From: Simon Brandhof Date: Sun, 29 Jan 2017 19:24:32 +0000 (+0100) Subject: SONAR-8716 Use UserSession#hasComponentPermission(String,ComponentDto) X-Git-Tag: 6.3-RC1~264 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=71b436dd7c7f8d7311b9c3605e6f0c9e5a422196;p=sonarqube.git SONAR-8716 Use UserSession#hasComponentPermission(String,ComponentDto) --- diff --git a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java index 32e1f90a7e7..a4e8e6d0d1a 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java +++ b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java @@ -69,8 +69,8 @@ public class ProjectDataLoader { throw new BadRequestException(format("Key '%s' belongs to a component which is not a Project", query.getModuleKey())); } - boolean hasScanPerm = userSession.hasComponentUuidPermission(SCAN_EXECUTION, module.projectUuid()); - boolean hasBrowsePerm = userSession.hasComponentUuidPermission(USER, module.projectUuid()); + boolean hasScanPerm = userSession.hasComponentPermission(SCAN_EXECUTION, module); + boolean hasBrowsePerm = userSession.hasComponentPermission(USER, module); checkPermission(query.isIssuesMode(), hasScanPerm, hasBrowsePerm); ComponentDto project = getProject(module, session); diff --git a/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java b/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java index eb9dee249a1..844aabc2edd 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java @@ -145,7 +145,7 @@ public class AppAction implements RequestHandler { } private static void appendPermissions(JsonWriter json, ComponentDto component, UserSession userSession) { - boolean hasBrowsePermission = userSession.hasComponentUuidPermission(UserRole.USER, component.uuid()); + boolean hasBrowsePermission = userSession.hasComponentPermission(UserRole.USER, component); json.prop("canMarkAsFavourite", userSession.isLoggedIn() && hasBrowsePermission); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java b/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java index e6b362538c2..f088cb6b5bc 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java @@ -35,7 +35,6 @@ import org.sonar.server.user.UserSession; import org.sonarqube.ws.WsComponents.ShowWsResponse; import org.sonarqube.ws.client.component.ShowWsRequest; -import static com.google.common.base.MoreObjects.firstNonNull; import static java.lang.String.format; import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; import static org.sonar.server.component.ws.ComponentDtoToWsComponent.componentDtoToWsComponent; @@ -119,8 +118,7 @@ public class ShowAction implements ComponentsWsAction { private ComponentDto getComponentByUuidOrKey(DbSession dbSession, ShowWsRequest request) { ComponentDto component = componentFinder.getByUuidOrKey(dbSession, request.getId(), request.getKey(), ParamNames.ID_AND_KEY); - String projectUuid = firstNonNull(component.projectUuid(), component.uuid()); - userSession.checkComponentUuidPermission(UserRole.USER, projectUuid); + userSession.checkComponentPermission(UserRole.USER, component); return component; } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java b/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java index 1b6f3db1c3b..4e2d2e3fdb0 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java @@ -51,7 +51,6 @@ import org.sonarqube.ws.WsComponents; import org.sonarqube.ws.WsComponents.TreeWsResponse; import org.sonarqube.ws.client.component.TreeWsRequest; -import static com.google.common.base.MoreObjects.firstNonNull; import static com.google.common.collect.FluentIterable.from; import static com.google.common.collect.Sets.newHashSet; import static java.lang.String.CASE_INSENSITIVE_ORDER; @@ -189,8 +188,7 @@ public class TreeAction implements ComponentsWsAction { } private void checkPermissions(ComponentDto baseComponent) { - String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid()); - userSession.checkComponentUuidPermission(UserRole.USER, projectUuid); + userSession.checkComponentPermission(UserRole.USER, baseComponent); } private static TreeWsResponse buildResponse(ComponentDto baseComponent, OrganizationDto organizationDto, List components, diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java index 9e89a6812ac..081b333437b 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java @@ -54,7 +54,6 @@ import org.sonarqube.ws.WsMeasures; import org.sonarqube.ws.WsMeasures.ComponentWsResponse; import org.sonarqube.ws.client.measure.ComponentWsRequest; -import static com.google.common.base.MoreObjects.firstNonNull; import static java.lang.String.format; import static java.util.Collections.emptyList; import static java.util.Collections.emptyMap; @@ -258,7 +257,6 @@ public class ComponentAction implements MeasuresWsAction { } private void checkPermissions(ComponentDto baseComponent) { - String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid()); - userSession.checkComponentUuidPermission(UserRole.USER, projectUuid); + userSession.checkComponentPermission(UserRole.USER, baseComponent); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java index 4fe6125defe..76cfde04de0 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java +++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java @@ -61,7 +61,6 @@ import org.sonar.server.user.UserSession; import org.sonarqube.ws.WsMeasures; import org.sonarqube.ws.client.measure.ComponentTreeWsRequest; -import static com.google.common.base.MoreObjects.firstNonNull; import static com.google.common.base.Preconditions.checkState; import static com.google.common.collect.Sets.newHashSet; import static java.lang.String.format; @@ -298,8 +297,7 @@ public class ComponentTreeDataLoader { } private void checkPermissions(ComponentDto baseComponent) { - String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid()); - userSession.checkComponentUuidPermission(UserRole.USER, projectUuid); + userSession.checkComponentPermission(UserRole.USER, baseComponent); } private enum IsFileComponent implements Predicate { diff --git a/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java index 2e041d135d4..931da4263f6 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java @@ -124,8 +124,8 @@ public class SearchAction implements ProjectLinksWsAction { request.getProjectKey(), ComponentFinder.ParamNames.PROJECT_ID_AND_KEY); - if (!userSession.hasComponentUuidPermission(UserRole.ADMIN, component.uuid()) && - !userSession.hasComponentUuidPermission(UserRole.USER, component.uuid())) { + if (!userSession.hasComponentPermission(UserRole.ADMIN, component) && + !userSession.hasComponentPermission(UserRole.USER, component)) { throw insufficientPrivilegesException(); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java b/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java index cdeb026538b..743d9d1c5a1 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java @@ -148,7 +148,7 @@ public class IndexAction implements WsAction { } private boolean hasAdminPermission(Optional component) { - return component.isPresent() ? userSession.hasComponentUuidPermission(ADMIN, component.get().uuid()) : userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN); + return component.isPresent() ? userSession.hasComponentPermission(ADMIN, component.get()) : userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN); } private List loadGlobalSettings(DbSession dbSession, Optional key) { diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java index 4743bb28717..fcaa6e38ae1 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java @@ -271,7 +271,7 @@ public class QualityGates { private void checkPermission(Long projectId, DbSession session) { ComponentDto project = componentDao.selectOrFailById(session, projectId); if (!userSession.hasPermission(GlobalPermissions.QUALITY_GATE_ADMIN) - && !userSession.hasComponentUuidPermission(UserRole.ADMIN, project.uuid())) { + && !userSession.hasComponentPermission(UserRole.ADMIN, project)) { throw new ForbiddenException("Insufficient privileges"); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java index 977e9120e9c..1be33bba7ff 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java @@ -92,8 +92,8 @@ public class GetByProjectAction implements QualityGatesWsAction { private ComponentDto getProject(DbSession dbSession, String projectUuid, String projectKey) { ComponentDto project = componentFinder.getByUuidOrKey(dbSession, projectUuid, projectKey, ParamNames.PROJECT_ID_AND_KEY); - if (!userSession.hasComponentUuidPermission(UserRole.USER, projectUuid) && - !userSession.hasComponentUuidPermission(UserRole.ADMIN, projectUuid)) { + if (!userSession.hasComponentPermission(UserRole.USER, project) && + !userSession.hasComponentPermission(UserRole.ADMIN, project)) { throw insufficientPrivilegesException(); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java index 2db5c5456eb..9177ea6ef67 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java @@ -114,7 +114,7 @@ public class ProjectStatusAction implements QualityGatesWsAction { DbSession dbSession = dbClient.openSession(false); try { ProjectAndSnapshot projectAndSnapshot = getProjectAndSnapshot(dbSession, request); - checkPermission(projectAndSnapshot.project.uuid()); + checkPermission(projectAndSnapshot.project); Optional measureData = getQualityGateDetailsMeasureData(dbSession, projectAndSnapshot.project); return ProjectStatusWsResponse.newBuilder() @@ -178,9 +178,9 @@ public class ProjectStatusAction implements QualityGatesWsAction { return projectStatusWsRequest; } - private void checkPermission(String projectUuid) { - if (!userSession.hasComponentUuidPermission(UserRole.ADMIN, projectUuid) && - !userSession.hasComponentUuidPermission(UserRole.USER, projectUuid)) { + private void checkPermission(ComponentDto project) { + if (!userSession.hasComponentPermission(UserRole.ADMIN, project) && + !userSession.hasComponentPermission(UserRole.USER, project)) { throw insufficientPrivilegesException(); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java index 318c11ee04e..b44cdc1f5fb 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java @@ -119,7 +119,7 @@ public class SelectAction implements QualityGatesWsAction { .or(() -> componentFinder.getByUuidOrKey(dbSession, projectId, projectKey, ParamNames.PROJECT_ID_AND_KEY)); if (!userSession.hasPermission(GlobalPermissions.QUALITY_GATE_ADMIN) && - !userSession.hasComponentUuidPermission(UserRole.ADMIN, project.uuid())) { + !userSession.hasComponentPermission(UserRole.ADMIN, project)) { throw insufficientPrivilegesException(); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java index 1bad7a11a39..10569459913 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java +++ b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java @@ -68,6 +68,6 @@ public class SettingsPermissionPredicates { } private boolean hasPermission(String permission, Optional component) { - return userSession.hasPermission(permission) || (component.isPresent() && userSession.hasComponentUuidPermission(permission, component.get().uuid())); + return userSession.hasPermission(permission) || (component.isPresent() && userSession.hasComponentPermission(permission, component.get())); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java index 0e7bdb081cf..e658d3207e5 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java @@ -129,7 +129,7 @@ public class ComponentAction implements NavigationWsAction { String componentKey = request.mandatoryParam(PARAM_COMPONENT_KEY); try (DbSession session = dbClient.openSession(false)) { ComponentDto component = componentFinder.getByKey(session, componentKey); - if (!(userSession.hasComponentUuidPermission(USER, component.projectUuid()) || userSession.hasComponentUuidPermission(ADMIN, component.projectUuid()))) { + if (!(userSession.hasComponentPermission(USER, component) || userSession.hasComponentPermission(ADMIN, component))) { throw new ForbiddenException("Insufficient privileges"); } OrganizationDto organizationDto = componentFinder.getOrganization(session, component); @@ -140,7 +140,7 @@ public class ComponentAction implements NavigationWsAction { writeComponent(json, session, component, organizationDto, analysis.orElse(null)); writeProfiles(json, session, component); writeQualityGate(json, session, component); - if (userSession.hasComponentUuidPermission(ADMIN, component.projectUuid()) || userSession.hasPermission(QUALITY_PROFILE_ADMIN)) { + if (userSession.hasComponentPermission(ADMIN, component) || userSession.hasPermission(QUALITY_PROFILE_ADMIN)) { writeConfiguration(json, component); } writeBreadCrumbs(json, session, component); @@ -200,7 +200,7 @@ public class ComponentAction implements NavigationWsAction { json.name("extensions").beginArray(); Predicate isAuthorized = page -> { String requiredPermission = page.isAdmin() ? UserRole.ADMIN : UserRole.USER; - return userSession.hasComponentUuidPermission(requiredPermission, component.uuid()); + return userSession.hasComponentPermission(requiredPermission, component); }; pages.stream() .filter(isAuthorized) @@ -209,7 +209,7 @@ public class ComponentAction implements NavigationWsAction { } private void writeConfiguration(JsonWriter json, ComponentDto component) { - boolean isAdmin = userSession.hasComponentUuidPermission(ADMIN, component.projectUuid()); + boolean isAdmin = userSession.hasComponentPermission(ADMIN, component); json.name("configuration").beginObject(); writeConfigPageAccess(json, isAdmin, component); diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java index cbaa6dd3809..47c240ea118 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java @@ -62,9 +62,9 @@ public class GetByProjectActionTest { public ExpectedException expectedException = ExpectedException.none(); @Rule public DbTester db = DbTester.create(System2.INSTANCE); - ComponentDbTester componentDb = new ComponentDbTester(db); - DbClient dbClient = db.getDbClient(); - DbSession dbSession = db.getSession(); + private ComponentDbTester componentDb = new ComponentDbTester(db); + private DbClient dbClient = db.getDbClient(); + private DbSession dbSession = db.getSession(); private WsActionTester ws = new WsActionTester( new GetByProjectAction(userSession, dbClient, new ComponentFinder(dbClient), new QualityGateFinder(dbClient))); @@ -85,7 +85,7 @@ public class GetByProjectActionTest { @Test public void empty_response() { - ComponentDto project = componentDb.insertComponent(newProjectDto(db.getDefaultOrganization())); + ComponentDto project = componentDb.insertProject(); insertQualityGate("Another QG"); String result = ws.newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).execute().getInput(); @@ -135,8 +135,8 @@ public class GetByProjectActionTest { @Test public void get_with_project_admin_permission() { - ComponentDto project = componentDb.insertComponent(newProjectDto(db.organizations().insert())); - userSession.anonymous().addProjectUuidPermissions(UserRole.USER, project.uuid()); + ComponentDto project = componentDb.insertProject(); + userSession.login().addProjectUuidPermissions(UserRole.ADMIN, project.uuid()); QualityGateDto dbQualityGate = insertQualityGate("Sonar way"); setDefaultQualityGate(dbQualityGate.getId()); @@ -146,9 +146,9 @@ public class GetByProjectActionTest { } @Test - public void get_with_project_browse_permission() { - ComponentDto project = componentDb.insertComponent(newProjectDto(db.getDefaultOrganization())); - userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, project.uuid()); + public void get_with_project_user_permission() { + ComponentDto project = componentDb.insertProject(); + userSession.login().addProjectUuidPermissions(UserRole.USER, project.uuid()); QualityGateDto dbQualityGate = insertQualityGate("Sonar way"); setDefaultQualityGate(dbQualityGate.getId());