]> source.dussan.org Git - sonarqube.git/commitdiff
projects / sonarqube.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6416a83)
SONAR-8774 Sanitize parameter names of the api/projects domain 1676/head
authorTeryk Bellahsene <teryk.bellahsene@sonarsource.com>
Wed, 15 Feb 2017 17:12:56 +0000 (18:12 +0100)
committerTeryk Bellahsene <teryk.bellahsene@sonarsource.com>
Thu, 16 Feb 2017 13:51:35 +0000 (14:51 +0100)
server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java patch | blob | history
server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java patch | blob | history
server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java patch | blob | history
server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java patch | blob | history
sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java patch | blob | history

diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
index dda804a317c02a7ae90ae04d49fa477ba4417576..e8d367668f429c214e29194ce313bc54591979d5 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
@@ -38,8 +38,8 @@ import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
 public class BulkDeleteAction implements ProjectsWsAction {
 
   private static final String ACTION = "bulk_delete";
-  private static final String PARAM_IDS = "ids";
-  private static final String PARAM_KEYS = "keys";
+  private static final String PARAM_PROJECT_IDS = "projectIds";
+  private static final String PARAM_PROJECTS = "projects";
 
   private final ComponentCleanerService componentCleanerService;
   private final DbClient dbClient;
@@ -59,18 +59,21 @@ public class BulkDeleteAction implements ProjectsWsAction {
     WebService.NewAction action = context
       .createAction(ACTION)
       .setPost(true)
-      .setDescription("Delete one or several projects.<br /> Requires 'Administer System' permission.")
+      .setDescription("Delete one or several projects.<br />" +
+        "Requires 'Administer System' permission.")
       .setSince("5.2")
       .setHandler(this);
 
     action
-      .createParam(PARAM_IDS)
-      .setDescription("List of project ids to delete")
+      .createParam(PARAM_PROJECT_IDS)
+      .setDescription("List of project IDs to delete")
+      .setDeprecatedKey("ids", "6.4")
       .setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d,c526ef20-131b-4486-9357-063fa64b5079");
 
     action
-      .createParam(PARAM_KEYS)
+      .createParam(PARAM_PROJECTS)
       .setDescription("List of project keys to delete")
+      .setDeprecatedKey("keys", "6.4")
       .setExampleValue(KEY_PROJECT_EXAMPLE_001);
 
     support.addOrganizationParam(action);
@@ -80,8 +83,8 @@ public class BulkDeleteAction implements ProjectsWsAction {
   public void handle(Request request, Response response) throws Exception {
     userSession.checkLoggedIn();
 
-    List<String> uuids = request.paramAsStrings(PARAM_IDS);
-    List<String> keys = request.paramAsStrings(PARAM_KEYS);
+    List<String> uuids = request.paramAsStrings(PARAM_PROJECT_IDS);
+    List<String> keys = request.paramAsStrings(PARAM_PROJECTS);
     String orgKey = request.param(ProjectsWsSupport.PARAM_ORGANIZATION);
 
     try (DbSession dbSession = dbClient.openSession(false)) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
index 14597652a6718a785729500e9213db80e85eec56..9af482443a2093aaa4f68a596a63b8918f89aa04 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
@@ -31,15 +31,14 @@ import org.sonar.server.component.ComponentCleanerService;
 import org.sonar.server.component.ComponentFinder;
 import org.sonar.server.user.UserSession;
 
-import static org.sonar.server.component.ComponentFinder.ParamNames.ID_AND_KEY;
+import static org.sonar.server.component.ComponentFinder.ParamNames.PROJECT_ID_AND_PROJECT;
 import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
 
 public class DeleteAction implements ProjectsWsAction {
   private static final String ACTION = "delete";
 
-  public static final String PARAM_ID = "id";
-  public static final String PARAM_KEY = "key";
-
   private final ComponentCleanerService componentCleanerService;
   private final ComponentFinder componentFinder;
   private final DbClient dbClient;
@@ -57,18 +56,21 @@ public class DeleteAction implements ProjectsWsAction {
     WebService.NewAction action = context
       .createAction(ACTION)
       .setPost(true)
-      .setDescription("Delete a project.<br /> Requires 'Administer System' permission or 'Administer' permission on the project.")
+      .setDescription("Delete a project.<br> " +
+        "Requires 'Administer System' permission or 'Administer' permission on the project.")
       .setSince("5.2")
       .setHandler(this);
 
     action
-      .createParam(PARAM_ID)
-      .setDescription("Project id")
+      .createParam(PARAM_PROJECT_ID)
+      .setDescription("Project ID")
+      .setDeprecatedKey("id", "6.4")
       .setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d");
 
     action
-      .createParam(PARAM_KEY)
+      .createParam(PARAM_PROJECT)
       .setDescription("Project key")
+      .setDeprecatedKey("key", "6.4")
       .setExampleValue(KEY_PROJECT_EXAMPLE_001);
   }
 
@@ -76,11 +78,11 @@ public class DeleteAction implements ProjectsWsAction {
   public void handle(Request request, Response response) throws Exception {
     // fail-fast if not logged in
     userSession.checkLoggedIn();
-    String uuid = request.param(PARAM_ID);
-    String key = request.param(PARAM_KEY);
+    String uuid = request.param(PARAM_PROJECT_ID);
+    String key = request.param(PARAM_PROJECT);
 
     try (DbSession dbSession = dbClient.openSession(false)) {
-      ComponentDto project = componentFinder.getByUuidOrKey(dbSession, uuid, key, ID_AND_KEY);
+      ComponentDto project = componentFinder.getByUuidOrKey(dbSession, uuid, key, PROJECT_ID_AND_PROJECT);
       checkPermission(project);
       componentCleanerService.delete(dbSession, project);
     }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java
index fb1a9b7eaa11a5ccf4923b6d348892aa2c718f97..917a73ab2f15ef70fb72e038b93787fe15d81e02 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java
@@ -48,7 +48,7 @@ import static org.sonarqube.ws.client.project.ProjectsWsParameters.ACTION_INDEX;
  */
 public class IndexAction implements ProjectsWsAction {
 
-  private static final String PARAM_KEY = "key";
+  private static final String PARAM_PROJECT = "project";
   private static final String PARAM_SEARCH = "search";
   private static final String PARAM_SUB_PROJECTS = "subprojects";
   private static final String PARAM_FORMAT = "format";
@@ -69,9 +69,12 @@ public class IndexAction implements ProjectsWsAction {
       .setDeprecatedSince("6.3")
       .setHandler(this)
       .setResponseExample(Resources.getResource(this.getClass(), "index-example.json"));
-    action.createParam(PARAM_KEY)
-      .setDescription("key or id of the project")
+
+    action.createParam(PARAM_PROJECT)
+      .setDescription("key or ID of the project")
+      .setDeprecatedKey("key", "6.4")
       .setExampleValue(KEY_PROJECT_EXAMPLE_001);
+
     action.createParam(PARAM_SEARCH)
       .setDescription("Substring of project name, case insensitive. Ignored if the parameter key is set")
       .setExampleValue("Sonar");
@@ -79,9 +82,11 @@ public class IndexAction implements ProjectsWsAction {
       .setDescription("Load sub-projects. Ignored if the parameter key is set")
       .setDefaultValue("false")
       .setBooleanPossibleValues();
+
     action.createParam(PARAM_FORMAT)
       .setDescription("Only json response format is available")
       .setPossibleValues("json");
+
     addRemovedParameter("desc", action);
     addRemovedParameter("views", action);
     addRemovedParameter("libs", action);
@@ -112,7 +117,7 @@ public class IndexAction implements ProjectsWsAction {
   }
 
   private List<ComponentDto> searchComponents(DbSession dbSession, Request request) {
-    String projectKey = request.param(PARAM_KEY);
+    String projectKey = request.param(PARAM_PROJECT);
     List<ComponentDto> projects = new ArrayList<>();
     if (projectKey != null) {
       getProjectByKeyOrId(dbSession, projectKey).ifPresent(projects::add);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
index 9b963650094b88e295ae25aff9dff72e480045e7..ec202da02bb7cf8ef77891ef57b18e7e9af96aac 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
@@ -43,9 +43,9 @@ import static org.mockito.Matchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.server.project.ws.DeleteAction.PARAM_ID;
-import static org.sonar.server.project.ws.DeleteAction.PARAM_KEY;
 import static org.sonarqube.ws.client.project.ProjectsWsParameters.CONTROLLER;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
 
 public class DeleteActionTest {
 
@@ -82,7 +82,7 @@ public class DeleteActionTest {
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
 
-    WsTester.TestRequest request = newRequest().setParam(PARAM_ID, project.uuid());
+    WsTester.TestRequest request = newRequest().setParam(PARAM_PROJECT_ID, project.uuid());
     call(request);
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
@@ -93,7 +93,7 @@ public class DeleteActionTest {
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
 
-    call(newRequest().setParam(PARAM_KEY, project.key()));
+    call(newRequest().setParam(PARAM_PROJECT, project.key()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
   }
@@ -109,7 +109,7 @@ public class DeleteActionTest {
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
-    call(newRequest().setParam(PARAM_ID, project.uuid()));
+    call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
   }
@@ -119,7 +119,7 @@ public class DeleteActionTest {
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
-    call(newRequest().setParam(PARAM_KEY, project.key()));
+    call(newRequest().setParam(PARAM_PROJECT, project.key()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
   }
@@ -131,7 +131,7 @@ public class DeleteActionTest {
     userSessionRule.logIn().addProjectUuidPermissions(project.uuid(), UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.USER);
     expectedException.expect(ForbiddenException.class);
 
-    call(newRequest().setParam(PARAM_ID, project.uuid()));
+    call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
   }
 
   @Test
@@ -141,7 +141,7 @@ public class DeleteActionTest {
     userSessionRule.anonymous();
     expectedException.expect(UnauthorizedException.class);
 
-    call(newRequest().setParam(PARAM_ID, project.uuid()));
+    call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
   }
 
   private WsTester.TestRequest newRequest() {
diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java
index 616ed5814f366526fc2091e86799d55935c3eebd..713618cbdbaab1ebe9aa2be8490741fccf269cf6 100644 (file)
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java
@@ -27,6 +27,7 @@ public class ProjectsWsParameters {
   public static final String ACTION_INDEX = "index";
 
   public static final String PARAM_PROJECT = "project";
+  public static final String PARAM_PROJECT_ID = "projectId";
   public static final String PARAM_NAME = "name";
   public static final String PARAM_BRANCH = "branch";
 
Continuous Inspection: https://github.com/SonarSource/sonarqube