SONAR-8271 organization in WS api/permissions/add_user_to_template

author Simon Brandhof <simon.brandhof@sonarsource.com>

Sun, 16 Oct 2016 21:05:42 +0000 (23:05 +0200)

committer Simon Brandhof <simon.brandhof@sonarsource.com>

Sun, 16 Oct 2016 21:16:38 +0000 (23:16 +0200)
author Simon Brandhof <simon.brandhof@sonarsource.com>
Sun, 16 Oct 2016 21:05:42 +0000 (23:05 +0200)
committer Simon Brandhof <simon.brandhof@sonarsource.com>
Sun, 16 Oct 2016 21:16:38 +0000 (23:16 +0200)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/template/AddUserToTemplateAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/template/AddUserToTemplateAction.java

index 99e8f472774f347912901ef82dc8dfbab3eaa598..878b69ef4043822edd2ca3c869a948159c3e5218 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/template/AddUserToTemplateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/template/AddUserToTemplateAction.java
@@ -20,6 +20,7 @@
  package org.sonar.server.permission.ws.template;
  
  import java.util.List;
+import java.util.Optional;
  import org.sonar.api.server.ws.Request;
  import org.sonar.api.server.ws.Response;
  import org.sonar.api.server.ws.WebService;
@@ -33,11 +34,12 @@ import org.sonar.server.permission.ws.PermissionsWsAction;
  import org.sonar.server.user.UserSession;
  import org.sonarqube.ws.client.permission.AddUserToTemplateWsRequest;
  
-import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
+import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
  import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
  import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
  import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createUserLoginParameter;
  import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION_KEY;
  import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
  import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
  import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
@@ -71,7 +73,6 @@ public class AddUserToTemplateAction implements PermissionsWsAction {
  
    @Override
    public void handle(Request request, Response response) throws Exception {
-    checkGlobalAdminUser(userSession);
      doHandle(toAddUserToTemplateWsRequest(request));
      response.noContent();
    }
@@ -81,7 +82,10 @@ public class AddUserToTemplateAction implements PermissionsWsAction {
      String userLogin = request.getLogin();
  
      try (DbSession dbSession = dbClient.openSession(false)) {
-      PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+      PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef(
+        request.getTemplateId(), request.getOrganization(), request.getTemplateName()));
+      checkProjectAdmin(userSession, template.getOrganizationUuid(), Optional.empty());
+
        UserId user = wsSupport.findUser(dbSession, userLogin);
  
        if (!isUserAlreadyAdded(dbSession, template.getId(), userLogin, permission)) {
@@ -96,6 +100,7 @@ public class AddUserToTemplateAction implements PermissionsWsAction {
        .setLogin(request.mandatoryParam(PARAM_USER_LOGIN))
        .setPermission(request.mandatoryParam(PARAM_PERMISSION))
        .setTemplateId(request.param(PARAM_TEMPLATE_ID))
+      .setOrganization(request.param(PARAM_ORGANIZATION_KEY))
        .setTemplateName(request.param(PARAM_TEMPLATE_NAME));
    }
  
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java

index ac98fd6c0e8c6a829b3d450a03cd6b155cd35545..1da75fdb76415ec5dd21b03dd5df1a209d8fd621 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
@@ -30,13 +30,13 @@ import org.sonar.db.user.UserDto;
  import org.sonar.server.exceptions.BadRequestException;
  import org.sonar.server.exceptions.ForbiddenException;
  import org.sonar.server.exceptions.NotFoundException;
-import org.sonar.server.exceptions.UnauthorizedException;
  import org.sonar.server.permission.ws.BasePermissionWsTest;
  import org.sonar.server.ws.WsTester;
  
  import static org.assertj.core.api.Assertions.assertThat;
  import static org.sonar.api.web.UserRole.CODEVIEWER;
  import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
+import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
  import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
  import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
  import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
@@ -56,14 +56,14 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Before
    public void setUp() {
-    loginAsAdmin();
-
      user = db.users().insertUser("user-login");
      permissionTemplate = insertTemplate();
    }
  
    @Test
    public void add_user_to_template() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      newRequest(user.getLogin(), permissionTemplate.getUuid(), CODEVIEWER);
  
      assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(user.getLogin());
@@ -71,6 +71,8 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Test
    public void add_user_to_template_by_name() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      wsTester.newPostRequest(CONTROLLER, ACTION)
        .setParam(PARAM_USER_LOGIN, user.getLogin())
        .setParam(PARAM_PERMISSION, CODEVIEWER)
@@ -82,6 +84,8 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Test
    public void does_not_add_a_user_twice() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      newRequest(user.getLogin(), permissionTemplate.getUuid(), ISSUE_ADMIN);
      newRequest(user.getLogin(), permissionTemplate.getUuid(), ISSUE_ADMIN);
  
@@ -90,29 +94,26 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Test
    public void fail_if_not_a_project_permission() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      expectedException.expect(IllegalArgumentException.class);
  
      newRequest(user.getLogin(), permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
    }
  
    @Test
-  public void fail_if_insufficient_privileges() throws Exception {
-    expectedException.expect(ForbiddenException.class);
-    userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
-
-    newRequest(user.getLogin(), permissionTemplate.getUuid(), CODEVIEWER);
-  }
+  public void fail_if_not_admin_of_default_organization() throws Exception {
+    userSession.login().addOrganizationPermission(db.getDefaultOrganization().getUuid(), QUALITY_PROFILE_ADMIN);
  
-  @Test
-  public void fail_if_not_logged_in() throws Exception {
-    expectedException.expect(UnauthorizedException.class);
-    userSession.anonymous();
+    expectedException.expect(ForbiddenException.class);
  
      newRequest(user.getLogin(), permissionTemplate.getUuid(), CODEVIEWER);
    }
  
    @Test
    public void fail_if_user_missing() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      expectedException.expect(IllegalArgumentException.class);
  
      newRequest(null, permissionTemplate.getUuid(), CODEVIEWER);
@@ -120,6 +121,8 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Test
    public void fail_if_permission_missing() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      expectedException.expect(IllegalArgumentException.class);
  
      newRequest(user.getLogin(), permissionTemplate.getUuid(), null);
@@ -127,6 +130,8 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Test
    public void fail_if_template_uuid_and_name_are_missing() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      expectedException.expect(BadRequestException.class);
  
      newRequest(user.getLogin(), null, CODEVIEWER);
@@ -134,6 +139,8 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Test
    public void fail_if_user_does_not_exist() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      expectedException.expect(NotFoundException.class);
      expectedException.expectMessage("User with login 'unknown-login' is not found");
  
@@ -142,6 +149,8 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
  
    @Test
    public void fail_if_template_key_does_not_exist() throws Exception {
+    loginAsAdminOnDefaultOrganization();
+
      expectedException.expect(NotFoundException.class);
      expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
  
@@ -168,8 +177,4 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT
      return db.getDbClient().permissionTemplateDao()
        .selectUserLoginsByQueryAndTemplate(db.getSession(), permissionQuery, templateId);
    }
-
-  private void loginAsAdmin() {
-    userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
-  }
  }
diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/permission/AddUserToTemplateWsRequest.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/permission/AddUserToTemplateWsRequest.java

index 3f197dfd3cb58d2c4f54d5ddaa10949360bbf533..01475edc9e8bd132691576fc07235395bc8041a4 100644 (file)
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/permission/AddUserToTemplateWsRequest.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/permission/AddUserToTemplateWsRequest.java
@@ -28,6 +28,7 @@ public class AddUserToTemplateWsRequest {
    private String login;
    private String permission;
    private String templateId;
+  private String organization;
    private String templateName;
  
    public String getLogin() {
@@ -67,4 +68,14 @@ public class AddUserToTemplateWsRequest {
      this.templateName = templateName;
      return this;
    }
+
+  @CheckForNull
+  public String getOrganization() {
+    return organization;
+  }
+
+  public AddUserToTemplateWsRequest setOrganization(@Nullable String s) {
+    this.organization = s;
+    return this;
+  }
  }
author	Simon Brandhof <simon.brandhof@sonarsource.com>
	Sun, 16 Oct 2016 21:05:42 +0000 (23:05 +0200)
committer	Simon Brandhof <simon.brandhof@sonarsource.com>
	Sun, 16 Oct 2016 21:16:38 +0000 (23:16 +0200)
server/sonar-server/src/main/java/org/sonar/server/permission/ws/template/AddUserToTemplateAction.java		patch \| blob \| history
server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java		patch \| blob \| history
sonar-ws/src/main/java/org/sonarqube/ws/client/permission/AddUserToTemplateWsRequest.java		patch \| blob \| history