultTemplatesResolver = defaultTemplatesResolver;
- this.permissionService = permissionService;
}
public boolean wouldUserHaveScanPermissionWithDefaultTemplate(DbSession dbSession,
}
}
- private boolean permissionValidForProject(ComponentDto project, String permission) {
+ private static boolean permissionValidForProject(ComponentDto project, String permission) {
return project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission);
}
}
}
- private boolean isImplicitlyAlreadyDone(UserPermissionChange change) {
+ private static boolean isImplicitlyAlreadyDone(UserPermissionChange change) {
return change.getProjectId()
.map(projectId -> isImplicitlyAlreadyDone(projectId, change))
.orElse(false);
}
- private boolean isImplicitlyAlreadyDone(ProjectId projectId, UserPermissionChange change) {
+ private static boolean isImplicitlyAlreadyDone(ProjectId projectId, UserPermissionChange change) {
return isAttemptToAddPublicPermissionToPublicComponent(change, projectId);
}
- private boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, ProjectId projectId) {
+ private static boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, ProjectId projectId) {
return !projectId.isPrivate()
&& change.getOperation() == ADD
&& PUBLIC_PERMISSIONS.contains(change.getPermission());
}
- private void ensureConsistencyWithVisibility(UserPermissionChange change) {
+ private static void ensureConsistencyWithVisibility(UserPermissionChange change) {
change.getProjectId()
.ifPresent(projectId -> checkRequest(
!isAttemptToRemovePublicPermissionFromPublicComponent(change, projectId),
"Permission %s can't be removed from a public component", change.getPermission()));
}
- private boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, ProjectId projectId) {
+ private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, ProjectId projectId) {
return !projectId.isPrivate()
&& change.getOperation() == REMOVE
&& PUBLIC_PERMISSIONS.contains(change.getPermission());
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.es.ProjectIndexer;
import org.sonar.server.es.ProjectIndexers;
-import org.sonar.server.permission.PermissionService;
import org.sonar.server.project.Visibility;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.project.ProjectsWsParameters;
private final UserSession userSession;
private final ProjectIndexers projectIndexers;
private final ProjectsWsSupport projectsWsSupport;
- private final PermissionService permissionService;
public UpdateVisibilityAction(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession,
- ProjectIndexers projectIndexers, ProjectsWsSupport projectsWsSupport, PermissionService permissionService) {
+ ProjectIndexers projectIndexers, ProjectsWsSupport projectsWsSupport) {
this.dbClient = dbClient;
this.componentFinder = componentFinder;
this.userSession = userSession;
this.projectIndexers = projectIndexers;
this.projectsWsSupport = projectsWsSupport;
- this.permissionService = permissionService;
}
public void define(WebService.NewController context) {
private DbSession session = dbTester.getSession();
private ProjectIndexers projectIndexers = new TestProjectIndexers();
- private PermissionTemplateService underTest = new PermissionTemplateService(dbTester.getDbClient(), projectIndexers, userSession, defaultTemplatesResolver, permissionService);
+ private PermissionTemplateService underTest = new PermissionTemplateService(dbTester.getDbClient(), projectIndexers, userSession, defaultTemplatesResolver);
@Test
public void apply_does_not_insert_permission_to_group_AnyOne_when_applying_template_on_private_project() {
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.resources.ResourceTypes;
import org.sonar.api.web.UserRole;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
-import org.sonar.server.permission.PermissionService;
-import org.sonar.server.permission.PermissionServiceImpl;
import org.sonar.server.permission.PermissionTemplateService;
import org.sonar.server.permission.ws.BasePermissionWsTest;
import org.sonar.server.ws.TestRequest;
private PermissionTemplateDto template1;
private PermissionTemplateDto template2;
- private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
- private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
-
private PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(),
- new TestProjectIndexers(), userSession, defaultTemplatesResolver, permissionService);
+ new TestProjectIndexers(), userSession, defaultTemplatesResolver);
@Override
protected ApplyTemplateAction buildWsAction() {
}
@Test
- public void apply_template_with_project_uuid() throws Exception {
+ public void apply_template_with_project_uuid() {
loginAsAdmin(db.getDefaultOrganization());
newRequest(template1.getUuid(), project.uuid(), null);
}
@Test
- public void apply_template_with_project_key() throws Exception {
+ public void apply_template_with_project_key() {
loginAsAdmin(db.getDefaultOrganization());
newRequest(template1.getUuid(), null, project.getDbKey());
}
@Test
- public void fail_when_unknown_template() throws Exception {
+ public void fail_when_unknown_template() {
loginAsAdmin(db.getDefaultOrganization());
expectedException.expect(NotFoundException.class);
}
@Test
- public void fail_when_unknown_project_uuid() throws Exception {
+ public void fail_when_unknown_project_uuid() {
loginAsAdmin(db.getDefaultOrganization());
expectedException.expect(NotFoundException.class);
}
@Test
- public void fail_when_unknown_project_key() throws Exception {
+ public void fail_when_unknown_project_key() {
loginAsAdmin(db.getDefaultOrganization());
expectedException.expect(NotFoundException.class);
}
@Test
- public void fail_when_template_is_not_provided() throws Exception {
+ public void fail_when_template_is_not_provided() {
loginAsAdmin(db.getDefaultOrganization());
expectedException.expect(BadRequestException.class);
}
@Test
- public void fail_when_project_uuid_and_key_not_provided() throws Exception {
+ public void fail_when_project_uuid_and_key_not_provided() {
loginAsAdmin(db.getDefaultOrganization());
expectedException.expect(BadRequestException.class);
}
@Test
- public void fail_when_not_admin_of_organization() throws Exception {
+ public void fail_when_not_admin_of_organization() {
userSession.logIn().addPermission(ADMINISTER, "otherOrg");
expectedException.expect(ForbiddenException.class);
import org.junit.Before;
import org.junit.Test;
import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.resources.ResourceTypes;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.web.UserRole;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
-import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.l18n.I18nRule;
-import org.sonar.server.permission.PermissionService;
-import org.sonar.server.permission.PermissionServiceImpl;
import org.sonar.server.permission.PermissionTemplateService;
import org.sonar.server.permission.ws.BasePermissionWsTest;
@org.junit.Rule
public DefaultTemplatesResolverRule defaultTemplatesResolver = DefaultTemplatesResolverRule.withoutGovernance();
- private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
- private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
-
private UserDto user1;
private UserDto user2;
private GroupDto group1;
@Override
protected BulkApplyTemplateAction buildWsAction() {
PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(),
- projectIndexers, userSession, defaultTemplatesResolver, permissionService);
+ projectIndexers, userSession, defaultTemplatesResolver);
return new BulkApplyTemplateAction(db.getDbClient(), userSession, permissionTemplateService, newPermissionWsSupport(), new I18nRule(), newRootResourceTypes());
}
private BillingValidationsProxy billingValidations = mock(BillingValidationsProxy.class);
private ProjectsWsSupport wsSupport = new ProjectsWsSupport(dbClient, TestDefaultOrganizationProvider.from(dbTester), billingValidations);
- private UpdateVisibilityAction underTest = new UpdateVisibilityAction(dbClient, TestComponentFinder.from(dbTester), userSessionRule, projectIndexers, wsSupport, permissionService);
+ private UpdateVisibilityAction underTest = new UpdateVisibilityAction(dbClient, TestComponentFinder.from(dbTester), userSessionRule, projectIndexers, wsSupport);
private WsActionTester ws = new WsActionTester(underTest);
private final Random random = new Random();
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.TYPE)
public @interface UserRole {
+ /**
+ * Permissions which are implicitly available for any user, any group and to group "AnyOne" on public components.
+ * @since 7.5
+ */
+ Set<String> PUBLIC_PERMISSIONS = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(UserRole.USER, UserRole.CODEVIEWER)));
/**
* @deprecated use the constant USER since 1.12.
String[] value() default {};
- /**
- * Permissions which are implicitly available for any user, any group and to group "AnyOne" on public components.
- * @since 7.5
- */
- Set<String> PUBLIC_PERMISSIONS = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(UserRole.USER, UserRole.CODEVIEWER)));
-
}
projects / sonarqube.git / commitdiff