From 17e9c348c95df39c9434b904ac69faa755afaa77 Mon Sep 17 00:00:00 2001 From: Teryk Bellahsene Date: Mon, 27 Jul 2015 17:13:42 +0200 Subject: [PATCH] SONAR-6483 WS global_permissions/add_group add global permission to a group --- .../permission/InternalPermissionService.java | 2 +- .../server/permission/ws/AddGroupAction.java | 73 +++++++++++++ .../server/permission/ws/PermissionsWs.java | 16 ++- .../permission/ws/PermissionsWsAction.java | 27 +++++ .../permission/ws/PermissionsWsModule.java | 32 ++++++ .../platformlevel/PlatformLevel4.java | 4 +- .../server/usergroups/ws/CreateAction.java | 2 +- .../permission/ws/AddGroupActionTest.java | 100 ++++++++++++++++++ .../ws/PermissionsWsModuleTest.java | 35 ++++++ 9 files changed, 285 insertions(+), 6 deletions(-) create mode 100644 server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddGroupAction.java create mode 100644 server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsAction.java create mode 100644 server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java create mode 100644 server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java create mode 100644 server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/InternalPermissionService.java b/server/sonar-server/src/main/java/org/sonar/server/permission/InternalPermissionService.java index 8585230c97d..281bbcd7761 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/InternalPermissionService.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/InternalPermissionService.java @@ -100,7 +100,7 @@ public class InternalPermissionService { try { applyChange(Operation.ADD, change, session); } finally { - session.close(); + dbClient.closeSession(session); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddGroupAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddGroupAction.java new file mode 100644 index 00000000000..40ec37a08cb --- /dev/null +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddGroupAction.java @@ -0,0 +1,73 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +package org.sonar.server.permission.ws; + +import org.sonar.api.server.ws.Request; +import org.sonar.api.server.ws.Response; +import org.sonar.api.server.ws.WebService; +import org.sonar.core.permission.GlobalPermissions; +import org.sonar.server.permission.InternalPermissionService; +import org.sonar.server.permission.PermissionChange; + +public class AddGroupAction implements PermissionsWsAction { + + public static final String ACTION = "add_group"; + public static final String PARAM_PERMISSION = "permission"; + public static final String PARAM_GROUP_NAME = "groupName"; + + private final InternalPermissionService permissionService; + + public AddGroupAction(InternalPermissionService permissionService) { + this.permissionService = permissionService; + } + + @Override + public void define(WebService.NewController context) { + WebService.NewAction action = context.createAction(ACTION) + .setDescription("Add permission to a group.
Requires 'Administer System' permission.") + .setSince("5.2") + .setPost(true) + .setHandler(this); + + action.createParam(PARAM_PERMISSION) + .setDescription("Permission") + .setRequired(true) + .setPossibleValues(GlobalPermissions.ALL); + + action.createParam(PARAM_GROUP_NAME) + .setRequired(true) + .setDescription("Group name or 'anyone' (whatever the case)") + .setExampleValue("sonar-administrators"); + } + + @Override + public void handle(Request request, Response response) throws Exception { + String permission = request.mandatoryParam(PARAM_PERMISSION); + String groupName = request.mandatoryParam(PARAM_GROUP_NAME); + permissionService.addPermission( + new PermissionChange() + .setPermission(permission) + .setGroup(groupName) + ); + + response.noContent(); + } +} diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWs.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWs.java index 1bc071d8dbf..748f0e56834 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWs.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWs.java @@ -29,12 +29,24 @@ import org.sonar.core.permission.GlobalPermissions; public class PermissionsWs implements WebService { + public static final String ENDPOINT = "api/permissions"; + + private final PermissionsWsAction[] actions; + + public PermissionsWs(PermissionsWsAction... actions) { + this.actions = actions; + } + @Override public void define(Context context) { - NewController controller = context.createController("api/permissions"); - controller.setDescription("Permissions"); + NewController controller = context.createController(ENDPOINT); + controller.setDescription("Permissions management"); controller.setSince("3.7"); + for (PermissionsWsAction action : actions) { + action.define(controller); + } + defineAddAction(controller); defineRemoveAction(controller); diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsAction.java new file mode 100644 index 00000000000..851b9c02872 --- /dev/null +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsAction.java @@ -0,0 +1,27 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +package org.sonar.server.permission.ws; + +import org.sonar.server.ws.WsAction; + +public interface PermissionsWsAction extends WsAction { + // marker interface +} diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java new file mode 100644 index 00000000000..3ca51ee7b8c --- /dev/null +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java @@ -0,0 +1,32 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +package org.sonar.server.permission.ws; + +import org.sonar.core.platform.Module; + +public class PermissionsWsModule extends Module { + @Override + protected void configureModule() { + add( + PermissionsWs.class, + AddGroupAction.class); + } +} diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java b/server/sonar-server/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java index 92cdbaaa37d..c7159655879 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java +++ b/server/sonar-server/src/main/java/org/sonar/server/platform/platformlevel/PlatformLevel4.java @@ -176,7 +176,7 @@ import org.sonar.server.notification.email.EmailNotificationChannel; import org.sonar.server.permission.InternalPermissionService; import org.sonar.server.permission.InternalPermissionTemplateService; import org.sonar.server.permission.PermissionFinder; -import org.sonar.server.permission.ws.PermissionsWs; +import org.sonar.server.permission.ws.PermissionsWsModule; import org.sonar.server.platform.BackendCleanup; import org.sonar.server.platform.SettingsChangeNotifier; import org.sonar.server.platform.monitoring.DatabaseMonitor; @@ -558,7 +558,7 @@ public class PlatformLevel4 extends PlatformLevel { InternalPermissionService.class, InternalPermissionTemplateService.class, PermissionFinder.class, - PermissionsWs.class, + PermissionsWsModule.class, // components ProjectsWsModule.class, diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java index ceaedac87d3..309ea6a5d0d 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java @@ -25,9 +25,9 @@ import org.sonar.api.server.ws.WebService.NewAction; import org.sonar.api.server.ws.WebService.NewController; import org.sonar.api.utils.text.JsonWriter; import org.sonar.core.permission.GlobalPermissions; +import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.user.GroupDto; -import org.sonar.server.db.DbClient; import org.sonar.server.user.UserSession; import static org.sonar.db.MyBatis.closeQuietly; diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java new file mode 100644 index 00000000000..9a63c7f62ba --- /dev/null +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java @@ -0,0 +1,100 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +package org.sonar.server.permission.ws; + +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.ExpectedException; +import org.mockito.ArgumentCaptor; +import org.sonar.api.utils.System2; +import org.sonar.db.DbTester; +import org.sonar.server.exceptions.ServerException; +import org.sonar.server.permission.InternalPermissionService; +import org.sonar.server.permission.PermissionChange; +import org.sonar.server.tester.UserSessionRule; +import org.sonar.server.ws.WsTester; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; +import static org.sonar.server.permission.ws.AddGroupAction.ACTION; + +public class AddGroupActionTest { + UserSessionRule userSession = UserSessionRule.standalone(); + WsTester ws; + @Rule + public DbTester db = DbTester.create(System2.INSTANCE); + @Rule + public ExpectedException expectedException = ExpectedException.none(); + private InternalPermissionService permissionService; + + @Before + public void setUp() { + permissionService = mock(InternalPermissionService.class); + ws = new WsTester(new PermissionsWs( + new AddGroupAction(permissionService))); + userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN); + } + + @Test + public void call_permission_service_with_right_data() throws Exception { + ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(AddGroupAction.PARAM_GROUP_NAME, "sonar-administrators") + .setParam(AddGroupAction.PARAM_PERMISSION, SYSTEM_ADMIN) + .execute(); + + ArgumentCaptor permissionChangeCaptor = ArgumentCaptor.forClass(PermissionChange.class); + verify(permissionService).addPermission(permissionChangeCaptor.capture()); + PermissionChange permissionChange = permissionChangeCaptor.getValue(); + assertThat(permissionChange.group()).isEqualTo("sonar-administrators"); + assertThat(permissionChange.permission()).isEqualTo(SYSTEM_ADMIN); + } + + @Test + public void get_request_are_not_authorized() throws Exception { + expectedException.expect(ServerException.class); + + ws.newGetRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(AddGroupAction.PARAM_GROUP_NAME, "sonar-administrators") + .setParam(AddGroupAction.PARAM_PERMISSION, SYSTEM_ADMIN) + .execute(); + } + + @Test + public void fail_when_group_name_is_missing() throws Exception { + expectedException.expect(IllegalArgumentException.class); + + ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(AddGroupAction.PARAM_PERMISSION, SYSTEM_ADMIN) + .execute(); + } + + @Test + public void fail_when_permission_is_missing() throws Exception { + expectedException.expect(IllegalArgumentException.class); + + ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(AddGroupAction.PARAM_GROUP_NAME, "sonar-administrators") + .execute(); + } +} diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java new file mode 100644 index 00000000000..ca3956f90c0 --- /dev/null +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java @@ -0,0 +1,35 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +package org.sonar.server.permission.ws; + +import org.junit.Test; +import org.sonar.core.platform.ComponentContainer; + +import static org.assertj.core.api.Assertions.assertThat; + +public class PermissionsWsModuleTest { + @Test + public void verify_count_of_added_components() { + ComponentContainer container = new ComponentContainer(); + new PermissionsWsModule().configure(container); + assertThat(container.size()).isEqualTo(4); + } +} -- 2.39.5