SONAR-13117 Fix SSF-103

diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java
index d7ea42a3b459c44103927f6117632605a0ec9549..64533cc0b1517e1f03fa38622199b8cf59aea087 100644 (file)
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java
@@ -89,7 +89,7 @@ public class IssueSnippetsAction implements SourcesWsAction {
         .orElseThrow(() -> new NotFoundException(format("Issue with key '%s' does not exist", issueKey)));
       ComponentDto project = dbClient.componentDao().selectByUuid(dbSession, issueDto.getProjectUuid())
         .orElseThrow(() -> new NotFoundException(format("Project with uuid '%s' does not exist", issueDto.getProjectUuid())));
-      userSession.checkComponentPermission(UserRole.USER, project);
+      userSession.checkComponentPermission(UserRole.CODEVIEWER, project);
 
       DbIssues.Locations locations = issueDto.parseLocations();
       String componentUuid = issueDto.getComponentUuid();

diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/IssueSnippetsActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/IssueSnippetsActionTest.java
index eb88f53d03b8e285c54557e5b2f84fccc04ed637..017dfa5ac23ff64a1ca967d12d2b8b9d9999d7e5 100644 (file)
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/IssueSnippetsActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/IssueSnippetsActionTest.java
@@ -59,6 +59,7 @@ import static org.sonar.api.measures.CoreMetrics.LINES_KEY;
 import static org.sonar.api.measures.CoreMetrics.TECHNICAL_DEBT_KEY;
 import static org.sonar.api.measures.CoreMetrics.TESTS_KEY;
 import static org.sonar.api.measures.CoreMetrics.VIOLATIONS_KEY;
+import static org.sonar.api.web.UserRole.CODEVIEWER;
 import static org.sonar.api.web.UserRole.USER;
 import static org.sonar.db.component.ComponentTesting.newFileDto;
 
@@ -97,7 +98,7 @@ public class IssueSnippetsActionTest {
     ComponentDto file = insertFile(project, "file");
     DbFileSources.Data fileSources = FileSourceTesting.newFakeData(10).build();
     fileSourceTester.insertFileSource(file, 10, dto -> dto.setSourceData(fileSources));
-    userSession.logIn().addProjectPermission(USER, project, file);
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file);
 
     String issueKey = insertIssue(file, newLocation(file.uuid(), 5, 5));
 
@@ -124,7 +125,7 @@ public class IssueSnippetsActionTest {
 
     DbFileSources.Data fileSources = FileSourceTesting.newFakeData(10).build();
     fileSourceTester.insertFileSource(file, 10, dto -> dto.setSourceData(fileSources));
-    userSession.logIn().addProjectPermission(USER, project, file);
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file);
 
     String issueKey = insertIssue(file, newLocation(file.uuid(), 5, 5));
 
@@ -139,7 +140,7 @@ public class IssueSnippetsActionTest {
 
     DbFileSources.Data fileSources = FileSourceTesting.newFakeData(10).build();
     fileSourceTester.insertFileSource(file, 10, dto -> dto.setSourceData(fileSources));
-    userSession.logIn().addProjectPermission(USER, project, file);
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file);
 
     String issueKey = insertIssue(file, newLocation(file2.uuid(), 5, 5));
 
@@ -150,7 +151,7 @@ public class IssueSnippetsActionTest {
   @Test
   public void no_code_to_display() {
     ComponentDto file = insertFile(project, "file");
-    userSession.logIn().addProjectPermission(USER, project, file);
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file);
 
     String issueKey = insertIssue(file, newLocation(file.uuid(), 5, 5));
 
@@ -161,6 +162,7 @@ public class IssueSnippetsActionTest {
   @Test
   public void fail_if_no_project_permission() {
     ComponentDto file = insertFile(project, "file");
+    userSession.logIn().addProjectPermission(USER, project, file);
     String issueKey = insertIssue(file, newLocation(file.uuid(), 5, 5));
 
     expectedException.expect(ForbiddenException.class);
@@ -171,7 +173,7 @@ public class IssueSnippetsActionTest {
   public void fail_if_issue_not_found() {
     ComponentDto file = insertFile(project, "file");
     insertIssue(file, newLocation(file.uuid(), 5, 5));
-    userSession.logIn().addProjectPermission(USER, project, file);
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file);
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Issue with key 'invalid' does not exist");
@@ -180,8 +182,12 @@ public class IssueSnippetsActionTest {
 
   @Test
   public void fail_if_parameter_missing() {
+    ComponentDto file = insertFile(project, "file");
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file);
+
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'issueKey' parameter is missing");
+
     actionTester.newRequest().execute();
   }
 
@@ -194,7 +200,7 @@ public class IssueSnippetsActionTest {
     fileSourceTester.insertFileSource(file1, 10, dto -> dto.setSourceData(fileSources));
     fileSourceTester.insertFileSource(file2, 10, dto -> dto.setSourceData(fileSources));
 
-    userSession.logIn().addProjectPermission(USER, project, file1, file2);
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file1, file2);
 
     String issueKey1 = insertIssue(file1, newLocation(file1.uuid(), 5, 5),
       newLocation(file1.uuid(), 9, 9), newLocation(file2.uuid(), 1, 5));
@@ -213,7 +219,7 @@ public class IssueSnippetsActionTest {
     DbFileSources.Data fileSources = FileSourceTesting.newFakeData(20).build();
     fileSourceTester.insertFileSource(file1, 20, dto -> dto.setSourceData(fileSources));
 
-    userSession.logIn().addProjectPermission(USER, project, file1);
+    userSession.logIn().addProjectPermission(CODEVIEWER, project, file1);
 
     // these two locations should get connected, making a single range 3-14
     String issueKey1 = insertIssue(file1, newLocation(file1.uuid(), 5, 5),
@@ -236,7 +242,7 @@ public class IssueSnippetsActionTest {
     fileSourceTester.insertFileSource(file2, 10, dto -> dto.setSourceData(fileSources));
 
     userSession.logIn()
-      .addProjectPermission(USER, project, file1, file2)
+      .addProjectPermission(CODEVIEWER, project, file1, file2)
       .addMembership(organization);
 
     String issueKey1 = insertIssue(file1, newLocation(file1.uuid(), 5, 5),

diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/sources/SourcesService.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/sources/SourcesService.java
index 56d90ce0d0d22dbe8f283d3c5596ada1aca6c048..6ac8e18248809db8f4ff7986225ed6c6ed72009d 100644 (file)
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/sources/SourcesService.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/sources/SourcesService.java
@@ -67,6 +67,21 @@ public class SourcesService extends BaseService {
       ).content();
   }
 
+  /**
+   *
+   * This is part of the internal API.
+   * This is a GET request.
+   * @see <a href="https://next.sonarqube.com/sonarqube/web_api/api/sources/issue_snippets">Further information about this action online (including a response example)</a>
+   * @since 5.0
+   */
+  public String issueSnippets(IssueSnippetsRequest request) {
+    return call(
+      new GetRequest(path("issue_snippets"))
+        .setParam("issueKey", request.getIssueKey())
+        .setMediaType(MediaTypes.JSON)
+    ).content();
+  }
+
   /**
    *
    * This is part of the internal API.