From: Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Date: Wed, 13 Jan 2016 13:34:47 +0000 (+0100)
Subject: SONAR-7135 WS api/measures/component_tree fix permissions and IT
X-Git-Tag: 5.4-M5~12
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=bdadbd0391944ec43d2bee8d499a99e6b0057bb7;p=sonarqube.git

SONAR-7135 WS api/measures/component_tree fix permissions and IT
---

diff --git a/it/it-tests/src/test/java/it/measure/MeasuresWsTest.java b/it/it-tests/src/test/java/it/measure/MeasuresWsTest.java
index b62e390e627..367c16919c5 100644
--- a/it/it-tests/src/test/java/it/measure/MeasuresWsTest.java
+++ b/it/it-tests/src/test/java/it/measure/MeasuresWsTest.java
@@ -74,9 +74,10 @@ public class MeasuresWsTest {
       .setAdditionalFields(newArrayList("metrics", "periods")));
 
     assertThat(response).isNotNull();
+    assertThat(response.getBaseComponent().getKey()).isEqualTo("sample");
     assertThat(response.getMetrics().getMetricsList()).extracting("key").containsOnly("ncloc");
     List<WsMeasures.Component> components = response.getComponentsList();
     assertThat(components).hasSize(2).extracting("key").containsOnly("sample:src/main/xoo/sample", FILE_KEY);
-    assertThat(components.get(0).getMeasuresList().get(0).getValue()).isEqualTo("13");
+    assertThat(components.get(0).getMeasures().getMeasuresList().get(0).getValue()).isEqualTo("13");
   }
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java
index bc84c432c9d..9a967c66413 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java
@@ -333,9 +333,9 @@ public class ComponentTreeDataLoader {
 
   private void checkPermissions(ComponentDto baseComponent) {
     String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid());
-    if (!userSession.hasGlobalPermission(GlobalPermissions.SYSTEM_ADMIN) &&
-      !userSession.hasProjectPermissionByUuid(UserRole.ADMIN, projectUuid) &&
-      !userSession.hasProjectPermissionByUuid(UserRole.USER, projectUuid)) {
+    if (!userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN) &&
+      !userSession.hasComponentUuidPermission(UserRole.ADMIN, projectUuid) &&
+      !userSession.hasComponentUuidPermission(UserRole.USER, projectUuid)) {
       throw insufficientPrivilegesException();
     }
   }