package org.sonar.server.permission;
import org.sonar.api.security.DefaultGroups;
-import org.sonar.core.permission.ComponentPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.permission.PermissionTemplateDao;
import org.sonar.db.permission.PermissionTemplateDto;
import org.sonar.server.user.UserSession;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
+import static org.sonar.server.permission.PermissionValueValidator.validateProjectPermission;
abstract class PermissionTemplateUpdater {
void executeUpdate() {
checkGlobalAdminUser(userSession);
Long templateId = getTemplateId(templateKey);
- validatePermission(permission);
+ validateProjectPermission(permission);
doExecute(templateId, permission);
}
return groupDto.getId();
}
- private void validatePermission(String permission) {
- if (permission == null || !ComponentPermissions.ALL.contains(permission)) {
- throw new BadRequestException("Invalid permission: " + permission);
- }
- }
-
private Long getTemplateId(String key) {
PermissionTemplateDto permissionTemplateDto = permissionTemplateDao.selectTemplateByKey(key);
if (permissionTemplateDto == null) {
--- /dev/null
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+package org.sonar.server.permission;
+
+import org.sonar.core.permission.ComponentPermissions;
+import org.sonar.core.permission.GlobalPermissions;
+import org.sonar.server.exceptions.BadRequestException;
+
+public class PermissionValueValidator {
+ private PermissionValueValidator() {
+ // static methods only
+ }
+
+ public static void validateProjectPermission(String permission) {
+ if (!ComponentPermissions.ALL.contains(permission)) {
+ throw new BadRequestException(String.format("The 'permission' parameter for project permissions must be one of %s. '%s' was passed.", ComponentPermissions.ALL_ON_ONE_LINE,
+ permission));
+ }
+ }
+
+ public static void validateGlobalPermission(String permission) {
+ if (!GlobalPermissions.ALL.contains(permission)) {
+ throw new BadRequestException(String.format("The 'permission' parameter for global permissions must be one of %s. '%s' was passed.", GlobalPermissions.ALL_ON_ONE_LINE,
+ permission));
+ }
+ }
+}
package org.sonar.server.permission.ws;
-import com.google.common.base.Joiner;
import org.sonar.api.server.ws.WebService;
import org.sonar.core.permission.ComponentPermissions;
import org.sonar.core.permission.GlobalPermissions;
static final String PARAM_PROJECT_UUID = "projectId";
static final String PARAM_PROJECT_KEY = "projectKey";
static final String PARAM_USER_LOGIN = "login";
- static final String PROJECT_PERMISSIONS_ONE_LINE = Joiner.on(", ").join(ComponentPermissions.ALL);
- static final String GLOBAL_PERMISSIONS_ONE_LINE = Joiner.on(", ").join(GlobalPermissions.ALL);
private static final String PERMISSION_PARAM_DESCRIPTION = String.format("Permission" +
"<ul>" +
"<li>Possible values for global permissions: %s</li>" +
"<li>Possible values for project permissions %s</li>" +
"</ul>",
- GLOBAL_PERMISSIONS_ONE_LINE,
- PROJECT_PERMISSIONS_ONE_LINE);
+ GlobalPermissions.ALL_ON_ONE_LINE,
+ ComponentPermissions.ALL_ON_ONE_LINE);
private Parameters() {
// static methods only
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.WebService.SelectionMode;
-import org.sonar.core.permission.ComponentPermissions;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.server.exceptions.BadRequestException;
import static org.sonar.api.server.ws.WebService.Param.PAGE;
import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
import static org.sonar.api.server.ws.WebService.Param.SELECTED;
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
-import static org.sonar.server.permission.ws.Parameters.GLOBAL_PERMISSIONS_ONE_LINE;
import static org.sonar.server.permission.ws.Parameters.PARAM_GROUP_ID;
import static org.sonar.server.permission.ws.Parameters.PARAM_GROUP_NAME;
import static org.sonar.server.permission.ws.Parameters.PARAM_PERMISSION;
import static org.sonar.server.permission.ws.Parameters.PARAM_PROJECT_KEY;
import static org.sonar.server.permission.ws.Parameters.PARAM_PROJECT_UUID;
import static org.sonar.server.permission.ws.Parameters.PARAM_USER_LOGIN;
-import static org.sonar.server.permission.ws.Parameters.PROJECT_PERMISSIONS_ONE_LINE;
+import static org.sonar.server.permission.PermissionValueValidator.validateGlobalPermission;
+import static org.sonar.server.permission.PermissionValueValidator.validateProjectPermission;
import static org.sonar.server.ws.WsUtils.checkRequest;
class PermissionRequest {
private void checkPermissionParameter() {
if (hasProject) {
- if (!ComponentPermissions.ALL.contains(permission)) {
- throw new BadRequestException(String.format("The '%s' parameter for project permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION,
- PROJECT_PERMISSIONS_ONE_LINE, permission));
- }
+ validateProjectPermission(permission);
} else if (!GlobalPermissions.ALL.contains(permission)) {
- throw new BadRequestException(String.format("The '%s' parameter for global permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION, GLOBAL_PERMISSIONS_ONE_LINE,
- permission
- ));
+ validateGlobalPermission(permission);
}
}
}
when(dbClient.permissionTemplateDao()).thenReturn(permissionTemplateDao);
PermissionTemplateUpdater updater =
- new PermissionTemplateUpdater(dbClient, userSessionRule, "my_template", "invalid", "user") {
+ new PermissionTemplateUpdater(dbClient, userSessionRule, "my_template", "invalid_permission", "user") {
@Override
void doExecute(Long templateId, String permission) {
}
package org.sonar.core.permission;
+import com.google.common.base.Joiner;
import com.google.common.collect.ImmutableList;
import java.util.List;
import org.sonar.api.web.UserRole;
* All the component permissions values, ordered from {@link UserRole#USER} to {@link UserRole#CODEVIEWER}.
*/
public static final List<String> ALL = ImmutableList.of(UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.CODEVIEWER);
-
+ public static final String ALL_ON_ONE_LINE = Joiner.on(", ").join(ComponentPermissions.ALL);
}
package org.sonar.core.permission;
+import com.google.common.base.Joiner;
import com.google.common.collect.ImmutableList;
import java.util.List;
* All the global permissions values, ordered from {@link #SYSTEM_ADMIN} to {@link #PROVISIONING}.
*/
public static final List<String> ALL = ImmutableList.of(SYSTEM_ADMIN, QUALITY_PROFILE_ADMIN, DASHBOARD_SHARING, SCAN_EXECUTION, PREVIEW_EXECUTION, PROVISIONING);
+ public static final String ALL_ON_ONE_LINE = Joiner.on(", ").join(GlobalPermissions.ALL);
private GlobalPermissions() {
// only static methods