From: Anita Stanisz <106669481+anita-stanisz-sonarsource@users.noreply.github.com> Date: Fri, 11 Oct 2024 15:03:44 +0000 (+0200) Subject: SONAR-23142 Fix SSF X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=refs%2Fheads%2Fbranch-9.9;p=sonarqube.git SONAR-23142 Fix SSF --- diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AddCommentAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AddCommentAction.java index 696d8bc08ab..d746c0dbec0 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AddCommentAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AddCommentAction.java @@ -100,7 +100,7 @@ public class AddCommentAction implements IssuesWsAction { DefaultIssue defaultIssue = issueDto.toDefaultIssue(); issueFieldsSetter.addComment(defaultIssue, wsRequest.getText(), context); SearchResponseData preloadedSearchResponseData = issueUpdater.saveIssueAndPreloadSearchResponseData(dbSession, defaultIssue, context); - responseWriter.write(defaultIssue.key(), preloadedSearchResponseData, request, response); + responseWriter.write(defaultIssue.key(), preloadedSearchResponseData, request, response, true); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AssignAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AssignAction.java index d3b87fb0c9a..619b94aac88 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AssignAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/AssignAction.java @@ -97,7 +97,7 @@ public class AssignAction implements IssuesWsAction { String assignee = getAssignee(request); String key = request.mandatoryParam(PARAM_ISSUE); SearchResponseData preloadedResponseData = assign(key, assignee); - responseWriter.write(key, preloadedResponseData, request, response); + responseWriter.write(key, preloadedResponseData, request, response, true); } private SearchResponseData assign(String issueKey, @Nullable String login) { diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DeleteCommentAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DeleteCommentAction.java index fe24e8f00e9..592bfcb1d77 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DeleteCommentAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DeleteCommentAction.java @@ -83,7 +83,7 @@ public class DeleteCommentAction implements IssuesWsAction { CommentData commentData = loadCommentData(dbSession, request); deleteComment(dbSession, commentData); IssueDto issueDto = commentData.getIssueDto(); - responseWriter.write(issueDto.getKey(), new SearchResponseData(issueDto), request, response); + responseWriter.write(issueDto.getKey(), new SearchResponseData(issueDto), request, response, true); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java index f0ef92a11da..bf3ceb5f714 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java @@ -109,7 +109,7 @@ public class DoTransitionAction implements IssuesWsAction { try (DbSession dbSession = dbClient.openSession(false)) { IssueDto issueDto = issueFinder.getByKey(dbSession, issue); SearchResponseData preloadedSearchResponseData = doTransition(dbSession, issueDto, request.mandatoryParam(PARAM_TRANSITION)); - responseWriter.write(issue, preloadedSearchResponseData, request, response); + responseWriter.write(issue, preloadedSearchResponseData, request, response, true); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/EditCommentAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/EditCommentAction.java index 73958a4f446..521fc143ae7 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/EditCommentAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/EditCommentAction.java @@ -93,7 +93,7 @@ public class EditCommentAction implements IssuesWsAction { CommentData commentData = loadCommentData(dbSession, toWsRequest(request)); updateComment(dbSession, commentData); IssueDto issueDto = commentData.getIssueDto(); - responseWriter.write(issueDto.getKey(), new SearchResponseData(issueDto), request, response); + responseWriter.write(issueDto.getKey(), new SearchResponseData(issueDto), request, response, true); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/OperationResponseWriter.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/OperationResponseWriter.java index 427beca3c6f..717ec461687 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/OperationResponseWriter.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/OperationResponseWriter.java @@ -37,11 +37,11 @@ public class OperationResponseWriter { this.format = format; } - public void write(String issueKey, SearchResponseData preloadedResponseData, Request request, Response response) { + public void write(String issueKey, SearchResponseData preloadedResponseData, Request request, Response response, boolean showAuthor) { SearchResponseLoader.Collector collector = new SearchResponseLoader.Collector(singletonList(issueKey)); SearchResponseData data = loader.load(preloadedResponseData, collector, ALL_ADDITIONAL_FIELDS,null); - Issues.Operation responseBody = format.formatOperation(data); + Issues.Operation responseBody = format.formatOperation(data, showAuthor); WsUtils.writeProtobuf(responseBody, request, response); } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchAction.java index a1cd90901f4..e0c16728977 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchAction.java @@ -451,14 +451,14 @@ public class SearchAction implements IssuesWsAction { // FIXME allow long in Paging Paging paging = forPageIndex(options.getPage()).withPageSize(options.getLimit()).andTotal((int) getTotalHits(result).value); - return searchResponseFormat.formatSearch(additionalFields, data, paging, facets); + return searchResponseFormat.formatSearch(additionalFields, data, paging, facets, userSession.isLoggedIn()); } private static TotalHits getTotalHits(SearchResponse response) { return ofNullable(response.getHits().getTotalHits()).orElseThrow(() -> new IllegalStateException("Could not get total hits of search results")); } - private static SearchOptions createSearchOptionsFromRequest(SearchRequest request) { + private SearchOptions createSearchOptionsFromRequest(SearchRequest request) { SearchOptions options = new SearchOptions(); options.setPage(request.getPage(), request.getPageSize()); @@ -468,7 +468,11 @@ public class SearchAction implements IssuesWsAction { return options; } - options.addFacets(facets); + List requestedFacets = new ArrayList<>(facets); + if (!userSession.isLoggedIn()) { + requestedFacets.remove(PARAM_AUTHOR); + } + options.addFacets(requestedFacets); return options; } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchResponseFormat.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchResponseFormat.java index 38ab2365ef3..06e35c4d5fd 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchResponseFormat.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchResponseFormat.java @@ -90,19 +90,21 @@ public class SearchResponseFormat { private final TextRangeResponseFormatter textRangeFormatter; private final UserResponseFormatter userFormatter; - public SearchResponseFormat(Durations durations, Languages languages, TextRangeResponseFormatter textRangeFormatter, UserResponseFormatter userFormatter) { + public SearchResponseFormat(Durations durations, Languages languages, TextRangeResponseFormatter textRangeFormatter, + UserResponseFormatter userFormatter) { this.durations = durations; this.languages = languages; this.textRangeFormatter = textRangeFormatter; this.userFormatter = userFormatter; } - SearchWsResponse formatSearch(Set fields, SearchResponseData data, Paging paging, Facets facets) { + SearchWsResponse formatSearch(Set fields, SearchResponseData data, Paging paging, Facets facets, + boolean showAuthor) { SearchWsResponse.Builder response = SearchWsResponse.newBuilder(); formatPaging(paging, response); ofNullable(data.getEffortTotal()).ifPresent(response::setEffortTotal); - response.addAllIssues(createIssues(fields, data)); + response.addAllIssues(createIssues(fields, data, showAuthor)); response.addAllComponents(formatComponents(data)); formatFacets(data, facets, response); if (fields.contains(SearchAdditionalField.RULES)) { @@ -117,12 +119,12 @@ public class SearchResponseFormat { return response.build(); } - Operation formatOperation(SearchResponseData data) { + Operation formatOperation(SearchResponseData data, boolean showAuthor) { Operation.Builder response = Operation.newBuilder(); if (data.getIssues().size() == 1) { IssueDto dto = data.getIssues().get(0); - response.setIssue(createIssue(ALL_ADDITIONAL_FIELDS, data, dto)); + response.setIssue(createIssue(ALL_ADDITIONAL_FIELDS, data, dto, showAuthor)); } response.addAllComponents(formatComponents(data)); response.addAllRules(formatRules(data).getRulesList()); @@ -144,20 +146,20 @@ public class SearchResponseFormat { .setTotal(paging.total()); } - private List createIssues(Collection fields, SearchResponseData data) { + private List createIssues(Collection fields, SearchResponseData data, boolean showAuthor) { return data.getIssues().stream() - .map(dto -> createIssue(fields, data, dto)) + .map(dto -> createIssue(fields, data, dto, showAuthor)) .toList(); } - private Issue createIssue(Collection fields, SearchResponseData data, IssueDto dto) { + private Issue createIssue(Collection fields, SearchResponseData data, IssueDto dto, boolean showAuthor) { Issue.Builder issueBuilder = Issue.newBuilder(); - addMandatoryFieldsToIssueBuilder(issueBuilder, dto, data); + addMandatoryFieldsToIssueBuilder(issueBuilder, dto, data, showAuthor); addAdditionalFieldsToIssueBuilder(fields, data, dto, issueBuilder); return issueBuilder.build(); } - private void addMandatoryFieldsToIssueBuilder(Issue.Builder issueBuilder, IssueDto dto, SearchResponseData data) { + private void addMandatoryFieldsToIssueBuilder(Issue.Builder issueBuilder, IssueDto dto, SearchResponseData data, boolean showAuthor) { issueBuilder.setKey(dto.getKey()); issueBuilder.setType(Common.RuleType.forNumber(dto.getType())); @@ -176,6 +178,7 @@ public class SearchResponseFormat { issueBuilder.setSeverity(Common.Severity.valueOf(dto.getSeverity())); } ofNullable(data.getUserByUuid(dto.getAssigneeUuid())).ifPresent(assignee -> issueBuilder.setAssignee(assignee.getLogin())); + ofNullable(emptyToNull(dto.getResolution())).ifPresent(issueBuilder::setResolution); issueBuilder.setStatus(dto.getStatus()); issueBuilder.setMessage(nullToEmpty(dto.getMessage())); @@ -191,7 +194,9 @@ public class SearchResponseFormat { ofNullable(emptyToNull(dto.getChecksum())).ifPresent(issueBuilder::setHash); completeIssueLocations(dto, issueBuilder, data); - issueBuilder.setAuthor(nullToEmpty(dto.getAuthorLogin())); + if (showAuthor) { + issueBuilder.setAuthor(nullToEmpty(dto.getAuthorLogin())); + } ofNullable(dto.getIssueCreationDate()).map(DateUtils::formatDateTime).ifPresent(issueBuilder::setCreationDate); ofNullable(dto.getIssueUpdateDate()).map(DateUtils::formatDateTime).ifPresent(issueBuilder::setUpdateDate); ofNullable(dto.getIssueCloseDate()).map(DateUtils::formatDateTime).ifPresent(issueBuilder::setCloseDate); @@ -202,7 +207,8 @@ public class SearchResponseFormat { issueBuilder.setScope(UNIT_TEST_FILE.equals(component.qualifier()) ? IssueScope.TEST.name() : IssueScope.MAIN.name()); } - private static void addAdditionalFieldsToIssueBuilder(Collection fields, SearchResponseData data, IssueDto dto, Issue.Builder issueBuilder) { + private static void addAdditionalFieldsToIssueBuilder(Collection fields, SearchResponseData data, IssueDto dto, + Issue.Builder issueBuilder) { if (fields.contains(ACTIONS)) { issueBuilder.setActions(createIssueActions(data, dto)); } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetSeverityAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetSeverityAction.java index d5b27b93628..e9e9430fa5e 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetSeverityAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetSeverityAction.java @@ -103,7 +103,7 @@ public class SetSeverityAction implements IssuesWsAction { String severity = request.mandatoryParam(PARAM_SEVERITY); try (DbSession session = dbClient.openSession(false)) { SearchResponseData preloadedSearchResponseData = setType(session, issueKey, severity); - responseWriter.write(issueKey, preloadedSearchResponseData, request, response); + responseWriter.write(issueKey, preloadedSearchResponseData, request, response, true); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTagsAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTagsAction.java index 355e337fdf3..c9735eab1f7 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTagsAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTagsAction.java @@ -95,7 +95,7 @@ public class SetTagsAction implements IssuesWsAction { String key = request.mandatoryParam(PARAM_ISSUE); List tags = MoreObjects.firstNonNull(request.paramAsStrings(PARAM_TAGS), Collections.emptyList()); SearchResponseData preloadedSearchResponseData = setTags(key, tags); - responseWriter.write(key, preloadedSearchResponseData, request, response); + responseWriter.write(key, preloadedSearchResponseData, request, response, true); } private SearchResponseData setTags(String issueKey, List tags) { diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTypeAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTypeAction.java index 9231fa66d8d..9cdb0d66531 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTypeAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SetTypeAction.java @@ -107,7 +107,7 @@ public class SetTypeAction implements IssuesWsAction { RuleType ruleType = RuleType.valueOf(request.mandatoryParam(PARAM_TYPE)); try (DbSession session = dbClient.openSession(false)) { SearchResponseData preloadedSearchResponseData = setType(session, issueKey, ruleType); - responseWriter.write(issueKey, preloadedSearchResponseData, request, response); + responseWriter.write(issueKey, preloadedSearchResponseData, request, response, true); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java index 7d8a89e8812..16716a9824f 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/IssueSnippetsAction.java @@ -145,7 +145,7 @@ public class IssueSnippetsAction implements SourcesWsAction { componentViewerJsonWriter.writeComponentWithoutFav(writer, fileDto, dbSession, branch, pullRequest); componentViewerJsonWriter.writeMeasures(writer, fileDto, dbSession); writer.endObject(); - linesJsonWriter.writeSource(lineSources, writer, periodDateSupplier); + linesJsonWriter.writeSource(lineSources, writer, periodDateSupplier, userSession.isLoggedIn()); writer.endObject(); } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesAction.java index 50fa3e91147..9988fba5d75 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesAction.java @@ -150,7 +150,7 @@ public class LinesAction implements SourcesWsAction { "No source found for file '%s' (uuid: %s)", file.getKey(), file.uuid()); try (JsonWriter json = response.newJsonWriter()) { json.beginObject(); - linesJsonWriter.writeSource(lines, json, periodDateSupplier); + linesJsonWriter.writeSource(lines, json, periodDateSupplier, userSession.isLoggedIn()); json.endObject(); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesJsonWriter.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesJsonWriter.java index 34bacaed64e..b23bbd65134 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesJsonWriter.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/LinesJsonWriter.java @@ -34,7 +34,8 @@ public class LinesJsonWriter { this.htmlSourceDecorator = htmlSourceDecorator; } - public void writeSource(Iterable lines, JsonWriter json, Supplier> periodDateSupplier) { + public void writeSource(Iterable lines, JsonWriter json, Supplier> periodDateSupplier, + boolean showAuthor) { Long periodDate = null; json.name("sources").beginArray(); @@ -43,7 +44,9 @@ public class LinesJsonWriter { .prop("line", line.getLine()) .prop("code", htmlSourceDecorator.getDecoratedSourceAsHtml(line.getSource(), line.getHighlighting(), line.getSymbols())) .prop("scmRevision", line.getScmRevision()); - json.prop("scmAuthor", line.getScmAuthor()); + if (showAuthor) { + json.prop("scmAuthor", line.getScmAuthor()); + } if (line.hasScmDate()) { json.prop("scmDate", DateUtils.formatDateTime(new Date(line.getScmDate()))); } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/ScmAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/ScmAction.java index 894cfa39283..5d176afa0c9 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/ScmAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/source/ws/ScmAction.java @@ -104,7 +104,8 @@ public class ScmAction implements SourcesWsAction { try (DbSession dbSession = dbClient.openSession(false)) { ComponentDto file = componentFinder.getByKey(dbSession, fileKey); userSession.checkComponentPermission(UserRole.CODEVIEWER, file); - Iterable sourceLines = checkFoundWithOptional(sourceService.getLines(dbSession, file.uuid(), from, to), "File '%s' has no sources", fileKey); + Iterable sourceLines = checkFoundWithOptional(sourceService.getLines(dbSession, file.uuid(), from, to), "File " + + "'%s' has no sources", fileKey); try (JsonWriter json = response.newJsonWriter()) { json.beginObject(); writeSource(sourceLines, commitsByLine, json); @@ -113,7 +114,7 @@ public class ScmAction implements SourcesWsAction { } } - private static void writeSource(Iterable lines, boolean showCommitsByLine, JsonWriter json) { + private void writeSource(Iterable lines, boolean showCommitsByLine, JsonWriter json) { json.name("scm").beginArray(); DbFileSources.Line previousLine = null; @@ -121,8 +122,8 @@ public class ScmAction implements SourcesWsAction { for (DbFileSources.Line lineDoc : lines) { if (hasScm(lineDoc) && (!started || showCommitsByLine || !isSameCommit(previousLine, lineDoc))) { json.beginArray() - .value(lineDoc.getLine()) - .value(lineDoc.getScmAuthor()); + .value(lineDoc.getLine()); + json.value(userSession.isLoggedIn() ? lineDoc.getScmAuthor() : ""); json.value(lineDoc.hasScmDate() ? DateUtils.formatDateTime(new Date(lineDoc.getScmDate())) : null); json.value(lineDoc.getScmRevision()); json.endArray(); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/AddCommentActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/AddCommentActionTest.java index e957a923fd8..1c5047691c9 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/AddCommentActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/AddCommentActionTest.java @@ -113,7 +113,7 @@ public class AddCommentActionTest { call(issueDto.getKey(), "please fix it"); - verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class)); + verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class), eq(true)); verifyContentOfPreloadedSearchResponseData(issueDto); IssueChangeDto issueComment = dbClient.issueChangeDao().selectByTypeAndIssueKeys(dbTester.getSession(), singletonList(issueDto.getKey()), TYPE_COMMENT).get(0); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DeleteCommentActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DeleteCommentActionTest.java index afc581737b8..0d51fec2371 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DeleteCommentActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DeleteCommentActionTest.java @@ -75,7 +75,7 @@ public class DeleteCommentActionTest { call(commentDto.getKey()); - verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class)); + verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class), eq(true)); assertThat(dbClient.issueChangeDao().selectCommentByKey(dbTester.getSession(), commentDto.getKey())).isNotPresent(); verifyContentOfPreloadedSearchResponseData(issueDto); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DoTransitionActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DoTransitionActionTest.java index 0ae11cebe57..00e9899cf5e 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DoTransitionActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/DoTransitionActionTest.java @@ -125,7 +125,7 @@ public class DoTransitionActionTest { call(issue.getKey(), "confirm"); - verify(responseWriter).write(eq(issue.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class)); + verify(responseWriter).write(eq(issue.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class), eq(true)); verifyContentOfPreloadedSearchResponseData(issue); verify(issueChangeEventService).distributeIssueChangeEvent(any(), any(), any(), any(), any(), any()); IssueDto issueReloaded = db.getDbClient().issueDao().selectByKey(db.getSession(), issue.getKey()).get(); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/EditCommentActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/EditCommentActionTest.java index 246ef6b6c29..f8837ebd40c 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/EditCommentActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/EditCommentActionTest.java @@ -86,7 +86,7 @@ public class EditCommentActionTest { call(commentDto.getKey(), "please have a look"); - verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class)); + verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class), eq(true)); verifyContentOfPreloadedSearchResponseData(issueDto); IssueChangeDto issueComment = dbClient.issueChangeDao().selectCommentByKey(dbTester.getSession(), commentDto.getKey()).get(); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java index 6e93803b06e..d0f4aeb5e0e 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java @@ -916,6 +916,7 @@ public class SearchActionTest { @Test public void search_by_author() { + userSession.logIn(); ComponentDto project = db.components().insertPublicProject(); ComponentDto file = db.components().insertComponent(newFileDto(project, null)); RuleDto rule = db.rules().insertIssueRule(); @@ -946,6 +947,27 @@ public class SearchActionTest { .isEmpty(); } + @Test + public void hide_author_if_not_logged_in() { + ComponentDto project = db.components().insertPublicProject(); + ComponentDto file = db.components().insertComponent(newFileDto(project)); + RuleDto rule = db.rules().insertIssueRule(); + db.issues().insertIssue(rule, project, file, i -> i.setAuthorLogin("leia")); + db.issues().insertIssue(rule, project, file, i -> i.setAuthorLogin("luke")); + db.issues().insertIssue(rule, project, file, i -> i.setAuthorLogin("han, solo")); + indexPermissionsAndIssues(); + + SearchWsResponse response = ws.newRequest() + .setMultiParam("author", asList("leia", "han, solo")) + .setParam(FACETS, "author") + .executeProtobuf(SearchWsResponse.class); + + assertThat(response.getIssuesList()) + .extracting(Issue::getAuthor) + .containsExactlyInAnyOrder("", ""); + assertThat(response.getFacets().getFacetsList()).isEmpty(); + } + @Test public void filter_by_test_scope() { ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY")); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchResponseFormatFormatOperationTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchResponseFormatFormatOperationTest.java index 5ee116be146..0cabe964963 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchResponseFormatFormatOperationTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchResponseFormatFormatOperationTest.java @@ -91,7 +91,7 @@ public class SearchResponseFormatFormatOperationTest { @Test public void formatOperation_should_add_components_to_response() { - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getComponentsList()).hasSize(1); assertThat(result.getComponentsList().get(0).getKey()).isEqualTo(issueDto.getComponentKey()); @@ -99,7 +99,7 @@ public class SearchResponseFormatFormatOperationTest { @Test public void formatOperation_should_add_rules_to_response() { - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getRulesList()).hasSize(1); assertThat(result.getRulesList().get(0).getKey()).isEqualTo(issueDto.getRuleKey().toString()); @@ -107,7 +107,7 @@ public class SearchResponseFormatFormatOperationTest { @Test public void formatOperation_should_add_users_to_response() { - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getUsersList()).hasSize(1); assertThat(result.getUsers(0)).isSameAs(user); @@ -115,7 +115,7 @@ public class SearchResponseFormatFormatOperationTest { @Test public void formatOperation_should_add_issue_to_response() { - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertIssueEqualsIssueDto(result.getIssue(), issueDto); } @@ -145,7 +145,7 @@ public class SearchResponseFormatFormatOperationTest { public void formatOperation_should_not_add_issue_when_several_issue() { searchResponseData = new SearchResponseData(List.of(createIssue(), createIssue())); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue()).isEqualTo(Issue.getDefaultInstance()); } @@ -162,14 +162,14 @@ public class SearchResponseFormatFormatOperationTest { public void formatOperation_should_add_branch_on_issue() { String branchName = randomAlphanumeric(5); searchResponseData = newSearchResponseDataBranch(branchName); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getBranch()).isEqualTo(branchName); } @Test public void formatOperation_should_add_pullrequest_on_issue() { searchResponseData = newSearchResponseDataPr("pr1"); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getPullRequest()).isEqualTo("pr1"); } @@ -177,7 +177,7 @@ public class SearchResponseFormatFormatOperationTest { public void formatOperation_should_add_project_on_issue() { issueDto.setProjectUuid(componentDto.uuid()); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getProject()).isEqualTo(componentDto.getKey()); } @@ -188,7 +188,7 @@ public class SearchResponseFormatFormatOperationTest { String expected = randomAlphanumeric(5); issueDto.setRuleKey(EXTERNAL_RULE_REPO_PREFIX + expected, randomAlphanumeric(5)); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getExternalRuleEngine()).isEqualTo(expected); } @@ -199,7 +199,7 @@ public class SearchResponseFormatFormatOperationTest { issueDto.setEffort(effort); String expected = durations.encode(Duration.create(effort)); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getEffort()).isEqualTo(expected); assertThat(result.getIssue().getDebt()).isEqualTo(expected); @@ -209,7 +209,7 @@ public class SearchResponseFormatFormatOperationTest { public void formatOperation_should_add_scope_test_on_issue_when_unit_test_file() { componentDto.setQualifier(UNIT_TEST_FILE); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getScope()).isEqualTo(TEST.name()); } @@ -218,7 +218,7 @@ public class SearchResponseFormatFormatOperationTest { public void formatOperation_should_add_scope_main_on_issue_when_not_unit_test_file() { componentDto.setQualifier(randomAlphanumeric(5)); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getScope()).isEqualTo(MAIN.name()); } @@ -228,7 +228,7 @@ public class SearchResponseFormatFormatOperationTest { Set expectedActions = Set.of("actionA", "actionB"); searchResponseData.addActions(issueDto.getKey(), expectedActions); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getActions().getActionsList()).containsExactlyInAnyOrderElementsOf(expectedActions); } @@ -238,7 +238,7 @@ public class SearchResponseFormatFormatOperationTest { Set expectedTransitions = Set.of("transitionone", "transitiontwo"); searchResponseData.addTransitions(issueDto.getKey(), createFakeTransitions(expectedTransitions)); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getTransitions().getTransitionsList()).containsExactlyInAnyOrderElementsOf(expectedTransitions); } @@ -254,7 +254,7 @@ public class SearchResponseFormatFormatOperationTest { IssueChangeDto issueChangeDto = newIssuechangeDto(issueDto); searchResponseData.setComments(List.of(issueChangeDto)); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().getComments().getCommentsList()).hasSize(1).extracting(Common.Comment::getKey).containsExactly(issueChangeDto.getKey()); } @@ -263,7 +263,7 @@ public class SearchResponseFormatFormatOperationTest { public void formatOperation_should_not_set_severity_for_security_hotspot_issue() { issueDto.setType(SECURITY_HOTSPOT); - Operation result = searchResponseFormat.formatOperation(searchResponseData); + Operation result = searchResponseFormat.formatOperation(searchResponseData, true); assertThat(result.getIssue().hasSeverity()).isFalse(); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetSeverityActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetSeverityActionTest.java index 8a54486a0a4..97acf03c05c 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetSeverityActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetSeverityActionTest.java @@ -108,7 +108,7 @@ public class SetSeverityActionTest { call(issueDto.getKey(), MINOR); - verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class)); + verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class), eq(true)); verifyContentOfPreloadedSearchResponseData(issueDto); verify(issueChangeEventService).distributeIssueChangeEvent(any(), any(), any(), any(), any(), any()); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTagsActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTagsActionTest.java index d1cd0c82ab1..d884c27e0d0 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTagsActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTagsActionTest.java @@ -102,7 +102,7 @@ public class SetTagsActionTest { call(issueDto.getKey(), "bug", "todo"); - verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class)); + verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class), eq(true)); verifyContentOfPreloadedSearchResponseData(issueDto); IssueDto issueReloaded = dbClient.issueDao().selectByKey(db.getSession(), issueDto.getKey()).get(); assertThat(issueReloaded.getTags()).containsOnly("bug", "todo"); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTypeActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTypeActionTest.java index a3c07cc38b9..b5f5bc22779 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTypeActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTypeActionTest.java @@ -122,7 +122,7 @@ public class SetTypeActionTest { call(issueDto.getKey(), to.name()); - verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class)); + verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class), eq(true)); IssueDto issueReloaded = dbClient.issueDao().selectByKey(dbTester.getSession(), issueDto.getKey()).get(); assertThat(issueReloaded.getType()).isEqualTo(to.getDbConstant()); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/LinesActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/LinesActionTest.java index c41e6df709b..125199b4b81 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/LinesActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/LinesActionTest.java @@ -48,6 +48,7 @@ import org.sonar.server.ws.WsActionTester; import static java.lang.String.format; import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric; +import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.Mockito.mock; @@ -67,7 +68,8 @@ public class LinesActionTest { private final HtmlSourceDecorator htmlSourceDecorator = mock(HtmlSourceDecorator.class); private final SourceService sourceService = new SourceService(db.getDbClient(), htmlSourceDecorator); private final LinesJsonWriter linesJsonWriter = new LinesJsonWriter(htmlSourceDecorator); - private final LinesAction underTest = new LinesAction(TestComponentFinder.from(db), db.getDbClient(), sourceService, linesJsonWriter, userSession); + private final LinesAction underTest = new LinesAction(TestComponentFinder.from(db), db.getDbClient(), sourceService, linesJsonWriter, + userSession); private final WsActionTester tester = new WsActionTester(underTest); @Before @@ -354,10 +356,12 @@ public class LinesActionTest { ComponentDto file = insertFileWithData(data, publicProject); - tester.newRequest() + String response = tester.newRequest() .setParam("uuid", file.uuid()) .execute() - .assertJson(getClass(), "hide_scmAuthors.json"); + .getInput(); + + assertThat(response).doesNotContain("isaac@asimov.com"); } @Test diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/ScmActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/ScmActionTest.java index 688a201be8d..abc76d138b6 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/ScmActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/source/ws/ScmActionTest.java @@ -72,6 +72,7 @@ public class ScmActionTest { @Test public void show_scm() { + userSessionRule.logIn(); userSessionRule.addProjectPermission(UserRole.CODEVIEWER, project, file); dbTester.getDbClient().fileSourceDao().insert(dbSession, new FileSourceDto() @@ -88,8 +89,27 @@ public class ScmActionTest { .assertJson(getClass(), "show_scm.json"); } + @Test + public void hide_author_if_not_logged_in() { + userSessionRule.addProjectPermission(UserRole.CODEVIEWER, project, file); + + dbTester.getDbClient().fileSourceDao().insert(dbSession, new FileSourceDto() + .setUuid(Uuids.createFast()) + .setProjectUuid(PROJECT_UUID) + .setFileUuid(FILE_UUID) + .setSourceData(DbFileSources.Data.newBuilder().addLines( + newSourceLine("julien", "123-456-789", DateUtils.parseDateTime("2015-03-30T12:34:56+0000"), 1)).build())); + dbSession.commit(); + + tester.newRequest() + .setParam("key", FILE_KEY) + .execute() + .assertJson(getClass(), "hide_author.json"); + } + @Test public void show_scm_from_given_range_lines() { + userSessionRule.logIn(); userSessionRule.addProjectPermission(UserRole.CODEVIEWER, project, file); dbTester.getDbClient().fileSourceDao().insert(dbSession, new FileSourceDto() @@ -114,6 +134,7 @@ public class ScmActionTest { @Test public void not_group_lines_by_commit() { + userSessionRule.logIn(); userSessionRule.addProjectPermission(UserRole.CODEVIEWER, project, file); // lines 1 and 2 are the same commit, but not 3 (different date) @@ -138,6 +159,7 @@ public class ScmActionTest { @Test public void group_lines_by_commit() { + userSessionRule.logIn(); userSessionRule.addProjectPermission(UserRole.CODEVIEWER, project, file); // lines 1 and 2 are the same commit, but not 3 (different date) @@ -162,6 +184,7 @@ public class ScmActionTest { @Test public void accept_negative_value_in_from_parameter() { + userSessionRule.logIn(); userSessionRule.addProjectPermission(UserRole.CODEVIEWER, project, file); dbTester.getDbClient().fileSourceDao().insert(dbSession, new FileSourceDto() diff --git a/server/sonar-webserver-webapi/src/test/resources/org/sonar/server/source/ws/LinesActionTest/hide_scmAuthors.json b/server/sonar-webserver-webapi/src/test/resources/org/sonar/server/source/ws/LinesActionTest/hide_scmAuthors.json index 2fd47642208..e69de29bb2d 100644 --- a/server/sonar-webserver-webapi/src/test/resources/org/sonar/server/source/ws/LinesActionTest/hide_scmAuthors.json +++ b/server/sonar-webserver-webapi/src/test/resources/org/sonar/server/source/ws/LinesActionTest/hide_scmAuthors.json @@ -1,12 +0,0 @@ -{ - "sources": [ - { - "line": 1, - "code": "\u003cp\u003eSOURCE_1\u003c/p\u003e", - "scmRevision": "REVISION_1", - "scmDate": "1974-10-03T03:40:00+0100", - "duplicated": false, - "isNew": false - } - ] -} diff --git a/server/sonar-webserver-webapi/src/test/resources/org/sonar/server/source/ws/ScmActionTest/hide_author.json b/server/sonar-webserver-webapi/src/test/resources/org/sonar/server/source/ws/ScmActionTest/hide_author.json new file mode 100644 index 00000000000..711dd670d7b --- /dev/null +++ b/server/sonar-webserver-webapi/src/test/resources/org/sonar/server/source/ws/ScmActionTest/hide_author.json @@ -0,0 +1,5 @@ +{ + "scm": [ + [1, "","2015-03-30T12:34:56+0000", "123-456-789"] + ] +}