From: Julien Lancelot <julien.lancelot@sonarsource.com>
Date: Thu, 13 Apr 2017 15:43:50 +0000 (+0200)
Subject: SONAR-9018 Restore 'Anyone' in organization default templates
X-Git-Tag: 6.4-RC1~374
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=3013e4c3b7a393800024b6853f494a305ac995e3;p=sonarqube.git

SONAR-9018 Restore 'Anyone' in organization default templates
---

diff --git a/it/it-tests/src/test/java/it/organization/OrganizationTest.java b/it/it-tests/src/test/java/it/organization/OrganizationTest.java
index 933cef82a3d..6c998d8fb6b 100644
--- a/it/it-tests/src/test/java/it/organization/OrganizationTest.java
+++ b/it/it-tests/src/test/java/it/organization/OrganizationTest.java
@@ -46,7 +46,6 @@ import org.sonarqube.ws.client.organization.UpdateWsRequest;
 import org.sonarqube.ws.client.permission.AddUserWsRequest;
 import org.sonarqube.ws.client.permission.PermissionsService;
 import org.sonarqube.ws.client.user.GroupsRequest;
-import util.ItUtils;
 import util.user.GroupManagement;
 import util.user.Groups;
 import util.user.UserRule;
@@ -58,7 +57,11 @@ import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.Assert.fail;
 import static util.ItUtils.deleteOrganizationsIfExists;
 import static util.ItUtils.newAdminWsClient;
+import static util.ItUtils.newUserWsClient;
+import static util.ItUtils.newWsClient;
 import static util.ItUtils.resetSettings;
+import static util.ItUtils.runProjectAnalysis;
+import static util.ItUtils.setServerProperty;
 
 public class OrganizationTest {
   private static final String DEFAULT_ORGANIZATION_KEY = "default-organization";
@@ -78,7 +81,7 @@ public class OrganizationTest {
   public ExpectedException expectedException = ExpectedException.none();
 
   private WsClient adminClient = newAdminWsClient(orchestrator);
-  private OrganizationService anonymousOrganizationService = ItUtils.newWsClient(orchestrator).organizations();
+  private OrganizationService anonymousOrganizationService = newWsClient(orchestrator).organizations();
   private OrganizationService adminOrganizationService = adminClient.organizations();
 
   @BeforeClass
@@ -170,7 +173,7 @@ public class OrganizationTest {
     verifyUserNotAuthorized(USER_LOGIN, USER_LOGIN, service -> service.update(new UpdateWsRequest.Builder().setKey(KEY).setName("new name").build()));
     verifyUserNotAuthorized(USER_LOGIN, USER_LOGIN, service -> service.delete(KEY));
 
-    ItUtils.setServerProperty(orchestrator, SETTING_ANYONE_CAN_CREATE_ORGANIZATIONS, "true");
+    setServerProperty(orchestrator, SETTING_ANYONE_CAN_CREATE_ORGANIZATIONS, "true");
     // verify anonymous still can't create update nor delete an organization if property is true
     verifyUserNotAuthenticated(service -> service.create(new CreateWsRequest.Builder().setName("An org").build()));
     verifyUserNotAuthenticated(service -> service.update(new UpdateWsRequest.Builder().setKey(KEY).setName("new name").build()));
@@ -206,7 +209,7 @@ public class OrganizationTest {
 
   private void verifyUserNotAuthorized(String login, String password, Consumer<OrganizationService> consumer) {
     try {
-      OrganizationService organizationService = ItUtils.newUserWsClient(orchestrator, login, password).organizations();
+      OrganizationService organizationService = newUserWsClient(orchestrator, login, password).organizations();
       consumer.accept(organizationService);
       fail("An HttpException should have been raised");
     } catch (HttpException e) {
@@ -215,7 +218,7 @@ public class OrganizationTest {
   }
 
   private <T> T verifyUserAuthorized(String login, String password, Function<OrganizationService, T> consumer) {
-    OrganizationService organizationService = ItUtils.newUserWsClient(orchestrator, login, password).organizations();
+    OrganizationService organizationService = newUserWsClient(orchestrator, login, password).organizations();
     return consumer.apply(organizationService);
   }
 
@@ -252,7 +255,7 @@ public class OrganizationTest {
     CreateWsRequest createWsRequest = new CreateWsRequest.Builder()
       .setName("bla bla")
       .build();
-    OrganizationService fooUserOrganizationService = ItUtils.newUserWsClient(orchestrator, USER_LOGIN, USER_LOGIN).organizations();
+    OrganizationService fooUserOrganizationService = newUserWsClient(orchestrator, USER_LOGIN, USER_LOGIN).organizations();
 
     expect403HttpError(() -> fooUserOrganizationService.create(createWsRequest));
 
@@ -281,9 +284,9 @@ public class OrganizationTest {
     adminOrganizationService.addMember(KEY, USER_LOGIN);
     addPermissionsToUser(KEY, USER_LOGIN, "provisioning", "scan");
 
-    ItUtils.runProjectAnalysis(orchestrator, "shared/xoo-sample",
+    runProjectAnalysis(orchestrator, "shared/xoo-sample",
       "sonar.organization", KEY, "sonar.login", USER_LOGIN, "sonar.password", USER_LOGIN);
-    ComponentsService componentsService = ItUtils.newAdminWsClient(orchestrator).components();
+    ComponentsService componentsService = newUserWsClient(orchestrator, USER_LOGIN, USER_LOGIN).components();
     assertThat(searchSampleProject(KEY, componentsService).getComponentsList()).hasSize(1);
   }
 
@@ -299,19 +302,33 @@ public class OrganizationTest {
     verifySingleSearchResult(createdOrganization, KEY, null, null, null);
 
     try {
-      ItUtils.runProjectAnalysis(orchestrator, "shared/xoo-sample",
+      runProjectAnalysis(orchestrator, "shared/xoo-sample",
         "sonar.organization", KEY);
       fail();
     } catch (BuildFailureException e) {
       assertThat(e.getResult().getLogs()).contains("Insufficient privileges");
     }
 
-    ComponentsService componentsService = ItUtils.newAdminWsClient(orchestrator).components();
+    ComponentsService componentsService = newAdminWsClient(orchestrator).components();
     assertThat(searchSampleProject(KEY, componentsService).getComponentsCount()).isEqualTo(0);
   }
 
+  @Test
+  public void by_default_anonymous_can_browse_project_on_organization() {
+    adminOrganizationService.create(new CreateWsRequest.Builder()
+      .setName(KEY)
+      .setKey(KEY)
+      .build())
+      .getOrganization();
+
+    runProjectAnalysis(orchestrator, "shared/xoo-sample", "sonar.organization", KEY, "sonar.login", "admin", "sonar.password", "admin");
+
+    ComponentsService componentsService = newWsClient(orchestrator).components();
+    assertThat(searchSampleProject(KEY, componentsService).getComponentsList()).hasSize(1);
+  }
+
   private void addPermissionsToUser(String orgKeyAndName, String login, String permission, String... otherPermissions) {
-    PermissionsService permissionsService = ItUtils.newAdminWsClient(orchestrator).permissions();
+    PermissionsService permissionsService = newAdminWsClient(orchestrator).permissions();
     permissionsService.addUser(new AddUserWsRequest().setLogin(login).setOrganization(orgKeyAndName).setPermission(permission));
     for (String otherPermission : otherPermissions) {
       permissionsService.addUser(new AddUserWsRequest().setLogin(login).setOrganization(orgKeyAndName).setPermission(otherPermission));
@@ -341,9 +358,9 @@ public class OrganizationTest {
       .contains("grp1", "grp2");
     addPermissionsToUser(KEY, USER_LOGIN, "provisioning", "scan");
 
-    ItUtils.runProjectAnalysis(orchestrator, "shared/xoo-sample",
+    runProjectAnalysis(orchestrator, "shared/xoo-sample",
       "sonar.organization", KEY, "sonar.login", USER_LOGIN, "sonar.password", USER_LOGIN);
-    ComponentsService componentsService = ItUtils.newAdminWsClient(orchestrator).components();
+    ComponentsService componentsService = newAdminWsClient(orchestrator).components();
     assertThat(searchSampleProject(KEY, componentsService).getComponentsList()).hasSize(1);
 
     adminOrganizationService.delete(KEY);
diff --git a/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_exporters.html b/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_exporters.html
index 81db3f9183a..b26d162f2e7 100644
--- a/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_exporters.html
+++ b/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_exporters.html
@@ -14,36 +14,6 @@
 </tr>
 </thead>
 <tbody>
-<tr>
-	<td>open</td>
-	<td>/sessions/logout</td>
-	<td></td>
-</tr>
-<tr>
-	<td>open</td>
-	<td>/sessions/login</td>
-	<td></td>
-</tr>
-<tr>
-	<td>type</td>
-	<td>id=password</td>
-	<td>admin</td>
-</tr>
-<tr>
-	<td>type</td>
-	<td>id=login</td>
-	<td>admin</td>
-</tr>
-<tr>
-	<td>clickAndWait</td>
-	<td>name=commit</td>
-	<td></td>
-</tr>
-<tr>
-	<td>waitForElementPresent</td>
-	<td>css=.js-user-authenticated</td>
-	<td></td>
-</tr>
 <tr>
 	<td>open</td>
 	<td>/organizations/test-org/quality_profiles</td>
diff --git a/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_inheritance.html b/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_inheritance.html
index 3fe645beeb4..c403fbf5196 100644
--- a/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_inheritance.html
+++ b/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_inheritance.html
@@ -14,36 +14,6 @@
 </tr>
 </thead>
 <tbody>
-<tr>
-	<td>open</td>
-	<td>/sessions/logout</td>
-	<td></td>
-</tr>
-<tr>
-	<td>open</td>
-	<td>/sessions/login</td>
-	<td></td>
-</tr>
-<tr>
-	<td>type</td>
-	<td>id=password</td>
-	<td>admin</td>
-</tr>
-<tr>
-	<td>type</td>
-	<td>id=login</td>
-	<td>admin</td>
-</tr>
-<tr>
-	<td>clickAndWait</td>
-	<td>name=commit</td>
-	<td></td>
-</tr>
-<tr>
-	<td>waitForElementPresent</td>
-	<td>css=.js-user-authenticated</td>
-	<td></td>
-</tr>
 <tr>
 	<td>open</td>
 	<td>/organizations/test-org/quality_profiles</td>
diff --git a/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_projects.html b/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_projects.html
index 3eb61065773..062014eb239 100644
--- a/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_projects.html
+++ b/it/it-tests/src/test/resources/organization/OrganizationQualityProfilesPageTest/should_display_profile_projects.html
@@ -14,36 +14,6 @@
 </tr>
 </thead>
 <tbody>
-<tr>
-	<td>open</td>
-	<td>/sessions/logout</td>
-	<td></td>
-</tr>
-<tr>
-	<td>open</td>
-	<td>/sessions/login</td>
-	<td></td>
-</tr>
-<tr>
-	<td>type</td>
-	<td>id=password</td>
-	<td>admin</td>
-</tr>
-<tr>
-	<td>type</td>
-	<td>id=login</td>
-	<td>admin</td>
-</tr>
-<tr>
-	<td>clickAndWait</td>
-	<td>name=commit</td>
-	<td></td>
-</tr>
-<tr>
-	<td>waitForElementPresent</td>
-	<td>css=.js-user-authenticated</td>
-	<td></td>
-</tr>
 <tr>
 	<td>open</td>
 	<td>/organizations/test-org/quality_profiles</td>
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java b/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java
index 51b76f32398..6626510ef04 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java
@@ -217,6 +217,8 @@ public class OrganizationCreationImpl implements OrganizationCreation {
     insertGroupPermission(dbSession, permissionTemplateDto, SCAN.getKey(), ownerGroup);
     insertGroupPermission(dbSession, permissionTemplateDto, USER, defaultGroup);
     insertGroupPermission(dbSession, permissionTemplateDto, CODEVIEWER, defaultGroup);
+    insertGroupPermission(dbSession, permissionTemplateDto, USER, null);
+    insertGroupPermission(dbSession, permissionTemplateDto, CODEVIEWER, null);
 
     dbClient.organizationDao().setDefaultTemplates(
       dbSession,
@@ -242,6 +244,8 @@ public class OrganizationCreationImpl implements OrganizationCreation {
     insertProjectCreatorPermission(dbSession, permissionTemplateDto, SCAN.getKey(), now);
     insertGroupPermission(dbSession, permissionTemplateDto, USER, defaultGroup);
     insertGroupPermission(dbSession, permissionTemplateDto, CODEVIEWER, defaultGroup);
+    insertGroupPermission(dbSession, permissionTemplateDto, USER, null);
+    insertGroupPermission(dbSession, permissionTemplateDto, CODEVIEWER, null);
 
     dbClient.organizationDao().setDefaultTemplates(
       dbSession,
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java
index f2af9f33a45..ca95df2bbb4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java
@@ -78,6 +78,7 @@ public class OrganizationCreationImplTest {
   private static final String SLUG_OF_A_LOGIN = "slug-of-a-login";
   private static final String STRING_64_CHARS = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
   private static final String A_NAME = "a name";
+  private static final int ANYONE_GROUP_ID = 0;
 
   private OrganizationCreation.NewOrganization FULL_POPULATED_NEW_ORGANIZATION = newOrganizationBuilder()
     .setName("a-name")
@@ -271,6 +272,7 @@ public class OrganizationCreationImplTest {
       .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
       .containsOnly(
         tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN), tuple(ownersGroup.getId(), GlobalPermissions.SCAN_EXECUTION),
+        tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER),
         tuple(defaultGroupId, UserRole.USER), tuple(defaultGroupId, UserRole.CODEVIEWER));
   }
 
@@ -434,7 +436,9 @@ public class OrganizationCreationImplTest {
     assertThat(defaultTemplates.getViewUuid()).isNull();
     assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, defaultTemplate.getId()))
       .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
-      .containsOnly(tuple(defaultGroupId, UserRole.USER), tuple(defaultGroupId, UserRole.CODEVIEWER));
+      .containsOnly(
+        tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER),
+        tuple(defaultGroupId, UserRole.USER), tuple(defaultGroupId, UserRole.CODEVIEWER));
     assertThat(dbClient.permissionTemplateCharacteristicDao().selectByTemplateIds(dbSession, Collections.singletonList(defaultTemplate.getId())))
       .extracting(PermissionTemplateCharacteristicDto::getWithProjectCreator, PermissionTemplateCharacteristicDto::getPermission)
       .containsOnly(
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java
index f008fb6e8ae..b52d1550f4e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java
@@ -544,6 +544,7 @@ public class CreateActionTest {
       .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
       .containsOnly(
         tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN), tuple(ownersGroup.getId(), GlobalPermissions.SCAN_EXECUTION),
+        tuple(0, UserRole.USER), tuple(0, UserRole.CODEVIEWER),
         tuple(defaultGroup.getId(), UserRole.USER), tuple(defaultGroup.getId(), UserRole.CODEVIEWER));
   }