Fix issue bulk change modal permission check

diff --git a/server/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java b/server/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java
index 38d3594632d7e98d34f59e22893a44dc108d05f7..208eb4ba22c1938149f1525dfef7850c8bca5021 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java
@@ -26,12 +26,6 @@ import com.google.common.base.Strings;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.Iterables;
 import com.google.common.collect.Maps;
-import java.util.Collection;
-import java.util.Date;
-import java.util.List;
-import java.util.Map;
-import javax.annotation.CheckForNull;
-import javax.annotation.Nullable;
 import org.apache.commons.lang.StringUtils;
 import org.sonar.api.ServerSide;
 import org.sonar.api.issue.ActionPlan;
@@ -43,6 +37,7 @@ import org.sonar.api.issue.internal.DefaultIssueComment;
 import org.sonar.api.issue.internal.FieldDiffs;
 import org.sonar.api.rule.RuleKey;
 import org.sonar.api.utils.SonarException;
+import org.sonar.api.web.UserRole;
 import org.sonar.core.issue.ActionPlanStats;
 import org.sonar.core.issue.DefaultActionPlan;
 import org.sonar.core.issue.db.IssueFilterDto;
@@ -60,6 +55,14 @@ import org.sonar.server.user.UserSession;
 import org.sonar.server.util.RubyUtils;
 import org.sonar.server.util.Validation;
 
+import javax.annotation.CheckForNull;
+import javax.annotation.Nullable;
+
+import java.util.Collection;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
 import static com.google.common.collect.Lists.newArrayList;
 
 /**
@@ -660,4 +663,7 @@ public class InternalRubyIssueService {
     return issueService.listTagsForComponent(query, pageSize);
   }
 
+  public boolean isUserIssueAdmin(String projectUuid) {
+    return userSession.hasProjectPermissionByUuid(UserRole.ISSUE_ADMIN, projectUuid);
+  }
 }

diff --git a/server/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java b/server/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java
index 254395b75844ea6169b4558bba17e52d04488854..f63c5f0f72d561c8f4da9526ecfe5b93435761b3 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java
@@ -22,10 +22,6 @@ package org.sonar.server.issue;
 
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.Maps;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -36,6 +32,7 @@ import org.sonar.api.issue.action.Action;
 import org.sonar.api.issue.internal.DefaultIssue;
 import org.sonar.api.issue.internal.FieldDiffs;
 import org.sonar.api.user.User;
+import org.sonar.api.web.UserRole;
 import org.sonar.core.issue.DefaultActionPlan;
 import org.sonar.core.issue.db.IssueFilterDto;
 import org.sonar.core.resource.ResourceDao;
@@ -49,6 +46,11 @@ import org.sonar.server.issue.filter.IssueFilterService;
 import org.sonar.server.tester.UserSessionRule;
 import org.sonar.server.user.ThreadLocalUserSession;
 
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
 import static com.google.common.collect.Lists.newArrayList;
 import static com.google.common.collect.Maps.newHashMap;
 import static org.assertj.core.api.Assertions.assertThat;
@@ -719,6 +721,13 @@ public class InternalRubyIssueServiceTest {
     assertThat(service.listTagsForComponent(componentUuid, pageSize)).isEqualTo(tags);
   }
 
+  @Test
+  public void is_user_issue_admin() {
+    userSessionRule.addProjectUuidPermissions(UserRole.ISSUE_ADMIN, "bcde");
+    assertThat(service.isUserIssueAdmin("abcd")).isFalse();
+    assertThat(service.isUserIssueAdmin("bcde")).isTrue();
+  }
+
   private void checkBadRequestException(Exception e, String key, Object... params) {
     BadRequestException exception = (BadRequestException) e;
     Message msg = exception.errors().messages().get(0);

diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/issues/_bulk_change_form.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/issues/_bulk_change_form.html.erb
index 55f316e41eaebb5070095d0dec330fb5fcec8d45..e047918ee8155509f59c2c0e4305bba6e1d568d1 100644 (file)
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/issues/_bulk_change_form.html.erb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/issues/_bulk_change_form.html.erb
@@ -17,7 +17,7 @@
        transitions_by_issues[transition.key] = issues_for_transition
      end
      unresolved_issues += 1 unless issue.resolution()
-     if Java::OrgSonarServerUser::UserSession.get().hasProjectPermissionByUuid('issueadmin', issue.projectUuid)
+     if Internal.issues.isUserIssueAdmin(issue.projectUuid)
        unresolved_issues_user_can_admin += 1 unless issue.resolution()
      end
      at_least_one_issue_is_planned ||= issue.actionPlanKey()