global_permissions.profileadmin.desc=Ability to perform any action on the quality profiles.
global_permissions.sharedashboard=Dashboard Sharing
global_permissions.sharedashboard.desc=Ability to share dashboards that any user will be able to follow.
-global_permissions.scan=Ability to execute some Sonar analysis
-global_permissions.scan.desc=Permission required to execute a Sonar analysis. This permission allows to get all settings (even the secured ones like scm account password, jira account password, ...) required to execute all Sonar plugins.
-global_permissions.dryrun=Ability to execute some local (dry run) Sonar analysis
-global_permissions.dryrun.desc=Permission required to execute a local (dry run) Sonar analysis without pushing the results to the Sonar server. This permission allows to get all settings required to execute all Sonar plugins except the secured one like scm account password, jira account password... This permission is required for instance to execute a local Sonar analysis in Sonar Eclipse.
+global_permissions.scan=SonarQube analysis execution
+global_permissions.scan.desc=Ability to execute SonarQube analyses. This permission allows to get all settings (even the secured ones like scm account password, jira account password, ...) required to execute all SonarQube plugins.
+global_permissions.dryrun=Local (dry run) SonarQube analysis execution
+global_permissions.dryrun.desc=Ability to execute local (dry run) SonarQube analyses without pushing the results to the SonarQube server. This permission allows to get all settings required to execute all SonarQube plugins except the secured one like scm account password, jira account password, ... This permission is required for instance to execute a local SonarQube analysis in SonarQube Eclipse.
#------------------------------------------------------------------------------
#
# HELP
#
#------------------------------------------------------------------------------
-markdown.helplink=Markdown Help
\ No newline at end of file
+markdown.helplink=Markdown Help
protected void doOnGetProperties(String key) {
if (dryRun && key.endsWith(".secured") && !key.contains(".license")) {
throw new SonarException("Access to the secured property '" + key
- + "' is not possible in local (dry run) SonarQube analysis. The SonarQube plugin accessing to this property must be deactivated in dry run mode.");
+ + "' is not possible in local (dry run) SonarQube analysis. The SonarQube plugin which requires this property must be deactivated in dry run mode.");
}
}
}
protected void doOnGetProperties(String key) {
if (this.dryRun && key.endsWith(".secured") && !key.contains(".license")) {
throw new SonarException("Access to the secured property '" + key
- + "' is not possible in local (dry run) SonarQube analysis. The SonarQube plugin accessing to this property must be deactivated in dry run mode.");
+ + "' is not possible in local (dry run) SonarQube analysis. The SonarQube plugin which requires this property must be deactivated in dry run mode.");
}
}
}
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (1, 1, null, 'admin');
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (2, 1, null, 'profileadmin');
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (3, 1, null, 'sharedashboard');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (4, 1, null, 'scan');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (5, null, null, 'scan');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (6, 1, null, 'dryrun');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (7, 2, null, 'dryrun');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (8, null, null, 'dryrun');
-ALTER TABLE GROUP_ROLES ALTER COLUMN ID RESTART WITH 9;
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (4, null, null, 'scan');
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (5, null, null, 'dryrun');
+ALTER TABLE GROUP_ROLES ALTER COLUMN ID RESTART WITH 6;
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 1);
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 2);
# GET /batch_bootstrap/db?project=<key or id>
def db
has_dryrun_role = has_role?(:dryrun)
- return render_unauthorized("You're not authorized to execute a dry run analysis. Please contact your Sonar administrator.") if !has_dryrun_role
+ return render_unauthorized("You're not authorized to execute a dry run analysis. Please contact your SonarQube administrator.") if !has_dryrun_role
project = load_project()
- return render_unauthorized("You're not authorized to access to project '" + project.name + "', please contact your Sonar administrator") if project && !has_role?(:user, project)
+ return render_unauthorized("You're not authorized to access to project '" + project.name + "', please contact your SonarQube administrator") if project && !has_role?(:user, project)
db_content = java_facade.createDatabaseForDryRun(project ? project.id : nil)
send_data String.from_java_bytes(db_content)
end
-
+
# GET /batch_bootstrap/properties?[project=<key or id>][&dryRun=true|false]
def properties
dryRun = params[:dryRun].present? && params[:dryRun] == "true"
return render_unauthorized("You're not authorized to execute any SonarQube analysis. Please contact your SonarQube administrator.") if (!has_dryrun_role && !has_scan_role)
return render_unauthorized("You're only authorized to execute a local (dry run) SonarQube analysis without pushing the results to the SonarQube server. Please contact your SonarQube administrator.") if (!dryRun && !has_scan_role)
-
+
keys=Set.new
properties=[]
-
+
# project properties
root_project = load_project()
- return render_unauthorized("You're not authorized to access to project '" + root_project.name + "', please contact your Sonar administrator") if root_project && !has_role?(:scan) && !has_role?(:user, root_project)
-
+ return render_unauthorized("You're not authorized to access to project '" + root_project.name + "', please contact your SonarQube administrator") if root_project && !has_role?(:scan) && !has_role?(:user, root_project)
+
if root_project
- # bottom-up projects
- projects=[root_project].concat(root_project.ancestor_projects)
- projects.each do |project|
- Property.find(:all, :conditions => ['resource_id=? and user_id is null', project.id]).each do |prop|
- properties<<prop if keys.add? prop.key
- end
- end
+ # bottom-up projects
+ projects=[root_project].concat(root_project.ancestor_projects)
+ projects.each do |project|
+ Property.find(:all, :conditions => ['resource_id=? and user_id is null', project.id]).each do |prop|
+ properties<<prop if keys.add? prop.key
+ end
+ end
end
# global properties
has_user_role=has_role?(:user, root_project)
has_admin_role=has_role?(:admin, root_project)
properties = properties.select{|prop| allowed?(prop.key, dryRun, has_scan_role)}
-
+
json_properties=properties.map { |property| to_json_property(property) }
render :json => JSON(json_properties)
end
private
-
+
def render_unauthorized(message, status=403)
respond_to do |format|
format.json { render :text => message, :status => status }