From 26a66e82e56e73f0428fa436b98b0829bf5e2502 Mon Sep 17 00:00:00 2001 From: Guillaume Jambet Date: Thu, 2 Nov 2017 17:18:09 +0100 Subject: [PATCH] SONAR-10040 add length validation to Quality Gates ws --- .../org/sonar/server/qualitygate/QualityGates.java | 14 ++++++-------- .../sonar/server/qualitygate/ws/CreateAction.java | 6 ++++-- .../qualitygate/ws/CreateConditionAction.java | 6 +++--- .../server/qualitygate/ws/QualityGatesWs.java | 4 ++++ .../sonar/server/qualitygate/ws/RenameAction.java | 10 ++++++---- 5 files changed, 23 insertions(+), 17 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java index 0f940595faf..fce67bf44a4 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java @@ -42,10 +42,12 @@ import org.sonar.db.qualitygate.QualityGateDto; import org.sonar.server.exceptions.NotFoundException; import org.sonar.server.organization.DefaultOrganizationProvider; import org.sonar.server.user.UserSession; -import org.sonar.server.util.Validation; import static java.lang.String.format; import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; +import static org.sonar.server.util.Validation.CANT_BE_EMPTY_MESSAGE; +import static org.sonar.server.util.Validation.IS_ALREADY_USED_MESSAGE; +import static org.sonar.server.ws.WsUtils.checkFound; import static org.sonar.server.ws.WsUtils.checkRequest; /** @@ -207,18 +209,14 @@ public class QualityGates { private QualityGateDto getNonNullQgate(String name) { try (DbSession dbSession = dbClient.openSession(false)) { - QualityGateDto qGate = dao.selectByName(dbSession, name); - if (qGate == null) { - throw new NotFoundException("There is no quality gate with name=" + name); - } - return qGate; + return checkFound(dao.selectByName(dbSession, name), "There is no quality gate with name=%s", name); } } private void validateQualityGate(DbSession dbSession, @Nullable Long updatingQgateId, @Nullable String name) { List errors = new ArrayList<>(); if (Strings.isNullOrEmpty(name)) { - errors.add(format(Validation.CANT_BE_EMPTY_MESSAGE, "Name")); + errors.add(format(CANT_BE_EMPTY_MESSAGE, "Name")); } else { checkQgateNotAlreadyExists(dbSession, updatingQgateId, name, errors); } @@ -229,7 +227,7 @@ public class QualityGates { QualityGateDto existingQgate = dao.selectByName(dbSession, name); boolean isModifyingCurrentQgate = updatingQgateId != null && existingQgate != null && existingQgate.getId().equals(updatingQgateId); if (!isModifyingCurrentQgate && existingQgate != null) { - errors.add(format(Validation.IS_ALREADY_USED_MESSAGE, "Name")); + errors.add(format(IS_ALREADY_USED_MESSAGE, "Name")); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java index 01dc2cfa315..0bcecbe7a80 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java @@ -37,6 +37,7 @@ import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM public class CreateAction implements QualityGatesWsAction { + public static final int NAME_MAXIMUM_LENGTH = 100; private final DbClient dbClient; private final UserSession userSession; private final QualityGateUpdater qualityGateUpdater; @@ -53,15 +54,16 @@ public class CreateAction implements QualityGatesWsAction { @Override public void define(WebService.NewController controller) { WebService.NewAction action = controller.createAction(ACTION_CREATE) + .setPost(true) .setDescription("Create a Quality Gate.
" + "Requires the 'Administer Quality Gates' permission.") .setSince("4.3") - .setPost(true) .setHandler(this); action.createParam(PARAM_NAME) - .setDescription("The name of the quality gate to create") .setRequired(true) + .setMaximumLength(NAME_MAXIMUM_LENGTH) + .setDescription("The name of the quality gate to create") .setExampleValue("My Quality Gate"); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java index 63643947b8d..e63722b4354 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java @@ -24,9 +24,9 @@ import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService; import org.sonar.db.DbClient; import org.sonar.db.DbSession; +import org.sonar.db.permission.OrganizationPermission; import org.sonar.db.qualitygate.QualityGateConditionDto; import org.sonar.server.organization.DefaultOrganizationProvider; -import org.sonar.db.permission.OrganizationPermission; import org.sonar.server.qualitygate.QualityGateConditionsUpdater; import org.sonar.server.user.UserSession; import org.sonarqube.ws.WsQualityGates.CreateConditionWsResponse; @@ -61,16 +61,16 @@ public class CreateConditionAction implements QualityGatesWsAction { @Override public void define(WebService.NewController controller) { WebService.NewAction createCondition = controller.createAction(ACTION_CREATE_CONDITION) + .setPost(true) .setDescription("Add a new condition to a quality gate.
" + "Requires the 'Administer Quality Gates' permission.") - .setPost(true) .setSince("4.3") .setHandler(this); createCondition .createParam(PARAM_GATE_ID) - .setDescription("ID of the quality gate") .setRequired(true) + .setDescription("ID of the quality gate") .setExampleValue("1"); addConditionParams(createCondition); diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QualityGatesWs.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QualityGatesWs.java index 3353d93c21e..41865e75d92 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QualityGatesWs.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QualityGatesWs.java @@ -36,6 +36,8 @@ import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_WARNING; public class QualityGatesWs implements WebService { + + private static final int CONDITION_MAX_LENGTH = 64; private final QualityGatesWsAction[] actions; public QualityGatesWs(QualityGatesWsAction... actions) { @@ -78,10 +80,12 @@ public class QualityGatesWs implements WebService { .setPossibleValues("1"); action.createParam(PARAM_WARNING) + .setMaximumLength(CONDITION_MAX_LENGTH) .setDescription("Condition warning threshold") .setExampleValue("5"); action.createParam(PARAM_ERROR) + .setMaximumLength(CONDITION_MAX_LENGTH) .setDescription("Condition error threshold") .setExampleValue("10"); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java index 192493ad890..8f49fffc6a9 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java @@ -26,6 +26,7 @@ import org.sonar.api.utils.text.JsonWriter; import org.sonar.db.qualitygate.QualityGateDto; import org.sonar.server.qualitygate.QualityGates; +import static org.sonar.server.qualitygate.ws.CreateAction.NAME_MAXIMUM_LENGTH; import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_ID; import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_NAME; @@ -40,20 +41,21 @@ public class RenameAction implements QualityGatesWsAction { @Override public void define(WebService.NewController controller) { WebService.NewAction action = controller.createAction("rename") + .setPost(true) .setDescription("Rename a Quality Gate.
" + - "Requires the 'Administer Quality Gates' permission.") + "Requires the 'Administer Quality Gates' permission.") .setSince("4.3") - .setPost(true) .setHandler(this); action.createParam(PARAM_ID) - .setDescription("ID of the quality gate to rename") .setRequired(true) + .setDescription("ID of the quality gate to rename") .setExampleValue("1"); action.createParam(PARAM_NAME) - .setDescription("New name of the quality gate") .setRequired(true) + .setMaximumLength(NAME_MAXIMUM_LENGTH) + .setDescription("New name of the quality gate") .setExampleValue("My Quality Gate"); } -- 2.39.5