From 06942cb74cc12c09f1ab2424fea95e5c4fcfd872 Mon Sep 17 00:00:00 2001 From: Simon Brandhof Date: Tue, 7 Feb 2017 16:08:55 +0100 Subject: [PATCH] Fix Quality flaws --- .../sonar/server/permission/PermissionTemplateService.java | 3 ++- .../src/main/java/org/sonar/server/ui/ws/ComponentAction.java | 4 ++-- .../main/java/org/sonar/server/user/ServerUserSession.java | 4 ---- .../java/org/sonar/server/user/ws/ChangePasswordAction.java | 1 - 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionTemplateService.java b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionTemplateService.java index 34cda3357d3..0054d91d48d 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionTemplateService.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionTemplateService.java @@ -77,7 +77,8 @@ public class PermissionTemplateService { } String effectiveKey = ComponentKeys.createKey(projectKey, branch); - PermissionTemplateDto template = findTemplate(dbSession, organizationUuid, new ComponentDto().setOrganizationUuid(organizationUuid).setKey(effectiveKey).setQualifier(qualifier)); + ComponentDto dto = new ComponentDto().setOrganizationUuid(organizationUuid).setKey(effectiveKey).setQualifier(qualifier); + PermissionTemplateDto template = findTemplate(dbSession, organizationUuid, dto); if (template == null) { return false; } diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java index 1dbf7b6e139..b15ccd19b7e 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java @@ -50,7 +50,6 @@ import org.sonar.db.property.PropertyDto; import org.sonar.db.property.PropertyQuery; import org.sonar.db.qualitygate.QualityGateDto; import org.sonar.server.component.ComponentFinder; -import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.qualitygate.QualityGateFinder; import org.sonar.server.qualityprofile.QPMeasureData; import org.sonar.server.qualityprofile.QualityProfile; @@ -61,6 +60,7 @@ import static org.sonar.api.measures.CoreMetrics.QUALITY_PROFILES_KEY; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.USER; import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; +import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; public class ComponentAction implements NavigationWsAction { @@ -129,7 +129,7 @@ public class ComponentAction implements NavigationWsAction { try (DbSession session = dbClient.openSession(false)) { ComponentDto component = componentFinder.getByKey(session, componentKey); if (!(userSession.hasComponentPermission(USER, component) || userSession.hasComponentPermission(ADMIN, component))) { - throw new ForbiddenException("Insufficient privileges"); + throw insufficientPrivilegesException(); } OrganizationDto org = componentFinder.getOrganization(session, component); Optional analysis = dbClient.snapshotDao().selectLastAnalysisByRootComponentUuid(session, component.projectUuid()); diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java index e92b7c4a8d0..7c78afca6f4 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java @@ -36,7 +36,6 @@ import javax.annotation.Nullable; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.component.ComponentDto; -import org.sonar.db.component.ResourceDao; import org.sonar.db.user.GroupDto; import org.sonar.db.user.UserDto; @@ -50,10 +49,8 @@ public class ServerUserSession extends AbstractUserSession { @CheckForNull private final UserDto userDto; private final DbClient dbClient; - private final ResourceDao resourceDao; private final Supplier> groups; private List globalPermissions = null; - private SetMultimap projectKeyByPermission = HashMultimap.create(); private SetMultimap projectUuidByPermission = HashMultimap.create(); private SetMultimap permissionsByOrganizationUuid; private Map projectUuidByComponentUuid = newHashMap(); @@ -62,7 +59,6 @@ public class ServerUserSession extends AbstractUserSession { private ServerUserSession(DbClient dbClient, @Nullable UserDto userDto) { this.userDto = userDto; this.dbClient = dbClient; - this.resourceDao = dbClient.resourceDao(); this.groups = Suppliers.memoize(this::loadGroups); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/ChangePasswordAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/ChangePasswordAction.java index c256a804e7c..98a959ae05a 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/ChangePasswordAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/ChangePasswordAction.java @@ -22,7 +22,6 @@ package org.sonar.server.user.ws; import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.user.UserDto; -- 2.39.5