From: Simon Brandhof Date: Tue, 20 Feb 2018 12:50:50 +0000 (+0100) Subject: SONAR-10356 restrict api/projects/search_my_projects to 1000 projects X-Git-Tag: 6.7.2~2 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=7ca304b0fdd0f0172eb85f1a911405c7709eb02f;p=sonarqube.git SONAR-10356 restrict api/projects/search_my_projects to 1000 projects --- diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java index a3e07082fc2..515c07cf690 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java @@ -56,7 +56,7 @@ public class SearchMyProjectsAction implements ProjectsWsAction { @Override public void define(WebService.NewController context) { WebService.NewAction action = context.createAction("search_my_projects") - .setDescription("Return list of projects for which the current user has 'Administer' permission.") + .setDescription("Return list of projects for which the current user has 'Administer' permission. Maximum 1'000 projects are returned.") .setResponseExample(getClass().getResource("search_my_projects-example.json")) .addPagingParams(100, MAX_SIZE) .setSince("6.0") diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java index be0e6630dda..e602b8d401b 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java +++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java @@ -26,6 +26,7 @@ import java.util.List; import org.sonar.api.measures.CoreMetrics; import org.sonar.api.resources.Qualifiers; import org.sonar.api.web.UserRole; +import org.sonar.db.DatabaseUtils; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.component.ComponentDto; @@ -81,7 +82,7 @@ public class SearchMyProjectsDataLoader { List componentIds = dbClient.roleDao().selectComponentIdsByPermissionAndUserId(dbSession, UserRole.ADMIN, userId); ComponentQuery dbQuery = ComponentQuery.builder() .setQualifiers(Qualifiers.PROJECT) - .setComponentIds(ImmutableSet.copyOf(componentIds)) + .setComponentIds(ImmutableSet.copyOf(componentIds.subList(0, Math.min(componentIds.size(), DatabaseUtils.PARTITION_SIZE_FOR_ORACLE)))) .build(); return new ProjectsResult( diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java index 8c4df109c8d..e676fc6c06d 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java @@ -19,6 +19,7 @@ */ package org.sonar.server.project.ws; +import java.util.stream.IntStream; import org.junit.Before; import org.junit.Rule; import org.junit.Test; @@ -116,12 +117,25 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnUser(anotherUser, UserRole.ADMIN, cLang); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); } + @Test + public void return_only_first_1000_projects() { + OrganizationDto organization = db.organizations().insert(); + IntStream.range(0, 1_010).forEach(i -> { + ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organization)); + db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); + }); + + SearchMyProjectsWsResponse result = callWs(); + + assertThat(result.getPaging().getTotal()).isEqualTo(1_000); + } + @Test public void sort_projects_by_name() { OrganizationDto organizationDto = db.organizations().insert(); @@ -133,7 +147,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, a_project); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, c_project); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(3); assertThat(result.getProjectsList()).extracting(Project::getId) @@ -166,7 +180,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, clang); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); @@ -181,7 +195,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, view); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); @@ -193,7 +207,7 @@ public class SearchMyProjectsActionTest { ComponentDto branch = db.components().insertProjectBranch(project); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsList()) .extracting(Project::getKey) @@ -212,7 +226,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnGroup(group, UserRole.USER, cLang); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); @@ -234,7 +248,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, sonarqube); db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, sonarqube); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(3); assertThat(result.getProjectsList()).extracting(Project::getId).containsOnly(jdk7.uuid(), cLang.uuid(), sonarqube.uuid()); @@ -251,7 +265,7 @@ public class SearchMyProjectsActionTest { userSession.anonymous(); expectedException.expect(UnauthorizedException.class); - call_ws(); + callWs(); } private ComponentDto insertClang(OrganizationDto organizationDto) { @@ -273,7 +287,7 @@ public class SearchMyProjectsActionTest { .setDbKey("Java")); } - private SearchMyProjectsWsResponse call_ws() { + private SearchMyProjectsWsResponse callWs() { return ws.newRequest() .executeProtobuf(SearchMyProjectsWsResponse.class); }