From 456f46662f89717382a910f192df1f44cd8b8fd4 Mon Sep 17 00:00:00 2001
From: Simon Brandhof
Date: Sun, 19 Feb 2017 15:35:37 +0100
Subject: [PATCH] Use the methods UserSession accepting OrganizationPermission
param
---
.../java/org/sonar/ce/user/CeUserSession.java | 4 +-
.../sonar/server/batch/ProjectDataLoader.java | 3 +-
.../org/sonar/server/ce/ws/TaskAction.java | 6 +--
.../computation/queue/ReportSubmitter.java | 14 +++---
.../server/organization/ws/DeleteAction.java | 4 +-
.../organization/ws/EnableSupportAction.java | 4 +-
.../ws/SearchMyOrganizationsAction.java | 5 +-
.../server/organization/ws/UpdateAction.java | 4 +-
.../PermissionPrivilegeChecker.java | 5 +-
.../server/project/ws/BulkDeleteAction.java | 4 +-
.../sonar/server/project/ws/CreateAction.java | 4 +-
.../sonar/server/project/ws/DeleteAction.java | 4 +-
.../sonar/server/project/ws/GhostsAction.java | 4 +-
.../server/project/ws/ProvisionedAction.java | 4 +-
.../sonar/server/project/ws/SearchAction.java | 4 +-
.../server/qualitygate/QualityGates.java | 4 +-
.../server/qualitygate/ws/AppAction.java | 4 +-
.../server/qualitygate/ws/CreateAction.java | 4 +-
.../qualitygate/ws/CreateConditionAction.java | 4 +-
.../server/qualitygate/ws/SelectAction.java | 4 +-
.../qualitygate/ws/UpdateConditionAction.java | 4 +-
.../QProfileProjectOperations.java | 4 +-
.../qualityprofile/QProfileService.java | 5 +-
.../qualityprofile/ws/QProfileWsSupport.java | 5 +-
.../org/sonar/server/rule/ws/AppAction.java | 5 +-
.../sonar/server/rule/ws/RuleWsSupport.java | 5 +-
.../server/setting/ws/SettingsWsSupport.java | 11 +++--
.../sonar/server/ui/ws/ComponentAction.java | 16 +++----
.../server/ui/ws/OrganizationAction.java | 11 ++---
.../server/user/AbstractUserSession.java | 17 +++----
.../org/sonar/server/user/DoPrivileged.java | 3 +-
.../sonar/server/user/ServerUserSession.java | 3 +-
.../server/user/ThreadLocalUserSession.java | 22 ++++-----
.../org/sonar/server/user/UserSession.java | 1 -
.../sonar/server/user/ws/CurrentAction.java | 9 ++--
.../server/user/ws/DeactivateAction.java | 7 +--
.../server/usergroups/ws/AddUserAction.java | 4 +-
.../server/usergroups/ws/CreateAction.java | 4 +-
.../server/usergroups/ws/DeleteAction.java | 6 +--
.../usergroups/ws/RemoveUserAction.java | 6 +--
.../server/usergroups/ws/SearchAction.java | 4 +-
.../server/usergroups/ws/UpdateAction.java | 4 +-
.../server/usergroups/ws/UsersAction.java | 4 +-
.../server/batch/ProjectDataLoaderTest.java | 3 +-
.../sonar/server/ce/ws/TaskActionTest.java | 5 +-
.../queue/ReportSubmitterTest.java | 11 +++--
.../organization/ws/DeleteActionTest.java | 4 +-
.../ws/EnableSupportActionTest.java | 5 +-
.../organization/ws/UpdateActionTest.java | 6 +--
.../permission/ws/AddGroupActionTest.java | 3 +-
.../permission/ws/BasePermissionWsTest.java | 6 +--
...AddProjectCreatorToTemplateActionTest.java | 3 +-
.../template/AddUserToTemplateActionTest.java | 4 +-
.../ws/template/ApplyTemplateActionTest.java | 4 +-
.../ws/template/CreateTemplateActionTest.java | 4 +-
.../ws/template/DeleteTemplateActionTest.java | 4 +-
.../RemoveGroupFromTemplateActionTest.java | 4 +-
.../template/SearchTemplatesActionTest.java | 6 +--
.../ws/template/TemplateUsersActionTest.java | 4 +-
.../ws/template/UpdateTemplateActionTest.java | 4 +-
.../project/ws/BulkDeleteActionTest.java | 6 +--
.../server/project/ws/CreateActionTest.java | 12 ++---
.../server/project/ws/DeleteActionTest.java | 6 +--
.../server/project/ws/GhostsActionTest.java | 35 +++++++-------
.../project/ws/ProvisionedActionTest.java | 47 ++++++++++---------
.../server/project/ws/SearchActionTest.java | 34 +++++++-------
.../server/qualitygate/ws/AppActionTest.java | 4 +-
.../qualitygate/ws/CreateActionTest.java | 7 ++-
.../ws/CreateConditionActionTest.java | 7 ++-
.../qualitygate/ws/DeselectActionTest.java | 4 +-
.../qualitygate/ws/SelectActionTest.java | 4 +-
.../ws/UpdateConditionActionTest.java | 7 ++-
.../QProfileServiceMediumTest.java | 4 +-
.../ws/AddProjectActionTest.java | 4 +-
.../ws/ChangeParentActionMediumTest.java | 4 +-
.../qualityprofile/ws/CopyActionTest.java | 4 +-
.../qualityprofile/ws/CreateActionTest.java | 4 +-
.../qualityprofile/ws/DeleteActionTest.java | 4 +-
.../qualityprofile/ws/RenameActionTest.java | 4 +-
.../qualityprofile/ws/RestoreActionTest.java | 4 +-
.../ws/RestoreBuiltInActionTest.java | 4 +-
.../ws/SetDefaultActionTest.java | 4 +-
.../server/rule/RegisterRulesMediumTest.java | 4 +-
.../sonar/server/rule/ws/AppActionTest.java | 4 +-
.../server/rule/ws/DeleteActionTest.java | 4 +-
.../server/rule/ws/ShowActionMediumTest.java | 4 +-
.../rule/ws/UpdateActionMediumTest.java | 4 +-
.../setting/ws/ListDefinitionsActionTest.java | 8 ++--
.../server/setting/ws/ValuesActionTest.java | 7 +--
.../tester/AbstractMockUserSession.java | 23 ++++-----
.../sonar/server/tester/UserSessionRule.java | 40 ++++++++--------
.../server/ui/ws/ComponentActionTest.java | 12 ++---
.../server/ui/ws/OrganizationActionTest.java | 15 +++---
.../server/user/ServerUserSessionTest.java | 43 +++++++++--------
.../server/user/ws/CurrentActionTest.java | 10 ++--
.../usergroups/ws/AddUserActionTest.java | 4 +-
.../usergroups/ws/CreateActionTest.java | 4 +-
.../usergroups/ws/DeleteActionTest.java | 4 +-
.../usergroups/ws/RemoveUserActionTest.java | 3 +-
.../usergroups/ws/SearchActionTest.java | 6 +--
.../usergroups/ws/UpdateActionTest.java | 4 +-
.../server/usergroups/ws/UsersActionTest.java | 4 +-
102 files changed, 380 insertions(+), 373 deletions(-)
diff --git a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
index 9ef58ff8d96..9a045b346dd 100644
--- a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
+++ b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
@@ -87,12 +87,12 @@ public class CeUserSession implements UserSession {
}
@Override
- public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
+ public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
throw notImplemented();
}
@Override
- public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
throw notImplemented();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
index fab76d2bb55..5b2b8ce604c 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
@@ -38,6 +38,7 @@ import org.sonar.scanner.protocol.input.FileData;
import org.sonar.scanner.protocol.input.ProjectRepositories;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static com.google.common.collect.Lists.newArrayList;
@@ -68,7 +69,7 @@ public class ProjectDataLoader {
}
boolean hasScanPerm = userSession.hasComponentPermission(SCAN_EXECUTION, module) ||
- userSession.hasOrganizationPermission(module.getOrganizationUuid(), SCAN_EXECUTION);
+ userSession.hasPermission(OrganizationPermission.SCAN, module.getOrganizationUuid());
boolean hasBrowsePerm = userSession.hasComponentPermission(USER, module);
checkPermission(query.isIssuesMode(), hasScanPerm, hasBrowsePerm);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java b/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java
index b59b991a7fa..aa52c814cf5 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java
@@ -38,12 +38,12 @@ import org.sonar.db.DbSession;
import org.sonar.db.ce.CeActivityDto;
import org.sonar.db.ce.CeQueueDto;
import org.sonar.db.component.ComponentDto;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.ws.WsUtils;
import org.sonarqube.ws.WsCe;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
@@ -118,8 +118,8 @@ public class TaskAction implements CeWsAction {
private void checkPermission(Optional component) {
if (component.isPresent()) {
String orgUuid = component.get().getOrganizationUuid();
- if (!userSession.hasOrganizationPermission(orgUuid, SYSTEM_ADMIN) &&
- !userSession.hasOrganizationPermission(orgUuid, SCAN_EXECUTION) &&
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER, orgUuid) &&
+ !userSession.hasPermission(OrganizationPermission.SCAN, orgUuid) &&
!userSession.hasComponentPermission(SCAN_EXECUTION, component.get())) {
throw insufficientPrivilegesException();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java b/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java
index d0a4679963b..7febecaf5d4 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java
@@ -37,12 +37,12 @@ import org.sonar.db.organization.OrganizationDto;
import org.sonar.server.component.ComponentUpdater;
import org.sonar.server.component.NewComponent;
import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.permission.PermissionTemplateService;
import org.sonar.server.user.UserSession;
import static com.google.common.base.Preconditions.checkArgument;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.server.component.NewComponent.newComponentBuilder;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
@@ -75,7 +75,7 @@ public class ReportSubmitter {
OrganizationDto organizationDto = getOrganizationDtoOrFail(dbSession, organizationKey);
Optional opt = dbClient.componentDao().selectByKey(dbSession, effectiveProjectKey);
ensureOrganizationIsConsistent(opt, organizationDto);
- ComponentDto project = opt.or(() -> createProject(dbSession, organizationDto.getUuid(), projectKey, projectBranch, projectName));
+ ComponentDto project = opt.or(() -> createProject(dbSession, organizationDto, projectKey, projectBranch, projectName));
checkScanPermission(project);
return submitReport(dbSession, reportInput, project);
}
@@ -88,7 +88,7 @@ public class ReportSubmitter {
// That means that dropping the permission on the project does not have any effects
// if user has still the permission on the organization
if (!userSession.hasComponentPermission(SCAN_EXECUTION, project) &&
- !userSession.hasOrganizationPermission(project.getOrganizationUuid(), SCAN_EXECUTION)) {
+ !userSession.hasPermission(OrganizationPermission.SCAN, project.getOrganizationUuid())) {
throw insufficientPrivilegesException();
}
}
@@ -106,18 +106,18 @@ public class ReportSubmitter {
}
}
- private ComponentDto createProject(DbSession dbSession, String organizationUuid, String projectKey, @Nullable String projectBranch, @Nullable String projectName) {
- userSession.checkOrganizationPermission(organizationUuid, PROVISIONING);
+ private ComponentDto createProject(DbSession dbSession, OrganizationDto organization, String projectKey, @Nullable String projectBranch, @Nullable String projectName) {
+ userSession.checkPermission(OrganizationPermission.PROVISION_PROJECTS, organization);
Integer userId = userSession.getUserId();
boolean wouldCurrentUserHaveScanPermission = permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(
- dbSession, organizationUuid, userId, projectBranch, projectKey, Qualifiers.PROJECT);
+ dbSession, organization.getUuid(), userId, projectBranch, projectKey, Qualifiers.PROJECT);
if (!wouldCurrentUserHaveScanPermission) {
throw insufficientPrivilegesException();
}
NewComponent newProject = newComponentBuilder()
- .setOrganizationUuid(organizationUuid)
+ .setOrganizationUuid(organization.getUuid())
.setKey(projectKey)
.setName(StringUtils.defaultIfBlank(projectName, projectKey))
.setBranch(projectBranch)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
index 5fea4d45964..65a4f3a7098 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
@@ -34,8 +34,8 @@ import org.sonar.server.organization.OrganizationFlags;
import org.sonar.server.user.UserSession;
import static com.google.common.base.Preconditions.checkArgument;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
public class DeleteAction implements OrganizationsAction {
@@ -90,7 +90,7 @@ public class DeleteAction implements OrganizationsAction {
if (organizationDto.isGuarded()) {
userSession.checkIsSystemAdministrator();
} else {
- userSession.checkOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, organizationDto);
}
deleteProjects(dbSession, organizationDto.getUuid());
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java
index 60427f8cb93..ec596176b79 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java
@@ -26,10 +26,10 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.organization.OrganizationFlags;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static java.util.Objects.requireNonNull;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
public class EnableSupportAction implements OrganizationsAction {
private static final String ACTION = "enable_support";
@@ -73,7 +73,7 @@ public class EnableSupportAction implements OrganizationsAction {
}
private void verifySystemAdministrator() {
- userSession.checkLoggedIn().checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkPermission(OrganizationPermission.ADMINISTER, defaultOrganizationProvider.get().getUuid());
}
private boolean isSupportDisabled(DbSession dbSession) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
index 52bbc0440a7..128a4f9010b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
@@ -25,10 +25,9 @@ import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.text.JsonWriter;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-
public class SearchMyOrganizationsAction implements OrganizationsAction {
private static final String ACTION = "search_my_organizations";
@@ -62,7 +61,7 @@ public class SearchMyOrganizationsAction implements OrganizationsAction {
JsonWriter jsonWriter = response.newJsonWriter()) {
jsonWriter.beginObject();
jsonWriter.name("organizations").beginArray();
- dbClient.organizationDao().selectByPermission(dbSession, userSession.getUserId(), SYSTEM_ADMIN)
+ dbClient.organizationDao().selectByPermission(dbSession, userSession.getUserId(), OrganizationPermission.ADMINISTER.getKey())
.forEach(dto -> jsonWriter.value(dto.getKey()));
jsonWriter.endArray();
jsonWriter.endObject();
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java
index ac51fe383fc..4ec8e70b7e2 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java
@@ -34,12 +34,12 @@ import org.sonar.server.user.UserSession;
import org.sonarqube.ws.Organizations;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_AVATAR_URL;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_DESCRIPTION;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_NAME;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_URL;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
public class UpdateAction implements OrganizationsAction {
@@ -93,7 +93,7 @@ public class UpdateAction implements OrganizationsAction {
OrganizationDto dto = getDto(dbSession, key);
- userSession.checkOrganizationPermission(dto.getUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, dto);
dto.setName(updateRequest.getName().or(dto::getName))
.setDescription(updateRequest.getDescription().or(dto::getDescription))
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java
index bce14f0dd9b..6c152c60f07 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java
@@ -23,7 +23,6 @@ import java.util.Optional;
import org.sonar.api.web.UserRole;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
public class PermissionPrivilegeChecker {
@@ -34,7 +33,7 @@ public class PermissionPrivilegeChecker {
public static void checkGlobalAdmin(UserSession userSession, String organizationUuid) {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(organizationUuid, SYSTEM_ADMIN);
+ .checkPermission(OrganizationPermission.ADMINISTER, organizationUuid);
}
/**
@@ -45,7 +44,7 @@ public class PermissionPrivilegeChecker {
public static void checkProjectAdmin(UserSession userSession, String organizationUuid, Optional projectId) {
userSession.checkLoggedIn();
- if (userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN)) {
+ if (userSession.hasPermission(OrganizationPermission.ADMINISTER, organizationUuid)) {
return;
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
index e8d367668f4..65f33bac311 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
@@ -25,7 +25,6 @@ import javax.annotation.Nullable;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
@@ -33,6 +32,7 @@ import org.sonar.db.organization.OrganizationDto;
import org.sonar.server.component.ComponentCleanerService;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
public class BulkDeleteAction implements ProjectsWsAction {
@@ -104,7 +104,7 @@ public class BulkDeleteAction implements ProjectsWsAction {
return Optional.empty();
}
OrganizationDto org = support.getOrganization(dbSession, orgKey);
- userSession.checkOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, org);
return Optional.of(org);
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java
index 18337852195..641c3e544b5 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java
@@ -35,8 +35,8 @@ import org.sonarqube.ws.client.project.CreateRequest;
import static java.util.Optional.ofNullable;
import static org.sonar.api.resources.Qualifiers.PROJECT;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.server.component.NewComponent.newComponentBuilder;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonar.server.project.ws.ProjectsWsSupport.PARAM_ORGANIZATION;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
@@ -109,7 +109,7 @@ public class CreateAction implements ProjectsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.getOrganization(dbSession, ofNullable(request.getOrganization())
.orElseGet(defaultOrganizationProvider.get()::getKey));
- userSession.checkOrganizationPermission(organization.getUuid(), PROVISIONING);
+ userSession.checkPermission(PROVISION_PROJECTS, organization);
ComponentDto componentDto = componentUpdater.create(dbSession, newComponentBuilder()
.setOrganizationUuid(organization.getUuid())
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
index 9af482443a2..4174ccb637d 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
@@ -23,12 +23,12 @@ import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
import org.sonar.server.component.ComponentCleanerService;
import org.sonar.server.component.ComponentFinder;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static org.sonar.server.component.ComponentFinder.ParamNames.PROJECT_ID_AND_PROJECT;
@@ -92,7 +92,7 @@ public class DeleteAction implements ProjectsWsAction {
private void checkPermission(ComponentDto project) {
if (!userSession.hasComponentPermission(UserRole.ADMIN, project)) {
- userSession.checkOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, project.getOrganizationUuid());
}
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java
index 3378d587852..372972e0778 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java
@@ -29,7 +29,6 @@ import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.api.web.UserRole;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
@@ -40,6 +39,7 @@ import org.sonar.server.user.UserSession;
import static com.google.common.collect.Sets.newHashSet;
import static org.sonar.server.es.SearchOptions.MAX_LIMIT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
public class GhostsAction implements ProjectsWsAction {
@@ -89,7 +89,7 @@ public class GhostsAction implements ProjectsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = getOrganization(dbSession, request);
- userSession.checkOrganizationPermission(organization.getUuid(), UserRole.ADMIN);
+ userSession.checkPermission(ADMINISTER, organization);
long nbOfProjects = dbClient.componentDao().countGhostProjects(dbSession, organization.getUuid(), query);
List projects = dbClient.componentDao().selectGhostProjects(dbSession, organization.getUuid(), query,
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java
index 0c307091781..dd37366e6c8 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java
@@ -30,7 +30,6 @@ import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
@@ -41,6 +40,7 @@ import org.sonar.server.user.UserSession;
import static com.google.common.collect.Sets.newHashSet;
import static org.sonar.server.es.SearchOptions.MAX_LIMIT;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonar.server.project.ws.ProjectsWsSupport.PARAM_ORGANIZATION;
public class ProvisionedAction implements ProjectsWsAction {
@@ -90,7 +90,7 @@ public class ProvisionedAction implements ProjectsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.getOrganization(dbSession,
request.getParam(PARAM_ORGANIZATION).or(defaultOrganizationProvider.get()::getKey));
- userSession.checkOrganizationPermission(organization.getUuid(), GlobalPermissions.PROVISIONING);
+ userSession.checkPermission(PROVISION_PROJECTS, organization);
RowBounds rowBounds = new RowBounds(options.getOffset(), options.getLimit());
List projects = dbClient.componentDao().selectProvisioned(dbSession, organization.getUuid(), query, QUALIFIERS_FILTER, rowBounds);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java
index 3ca4f103486..72b4889dd48 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java
@@ -31,6 +31,7 @@ import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentQuery;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsProjects.SearchWsResponse;
import org.sonarqube.ws.client.project.SearchWsRequest;
@@ -39,7 +40,6 @@ import static com.google.common.base.Preconditions.checkArgument;
import static java.util.Optional.ofNullable;
import static org.sonar.api.resources.Qualifiers.PROJECT;
import static org.sonar.api.resources.Qualifiers.VIEW;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.WsProjects.SearchWsResponse.Component;
import static org.sonarqube.ws.WsProjects.SearchWsResponse.newBuilder;
@@ -98,7 +98,7 @@ public class SearchAction implements ProjectsWsAction {
private SearchWsResponse doHandle(SearchWsRequest request) {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.getOrganization(dbSession, ofNullable(request.getOrganization()).orElseGet(defaultOrganizationProvider.get()::getKey));
- userSession.checkOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, organization);
ComponentQuery query = buildQuery(request);
Paging paging = buildPaging(dbSession, request, organization, query);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
index f260216f69c..ebec7083a15 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
@@ -41,10 +41,10 @@ import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.Errors;
import org.sonar.server.exceptions.Message;
import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.util.Validation;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
/**
@@ -248,7 +248,7 @@ public class QualityGates {
}
private void checkProjectAdmin(ComponentDto project) {
- if (!userSession.hasOrganizationPermission(project.getOrganizationUuid(), QUALITY_GATE_ADMIN)
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, project.getOrganizationUuid())
&& !userSession.hasComponentPermission(UserRole.ADMIN, project)) {
throw insufficientPrivilegesException();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java
index 4a066f11b2f..dbcc50aee0a 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java
@@ -28,12 +28,12 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.metric.MetricDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsQualityGates.AppWsResponse.Metric;
import static org.sonar.api.measures.CoreMetrics.ALERT_STATUS_KEY;
import static org.sonar.api.measures.Metric.ValueType.RATING;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.server.qualitygate.ValidRatingMetrics.isCoreRatingMetric;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.WsQualityGates.AppWsResponse;
@@ -63,7 +63,7 @@ public class AppAction implements QualityGatesWsAction {
@Override
public void handle(Request request, Response response) {
writeProtobuf(AppWsResponse.newBuilder()
- .setEdit(userSession.hasOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_GATE_ADMIN))
+ .setEdit(userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid()))
.addAllMetrics(loadMetrics()
.stream()
.map(AppAction::toMetric)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
index 05d28321462..5ebe970af8b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
@@ -22,11 +22,11 @@ package org.sonar.server.qualitygate.ws;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualitygate.QualityGateDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateUpdater;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsQualityGates.CreateWsResponse;
@@ -66,7 +66,7 @@ public class CreateAction implements QualityGatesWsAction {
@Override
public void handle(Request request, Response response) {
- userSession.checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid());
try (DbSession dbSession = dbClient.openSession(false)) {
QualityGateDto newQualityGate = qualityGateUpdater.create(dbSession, request.mandatoryParam(PARAM_NAME));
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
index c5fdba691f4..b1a00da2365 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
@@ -26,12 +26,12 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualitygate.QualityGateConditionDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateConditionsUpdater;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsQualityGates.CreateConditionWsResponse;
import org.sonarqube.ws.client.qualitygate.CreateConditionRequest;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.core.util.Protobuf.setNullable;
import static org.sonar.server.qualitygate.ws.QualityGatesWs.addConditionParams;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
@@ -77,7 +77,7 @@ public class CreateConditionAction implements QualityGatesWsAction {
@Override
public void handle(Request request, Response response) {
- userSession.checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid());
try (DbSession dbSession = dbClient.openSession(false)) {
writeProtobuf(doHandle(toWsRequest(request), dbSession), request, response);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
index f08093f5c51..5f4f6c777dc 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
@@ -25,7 +25,6 @@ import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.util.Uuids;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
@@ -33,6 +32,7 @@ import org.sonar.db.component.ComponentDto;
import org.sonar.db.property.PropertyDto;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.component.ComponentFinder.ParamNames;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.qualitygate.SelectWsRequest;
@@ -115,7 +115,7 @@ public class SelectAction implements QualityGatesWsAction {
ComponentDto project = selectProjectById(dbSession, projectId)
.or(() -> componentFinder.getByUuidOrKey(dbSession, projectId, projectKey, ParamNames.PROJECT_ID_AND_KEY));
- if (!userSession.hasOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.QUALITY_GATE_ADMIN) &&
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, project.getOrganizationUuid()) &&
!userSession.hasComponentPermission(UserRole.ADMIN, project)) {
throw insufficientPrivilegesException();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
index eefeb8f334c..7768ef5eea5 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
@@ -31,8 +31,8 @@ import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsQualityGates.UpdateConditionWsResponse;
import org.sonarqube.ws.client.qualitygate.UpdateConditionRequest;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.core.util.Protobuf.setNullable;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.server.qualitygate.ws.QualityGatesWs.addConditionParams;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.ACTION_UPDATE_CONDITION;
@@ -77,7 +77,7 @@ public class UpdateConditionAction implements QualityGatesWsAction {
@Override
public void handle(Request request, Response response) {
- userSession.checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.checkPermission(ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid());
try (DbSession dbSession = dbClient.openSession(false)) {
writeProtobuf(doHandle(toWsRequest(request), dbSession), request, response);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java
index 83597a76e62..c372563b0e2 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java
@@ -21,12 +21,12 @@ package org.sonar.server.qualityprofile;
import org.sonar.api.server.ServerSide;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.exceptions.ForbiddenException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.ws.WsUtils;
@@ -78,7 +78,7 @@ public class QProfileProjectOperations {
}
private void checkAdminOnProject(ComponentDto project) {
- if (!userSession.hasOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN) &&
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid()) &&
!userSession.hasComponentPermission(UserRole.ADMIN, project)) {
throw new ForbiddenException("Insufficient privileges");
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java
index 998ae3f9549..bd46ecbfc28 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java
@@ -23,7 +23,6 @@ import java.io.Writer;
import java.util.List;
import javax.annotation.Nullable;
import org.sonar.api.server.ServerSide;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleKey;
@@ -32,6 +31,8 @@ import org.sonar.server.qualityprofile.index.ActiveRuleIndexer;
import org.sonar.server.rule.index.RuleQuery;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+
@ServerSide
public class QProfileService {
@@ -96,6 +97,6 @@ public class QProfileService {
private void verifyAdminPermission() {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .checkPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java
index 371ec76a1c2..e4d940f8e55 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java
@@ -20,10 +20,11 @@
package org.sonar.server.qualityprofile.ws;
import org.sonar.api.server.ServerSide;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+
@ServerSide
public class QProfileWsSupport {
@@ -38,6 +39,6 @@ public class QProfileWsSupport {
public void checkQProfileAdminPermission() {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .checkPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java
index 0f2bbb0a79b..5f5be8c1759 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java
@@ -32,10 +32,9 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-
public class AppAction implements RulesWsAction {
private final Languages languages;
@@ -78,7 +77,7 @@ public class AppAction implements RulesWsAction {
}
private void addPermissions(JsonWriter json) {
- boolean canWrite = userSession.hasOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_PROFILE_ADMIN);
+ boolean canWrite = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
json.prop("canWrite", canWrite);
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java
index 4de9d4fb915..7c84bc528bc 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java
@@ -20,10 +20,11 @@
package org.sonar.server.rule.ws;
import org.sonar.api.server.ServerSide;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+
@ServerSide
public class RuleWsSupport {
private final UserSession userSession;
@@ -37,6 +38,6 @@ public class RuleWsSupport {
public void checkQProfileAdminPermission() {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .checkPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java
index cbd71108547..4ae159af80e 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java
@@ -26,6 +26,7 @@ import org.sonar.api.config.PropertyDefinition;
import org.sonar.api.server.ServerSide;
import org.sonar.db.component.ComponentDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static org.sonar.api.PropertyType.LICENSE;
@@ -57,11 +58,11 @@ public class SettingsWsSupport {
}
boolean isVisible(String key, @Nullable PropertyDefinition definition, Optional component) {
- return hasPermission(SCAN_EXECUTION, component) || (verifySecuredSetting(key, definition, component) && (verifyLicenseSetting(key, definition)));
+ return hasPermission(OrganizationPermission.SCAN, SCAN_EXECUTION, component) || (verifySecuredSetting(key, definition, component) && (verifyLicenseSetting(key, definition)));
}
private boolean verifySecuredSetting(String key, @Nullable PropertyDefinition definition, Optional component) {
- return isLicense(key, definition) || (!key.endsWith(DOT_SECURED) || hasPermission(ADMIN, component));
+ return isLicense(key, definition) || (!key.endsWith(DOT_SECURED) || hasPermission(OrganizationPermission.ADMINISTER, ADMIN, component));
}
private boolean verifyLicenseSetting(String key, @Nullable PropertyDefinition definition) {
@@ -72,12 +73,12 @@ public class SettingsWsSupport {
return key.endsWith(LICENSE_SUFFIX) || key.endsWith(LICENSE_HASH_SUFFIX) || (definition != null && definition.type() == LICENSE);
}
- private boolean hasPermission(String projectOrOrgPermission, Optional component) {
- if (userSession.hasOrganizationPermission(defaultOrganizationProvider.get().getUuid(), projectOrOrgPermission)) {
+ private boolean hasPermission(OrganizationPermission orgPermission, String projectPermission, Optional component) {
+ if (userSession.hasPermission(orgPermission, defaultOrganizationProvider.get().getUuid())) {
return true;
}
return component
- .map(c -> userSession.hasComponentPermission(projectOrOrgPermission, c))
+ .map(c -> userSession.hasComponentPermission(projectPermission, c))
.orElse(false);
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
index dd8839b82d5..f69cb16ec7c 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
@@ -50,6 +50,7 @@ import org.sonar.db.property.PropertyDto;
import org.sonar.db.property.PropertyQuery;
import org.sonar.db.qualitygate.QualityGateDto;
import org.sonar.server.component.ComponentFinder;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateFinder;
import org.sonar.server.qualityprofile.QPMeasureData;
import org.sonar.server.qualityprofile.QualityProfile;
@@ -59,9 +60,8 @@ import org.sonar.server.user.UserSession;
import static org.sonar.api.measures.CoreMetrics.QUALITY_PROFILES_KEY;
import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
@@ -142,8 +142,8 @@ public class ComponentAction implements NavigationWsAction {
writeProfiles(json, session, component);
writeQualityGate(json, session, component);
if (userSession.hasComponentPermission(ADMIN, component) ||
- userSession.hasOrganizationPermission(org.getUuid(), QUALITY_PROFILE_ADMIN) ||
- userSession.hasOrganizationPermission(org.getUuid(), QUALITY_GATE_ADMIN)) {
+ userSession.hasPermission(ADMINISTER_QUALITY_PROFILES, org) ||
+ userSession.hasPermission(ADMINISTER_QUALITY_GATES, org)) {
writeConfiguration(json, component);
}
writeBreadCrumbs(json, session, component);
@@ -229,9 +229,9 @@ public class ComponentAction implements NavigationWsAction {
private void writeConfigPageAccess(JsonWriter json, boolean isProjectAdmin, ComponentDto component) {
boolean isProject = Qualifiers.PROJECT.equals(component.qualifier());
boolean showManualMeasures = isProjectAdmin && !Qualifiers.DIRECTORY.equals(component.qualifier());
- boolean isQualityProfileAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
- boolean isQualityGateAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), QUALITY_GATE_ADMIN);
- boolean isOrganizationAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), SYSTEM_ADMIN);
+ boolean isQualityProfileAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, component.getOrganizationUuid());
+ boolean isQualityGateAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, component.getOrganizationUuid());
+ boolean isOrganizationAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER, component.getOrganizationUuid());
json.prop("showSettings", isProjectAdmin && componentTypeHasProperty(component, PROPERTY_CONFIGURABLE));
json.prop("showQualityProfiles", isProject && (isProjectAdmin || isQualityProfileAdmin));
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
index 2b66b7b9eb3..83e3a1d113d 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
@@ -23,14 +23,13 @@ import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
public class OrganizationAction implements NavigationWsAction {
@@ -80,13 +79,13 @@ public class OrganizationAction implements NavigationWsAction {
}
private void writeOrganization(JsonWriter json, OrganizationDto organization) {
- String organizationUuid = organization.getUuid();
json.name("organization")
.beginObject()
- .prop("canAdmin", userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN))
- .prop("canProvisionProjects", userSession.hasOrganizationPermission(organizationUuid, GlobalPermissions.PROVISIONING))
- .prop("canDelete", organization.isGuarded() ? userSession.isSystemAdministrator() : userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN))
+ .prop("canAdmin", userSession.hasPermission(OrganizationPermission.ADMINISTER, organization))
+ .prop("canProvisionProjects", userSession.hasPermission(OrganizationPermission.PROVISION_PROJECTS, organization))
+ .prop("canDelete", organization.isGuarded() ? userSession.isSystemAdministrator() : userSession.hasPermission(OrganizationPermission.ADMINISTER, organization))
.prop("isDefault", organization.getKey().equals(defaultOrganizationProvider.get().getKey()))
.endObject();
+
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java
index afd2ee8b80c..51ab7daccfb 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java
@@ -39,11 +39,6 @@ public abstract class AbstractUserSession implements UserSession {
return this;
}
- @Override
- public final boolean hasOrganizationPermission(String organizationUuid, String permission) {
- return hasPermission(OrganizationPermission.fromKey(permission), organizationUuid);
- }
-
@Override
public final boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
return hasPermission(permission, organization.getUuid());
@@ -67,12 +62,18 @@ public abstract class AbstractUserSession implements UserSession {
return this;
}
+ protected abstract boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid);
+
@Override
- public final UserSession checkOrganizationPermission(String organizationUuid, String permission) {
- return checkPermission(OrganizationPermission.fromKey(permission), organizationUuid);
+ public final boolean hasOrganizationPermission(String organizationUuid, String permission) {
+ return hasPermission(OrganizationPermission.fromKey(permission), organizationUuid);
}
- protected abstract boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid);
+ @Override
+ public final UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ checkPermission(OrganizationPermission.fromKey(permission), organizationUuid);
+ return this;
+ }
@Override
public final boolean hasComponentPermission(String permission, ComponentDto component) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java b/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java
index ab3f94a7636..ca665e9ac39 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java
@@ -22,12 +22,11 @@ package org.sonar.server.user;
import java.util.Collection;
import java.util.Collections;
import java.util.Optional;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.user.GroupDto;
import org.sonar.server.permission.OrganizationPermission;
/**
- * Allow code to be executed with the highest privileges possible, as if executed by a {@link GlobalPermissions#SYSTEM_ADMIN} account.
+ * Allow code to be executed with the highest privileges possible, as if executed by a {@link OrganizationPermission#ADMINISTER} account.
* @since 4.3
*/
public final class DoPrivileged {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java
index 262e5c72996..5baea280a71 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java
@@ -29,7 +29,6 @@ import java.util.Optional;
import java.util.Set;
import javax.annotation.CheckForNull;
import javax.annotation.Nullable;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.util.stream.Collectors;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
@@ -177,7 +176,7 @@ public class ServerUserSession extends AbstractUserSession {
try (DbSession dbSession = dbClient.openSession(false)) {
if (!organizationFlags.isEnabled(dbSession)) {
String uuidOfDefaultOrg = defaultOrganizationProvider.get().getUuid();
- return hasOrganizationPermission(uuidOfDefaultOrg, GlobalPermissions.SYSTEM_ADMIN);
+ return hasPermission(OrganizationPermission.ADMINISTER, uuidOfDefaultOrg);
}
// organization feature is enabled -> requires to be root
return false;
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
index 6fce68f3f6f..63ab326985b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
@@ -104,6 +104,17 @@ public class ThreadLocalUserSession implements UserSession {
return this;
}
+ @Override
+ public boolean hasOrganizationPermission(String organizationUuid, String permission) {
+ return get().hasOrganizationPermission(organizationUuid, permission);
+ }
+
+ @Override
+ public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ get().checkOrganizationPermission(organizationUuid, permission);
+ return this;
+ }
+
@Override
public UserSession checkComponentPermission(String projectPermission, ComponentDto component) {
get().checkComponentPermission(projectPermission, component);
@@ -137,23 +148,12 @@ public class ThreadLocalUserSession implements UserSession {
return get().hasComponentUuidPermission(permission, componentUuid);
}
- @Override
- public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
- get().checkOrganizationPermission(organizationUuid, permission);
- return this;
- }
-
@Override
public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
get().checkPermission(permission, organization);
return this;
}
- @Override
- public boolean hasOrganizationPermission(String organizationUuid, String permission) {
- return get().hasOrganizationPermission(organizationUuid, permission);
- }
-
@Override
public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
return get().hasPermission(permission, organization);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
index 163185312dc..bf8c0053d79 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
@@ -113,7 +113,6 @@ public interface UserSession {
* component does not exist.
*
* If the permission is not granted, then the organization permission is _not_ checked.
- * There's _no_ automatic fallback on {@link #hasOrganizationPermission(String, String)}.
*
* @param component non-null component.
* @param permission project permission as defined by {@link org.sonar.core.permission.ProjectPermissions}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java
index 8e17b2ebd5d..70a1a425a4c 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java
@@ -19,17 +19,18 @@
*/
package org.sonar.server.user.ws;
+import java.util.Arrays;
import java.util.Collection;
import java.util.Optional;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService.NewController;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static com.google.common.base.Strings.isNullOrEmpty;
@@ -140,9 +141,9 @@ public class CurrentAction implements UsersWsAction {
json.name("global").beginArray();
String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid();
- GlobalPermissions.ALL.stream()
- .filter(permission -> userSession.hasOrganizationPermission(defaultOrganizationUuid, permission))
- .forEach(json::value);
+ Arrays.stream(OrganizationPermission.values())
+ .filter(permission -> userSession.hasPermission(permission, defaultOrganizationUuid))
+ .forEach(permission -> json.value(permission.getKey()));
json.endArray();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
index 1dfbb350a72..00e4d9639b5 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
@@ -35,12 +35,12 @@ import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.user.index.UserIndexer;
import static java.lang.String.format;
import static java.util.Collections.singletonList;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.ws.WsUtils.checkFound;
import static org.sonar.server.ws.WsUtils.checkRequest;
@@ -135,10 +135,11 @@ public class DeactivateAction implements UsersWsAction {
private List selectOrganizationsWithNoMoreAdministrators(DbSession dbSession, UserDto user) {
Set organizationUuids = dbClient.authorizationDao().selectOrganizationUuidsOfUserWithGlobalPermission(
- dbSession, user.getId(), SYSTEM_ADMIN);
+ dbSession, user.getId(), OrganizationPermission.ADMINISTER.getKey());
List problematicOrganizations = new ArrayList<>();
for (String organizationUuid : organizationUuids) {
- int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, organizationUuid, SYSTEM_ADMIN, user.getId());
+ int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession,
+ organizationUuid, OrganizationPermission.ADMINISTER.getKey(), user.getId());
if (remaining == 0) {
problematicOrganizations.add(organizationUuid);
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
index ab5f8a6203e..bf354cda4e3 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
@@ -23,7 +23,6 @@ import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.api.server.ws.WebService.NewController;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
@@ -31,6 +30,7 @@ import org.sonar.db.user.UserGroupDto;
import org.sonar.server.user.UserSession;
import static java.lang.String.format;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
@@ -69,7 +69,7 @@ public class AddUserAction implements UserGroupsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId groupId = support.findGroup(dbSession, request);
- userSession.checkLoggedIn().checkOrganizationPermission(groupId.getOrganizationUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkPermission(ADMINISTER, groupId.getOrganizationUuid());
String login = request.mandatoryParam(PARAM_LOGIN);
UserDto user = dbClient.userDao().selectActiveUserByLogin(dbSession, login);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java
index e67b71596b2..63b21e2323f 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java
@@ -24,7 +24,6 @@ import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.api.server.ws.WebService.NewController;
import org.sonar.api.user.UserGroupValidation;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
@@ -33,6 +32,7 @@ import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsUserGroups;
import static org.sonar.api.user.UserGroupValidation.GROUP_NAME_MAX_LENGTH;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.DESCRIPTION_MAX_LENGTH;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_DESCRIPTION;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
@@ -84,7 +84,7 @@ public class CreateAction implements UserGroupsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.findOrganizationByKey(dbSession, request.param(PARAM_ORGANIZATION_KEY));
- userSession.checkOrganizationPermission(organization.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, organization);
GroupDto group = new GroupDto()
.setOrganizationUuid(organization.getUuid())
.setName(request.mandatoryParam(PARAM_GROUP_NAME))
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
index 1a5ab10e85b..8df8b811ab1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
@@ -30,11 +30,11 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.GroupDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static com.google.common.base.Preconditions.checkArgument;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.defineGroupWsParameters;
@@ -74,7 +74,7 @@ public class DeleteAction implements UserGroupsWsAction {
public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId groupId = support.findGroup(dbSession, request);
- userSession.checkOrganizationPermission(groupId.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, groupId.getOrganizationUuid());
checkNotTryingToDeleteDefaultGroup(dbSession, groupId);
checkNotTryingToDeleteLastAdminGroup(dbSession, groupId);
@@ -105,7 +105,7 @@ public class DeleteAction implements UserGroupsWsAction {
private void checkNotTryingToDeleteLastAdminGroup(DbSession dbSession, GroupId group) {
int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession,
- group.getOrganizationUuid(), SYSTEM_ADMIN, group.getId());
+ group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId());
checkArgument(remaining > 0, "The last system admin group cannot be deleted");
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
index dc0e2b5da57..2a2f6286a44 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
@@ -27,10 +27,10 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
@@ -71,7 +71,7 @@ public class RemoveUserAction implements UserGroupsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId group = support.findGroup(dbSession, request);
- userSession.checkOrganizationPermission(group.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, group.getOrganizationUuid());
String login = request.mandatoryParam(PARAM_LOGIN);
UserDto user = getUser(dbSession, login);
@@ -90,7 +90,7 @@ public class RemoveUserAction implements UserGroupsWsAction {
*/
private void ensureLastAdminIsNotRemoved(DbSession dbSession, GroupId group, UserDto user) {
int remainingAdmins = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroupMember(dbSession,
- group.getOrganizationUuid(), SYSTEM_ADMIN, group.getId(), user.getId());
+ group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId(), user.getId());
if (remainingAdmins == 0) {
throw new BadRequestException("The last administrator user cannot be removed");
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java
index 061951dff3c..a027f606c7d 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java
@@ -39,8 +39,8 @@ import org.sonar.server.es.SearchOptions;
import org.sonar.server.user.UserSession;
import static org.apache.commons.lang.StringUtils.defaultIfBlank;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.es.SearchOptions.MAX_LIMIT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
public class SearchAction implements UserGroupsWsAction {
@@ -92,7 +92,7 @@ public class SearchAction implements UserGroupsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = groupWsSupport.findOrganizationByKey(dbSession, request.param(PARAM_ORGANIZATION_KEY));
- userSession.checkLoggedIn().checkOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkPermission(ADMINISTER, organization);
int limit = dbClient.groupDao().countByQuery(dbSession, organization.getUuid(), query);
List groups = dbClient.groupDao().selectByQuery(dbSession, organization.getUuid(), query, options.getOffset(), pageSize);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java
index 4b0ba22e96c..90105ddf23b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java
@@ -26,7 +26,6 @@ import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.api.server.ws.WebService.NewController;
import org.sonar.api.user.UserGroupValidation;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
@@ -40,6 +39,7 @@ import org.sonarqube.ws.WsUserGroups;
import static org.sonar.api.CoreProperties.CORE_DEFAULT_GROUP;
import static org.sonar.api.user.UserGroupValidation.GROUP_NAME_MAX_LENGTH;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.DESCRIPTION_MAX_LENGTH;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_DESCRIPTION;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
@@ -100,7 +100,7 @@ public class UpdateAction implements UserGroupsWsAction {
checkFound(group, "Could not find a user group with id '%s'.", groupId);
Optional org = dbClient.organizationDao().selectByUuid(dbSession, group.getOrganizationUuid());
checkFoundWithOptional(org, "Could not find organization with id '%s'.", group.getOrganizationUuid());
- userSession.checkOrganizationPermission(org.get().getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, org.get());
boolean changed = false;
String newName = request.param(PARAM_GROUP_NAME);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java
index 85bb5af7a7e..2f10a7db4fc 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java
@@ -33,10 +33,10 @@ import org.sonar.db.DbSession;
import org.sonar.db.user.GroupMembershipQuery;
import org.sonar.db.user.UserMembershipDto;
import org.sonar.db.user.UserMembershipQuery;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static org.sonar.api.utils.Paging.forPageIndex;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.defineGroupWsParameters;
public class UsersAction implements UserGroupsWsAction {
@@ -79,7 +79,7 @@ public class UsersAction implements UserGroupsWsAction {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId group = support.findGroup(dbSession, request);
- userSession.checkOrganizationPermission(group.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, group.getOrganizationUuid());
UserMembershipQuery query = UserMembershipQuery.builder()
.groupId(group.getId())
diff --git a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java
index 634f9a8af8c..93e15fc2ffc 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java
@@ -42,6 +42,7 @@ import org.sonar.server.tester.UserSessionRule;
import static java.lang.String.format;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
public class ProjectDataLoaderTest {
@Rule
@@ -171,7 +172,7 @@ public class ProjectDataLoaderTest {
@Test
public void scan_permission_on_organization_is_enough_even_without_scan_permission_on_project() {
ComponentDto project = dbTester.components().insertProject();
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, project.getOrganizationUuid());
userSession.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
ProjectRepositories repositories = underTest.load(ProjectDataQuery.create().setModuleKey(project.key()).setIssuesMode(true));
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
index 44d02902e1e..f54cbd1d236 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
@@ -43,6 +43,7 @@ import org.sonarqube.ws.WsCe;
import static java.util.Collections.singleton;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.MediaTypes.PROTOBUF;
public class TaskActionTest {
@@ -249,7 +250,7 @@ public class TaskActionTest {
@Test
public void get_project_queue_task_with_scan_permission_on_organization_but_not_on_project() {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, project.getOrganizationUuid());
CeQueueDto task = createAndPersistQueueTask(project);
call(task.getUuid());
@@ -293,7 +294,7 @@ public class TaskActionTest {
@Test
public void get_project_archived_task_with_scan_permission_on_organization_but_not_on_project() {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, project.getOrganizationUuid());
CeActivityDto task = createAndPersistArchivedTask(project);
call(task.getUuid());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java b/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java
index 4c3155aa7d2..413908fa1fb 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java
@@ -55,9 +55,10 @@ import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyZeroInteractions;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
public class ReportSubmitterTest {
@@ -137,7 +138,7 @@ public class ReportSubmitterTest {
OrganizationDto organization = db.organizations().insert();
userSession
.addProjectUuidPermissions(SCAN_EXECUTION, PROJECT_UUID)
- .addOrganizationPermission(organization, PROVISIONING);
+ .addPermission(PROVISION_PROJECTS, organization);
mockSuccessfulPrepareSubmitCall();
ComponentDto createdProject = newProjectDto(organization, PROJECT_UUID).setKey(PROJECT_KEY);
@@ -168,7 +169,7 @@ public class ReportSubmitterTest {
public void no_favorite_when_no_project_creator_permission_on_permission_template() {
userSession
.addProjectUuidPermissions(SCAN_EXECUTION, PROJECT_UUID)
- .addOrganizationPermission(db.getDefaultOrganization(), PROVISIONING);
+ .addPermission(PROVISION_PROJECTS, db.getDefaultOrganization());
mockSuccessfulPrepareSubmitCall();
ComponentDto createdProject = newProjectDto(db.getDefaultOrganization(), PROJECT_UUID).setKey(PROJECT_KEY);
@@ -187,7 +188,7 @@ public class ReportSubmitterTest {
public void submit_a_report_on_new_project_with_scan_permission_on_organization() {
userSession
.addProjectUuidPermissions(SCAN_EXECUTION, PROJECT_UUID)
- .addOrganizationPermission(db.getDefaultOrganization(), PROVISIONING);
+ .addPermission(PROVISION_PROJECTS, db.getDefaultOrganization());
mockSuccessfulPrepareSubmitCall();
ComponentDto project = newProjectDto(db.getDefaultOrganization(), PROJECT_UUID).setKey(PROJECT_KEY);
@@ -205,7 +206,7 @@ public class ReportSubmitterTest {
public void user_with_scan_permission_on_organization_is_allowed_to_submit_a_report_on_existing_project() {
OrganizationDto org = db.organizations().insert();
ComponentDto project = db.components().insertProject(org);
- userSession.addOrganizationPermission(org, SCAN_EXECUTION);
+ userSession.addPermission(SCAN, org);
mockSuccessfulPrepareSubmitCall();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
index c33983050d4..ff023924f06 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
@@ -49,8 +49,8 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class DeleteActionTest {
@@ -295,6 +295,6 @@ public class DeleteActionTest {
}
private void logInAsAdministrator(OrganizationDto organization) {
- userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, organization);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java
index 6f03cc442e1..72c1e5e8824 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java
@@ -29,7 +29,6 @@ import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.OrganizationValidationImpl;
import org.sonar.server.organization.OrganizationFlags;
import org.sonar.server.organization.OrganizationFlagsImpl;
import org.sonar.server.organization.TestDefaultOrganizationProvider;
@@ -38,7 +37,7 @@ import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class EnableSupportActionTest {
@@ -114,7 +113,7 @@ public class EnableSupportActionTest {
}
private void logInAsSystemAdministrator(String login) {
- userSession.logIn(login).addOrganizationPermission(db.getDefaultOrganization().getUuid(), SYSTEM_ADMIN);
+ userSession.logIn(login).addPermission(ADMINISTER, db.getDefaultOrganization());
}
private void call() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java
index 08dc07629bb..ef8682c20fa 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java
@@ -41,10 +41,10 @@ import org.sonarqube.ws.Organizations;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.STRING_257_CHARS_LONG;
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.STRING_65_CHARS_LONG;
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.setParam;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class UpdateActionTest {
private static final String SOME_KEY = "key";
@@ -375,7 +375,7 @@ public class UpdateActionTest {
assertThat(newDto.getUpdatedAt()).isEqualTo(updateAt);
}
- private void logInAsAdministrator(OrganizationDto organizationDto) {
- userSession.logIn().addOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
+ private void logInAsAdministrator(OrganizationDto organization) {
+ userSession.logIn().addPermission(ADMINISTER, organization);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
index f93bdf80f9f..3a6ac2f9230 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
@@ -36,6 +36,7 @@ import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.ComponentTesting.newView;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
@@ -268,7 +269,7 @@ public class AddGroupActionTest extends BasePermissionWsTest {
public void adding_global_permission_fails_if_not_administrator_of_organization() throws Exception {
GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators");
// user is administrator of another organization
- userSession.logIn().addOrganizationPermission("anotherOrg", SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, "anotherOrg");
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
index 7cfa45aad6b..877c19ecbc4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
@@ -41,8 +41,8 @@ import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;
import static org.mockito.Mockito.mock;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public abstract class BasePermissionWsTest {
@@ -87,9 +87,9 @@ public abstract class BasePermissionWsTest {
}
protected void loginAsAdmin(OrganizationDto org, OrganizationDto... otherOrgs) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
for (OrganizationDto otherOrg : otherOrgs) {
- userSession.addOrganizationPermission(otherOrg.getUuid(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, otherOrg);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java
index c2f50ead44a..88319738ed3 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java
@@ -34,6 +34,7 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
@@ -116,7 +117,7 @@ public class AddProjectCreatorToTemplateActionTest extends BasePermissionWsTest<
@Test
public void fail_if_not_admin_of_default_organization() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
index 426b836685e..d0a4cb36226 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
@@ -36,7 +36,7 @@ import org.sonar.server.ws.TestRequest;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
@@ -100,7 +100,7 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest consumer) throws Exception {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java
index 63ce8f422bf..5016f1ab155 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java
@@ -37,7 +37,7 @@ import org.sonar.server.ws.TestRequest;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.security.DefaultGroups.ANYONE;
import static org.sonar.api.web.UserRole.CODEVIEWER;
-import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
@@ -120,7 +120,7 @@ public class RemoveGroupFromTemplateActionTest extends BasePermissionWsTest {
@@ -73,7 +73,7 @@ public class SearchTemplatesActionTest extends BasePermissionWsTest dto.setKey("ghost-key-" + count));
}
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -138,7 +137,7 @@ public class GhostsActionTest {
public void ghost_projects_with_chosen_fields() throws Exception {
OrganizationDto organization = db.organizations().insert();
insertGhostProject(organization);
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -158,7 +157,7 @@ public class GhostsActionTest {
insertGhostProject(organization, dto -> dto.setName("ghost-name-11"));
insertGhostProject(organization, dto -> dto.setName("ghost-name-20"));
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -175,7 +174,7 @@ public class GhostsActionTest {
OrganizationDto organization = db.organizations().insert();
insertGhostProject(organization, dto -> dto.setKey("ghost-key-1"));
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -188,15 +187,15 @@ public class GhostsActionTest {
@Test
public void ghost_projects_base_on_json_example() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto hBaseProject = ComponentTesting.newProjectDto(organizationDto, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
+ OrganizationDto organization = db.organizations().insert();
+ ComponentDto hBaseProject = ComponentTesting.newProjectDto(organization, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
.setKey("org.apache.hbas:hbase")
.setName("HBase")
.setCreatedAt(DateUtils.parseDateTime("2015-03-04T23:03:44+0100"));
dbClient.componentDao().insert(db.getSession(), hBaseProject);
dbClient.snapshotDao().insert(db.getSession(), SnapshotTesting.newAnalysis(hBaseProject)
.setStatus(STATUS_UNPROCESSED));
- ComponentDto roslynProject = ComponentTesting.newProjectDto(organizationDto, "c526ef20-131b-4486-9357-063fa64b5079")
+ ComponentDto roslynProject = ComponentTesting.newProjectDto(organization, "c526ef20-131b-4486-9357-063fa64b5079")
.setKey("com.microsoft.roslyn:roslyn")
.setName("Roslyn")
.setCreatedAt(DateUtils.parseDateTime("2013-03-04T23:03:44+0100"));
@@ -204,22 +203,22 @@ public class GhostsActionTest {
dbClient.snapshotDao().insert(db.getSession(), SnapshotTesting.newAnalysis(roslynProject)
.setStatus(STATUS_UNPROCESSED));
db.getSession().commit();
- userSessionRule.logIn().addOrganizationPermission(organizationDto, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
- .setParam("organization", organizationDto.getKey())
+ .setParam("organization", organization.getKey())
.execute();
assertJson(result.getInput())
.isSimilarTo(Resources.getResource(getClass(), "projects-example-ghosts.json"));
}
- @Test(expected = ForbiddenException.class)
- public void fail_if_does_not_have_sufficient_rights() throws Exception {
- userSessionRule.logIn()
- .addOrganizationPermission(db.getDefaultOrganization(), UserRole.USER)
- .addOrganizationPermission(db.getDefaultOrganization(), UserRole.ISSUE_ADMIN)
- .addOrganizationPermission(db.getDefaultOrganization(), UserRole.CODEVIEWER);
+ @Test
+ public void throws_ForbiddenException_if_not_administrator_of_organization() throws Exception {
+ userSessionRule.logIn();
+
+ expectedException.expect(ForbiddenException.class);
+ expectedException.expectMessage("Insufficient privileges");
underTest.newRequest().execute();
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java
index dc85c23db3c..62bdff5caa1 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java
@@ -28,7 +28,6 @@ import org.sonar.api.server.ws.WebService;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.utils.DateUtils;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
@@ -44,6 +43,8 @@ import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonar.test.JsonAssert.assertJson;
public class ProvisionedActionTest {
@@ -80,14 +81,14 @@ public class ProvisionedActionTest {
@Test
public void all_provisioned_projects_without_analyzed_projects() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto analyzedProject = ComponentTesting.newProjectDto(organizationDto, "analyzed-uuid-1");
- db.components().insertComponents(newProvisionedProject(organizationDto, "1"), newProvisionedProject(organizationDto, "2"), analyzedProject);
+ OrganizationDto org = db.organizations().insert();
+ ComponentDto analyzedProject = ComponentTesting.newProjectDto(org, "analyzed-uuid-1");
+ db.components().insertComponents(newProvisionedProject(org, "1"), newProvisionedProject(org, "2"), analyzedProject);
db.components().insertSnapshot(SnapshotTesting.newAnalysis(analyzedProject));
- userSessionRule.logIn().addOrganizationPermission(organizationDto, GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
TestResponse result = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.execute();
String json = result.getInput();
@@ -111,14 +112,14 @@ public class ProvisionedActionTest {
@Test
public void provisioned_projects_with_correct_pagination() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
+ OrganizationDto org = db.organizations().insert();
for (int i = 1; i <= 10; i++) {
- db.components().insertComponent(newProvisionedProject(organizationDto, String.valueOf(i)));
+ db.components().insertComponent(newProvisionedProject(org, String.valueOf(i)));
}
- userSessionRule.logIn().addOrganizationPermission(organizationDto, GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
TestRequest request = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.setParam(Param.PAGE, "3")
.setParam(Param.PAGE_SIZE, "4");
@@ -131,7 +132,7 @@ public class ProvisionedActionTest {
public void provisioned_projects_with_desired_fields() throws Exception {
OrganizationDto organization = db.organizations().insert();
db.components().insertComponent(newProvisionedProject(organization, "1"));
- userSessionRule.logIn().addOrganizationPermission(organization, GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, organization);
String jsonOutput = underTest.newRequest()
.setParam(PARAM_ORGANIZATION, organization.getKey())
@@ -145,12 +146,12 @@ public class ProvisionedActionTest {
@Test
public void provisioned_projects_with_query() throws Exception {
- OrganizationDto organization = db.organizations().insert();
- db.components().insertComponents(newProvisionedProject(organization, "1"), newProvisionedProject(organization, "2"));
- userSessionRule.logIn().addOrganizationPermission(organization, GlobalPermissions.PROVISIONING);
+ OrganizationDto org = db.organizations().insert();
+ db.components().insertComponents(newProvisionedProject(org, "1"), newProvisionedProject(org, "2"));
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
String jsonOutput = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.setParam(Param.TEXT_QUERY, "PROVISIONED-name-2")
.execute().getInput();
@@ -161,20 +162,20 @@ public class ProvisionedActionTest {
@Test
public void provisioned_projects_as_defined_in_the_example() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto hBaseProject = ComponentTesting.newProjectDto(organizationDto, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
+ OrganizationDto org = db.organizations().insert();
+ ComponentDto hBaseProject = ComponentTesting.newProjectDto(org, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
.setKey("org.apache.hbas:hbase")
.setName("HBase")
.setCreatedAt(DateUtils.parseDateTime("2015-03-04T23:03:44+0100"));
- ComponentDto roslynProject = ComponentTesting.newProjectDto(organizationDto, "c526ef20-131b-4486-9357-063fa64b5079")
+ ComponentDto roslynProject = ComponentTesting.newProjectDto(org, "c526ef20-131b-4486-9357-063fa64b5079")
.setKey("com.microsoft.roslyn:roslyn")
.setName("Roslyn")
.setCreatedAt(DateUtils.parseDateTime("2013-03-04T23:03:44+0100"));
db.components().insertComponents(hBaseProject, roslynProject);
- userSessionRule.logIn().addOrganizationPermission(organizationDto.getUuid(), GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
TestResponse result = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.execute();
assertJson(result.getInput())
@@ -183,9 +184,9 @@ public class ProvisionedActionTest {
@Test
public void fail_when_not_enough_privileges() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- db.components().insertComponent(newProvisionedProject(organizationDto, "1"));
- userSessionRule.logIn().addOrganizationPermission(organizationDto.getUuid(), GlobalPermissions.SCAN_EXECUTION);
+ OrganizationDto organization = db.organizations().insert();
+ db.components().insertComponent(newProvisionedProject(organization, "1"));
+ userSessionRule.logIn().addPermission(SCAN, organization);
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java
index 1aa03aa609f..8fe65742135 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java
@@ -52,14 +52,14 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.server.ws.WebService.Param.PAGE;
import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.core.util.Protobuf.setNullable;
import static org.sonar.db.component.ComponentTesting.newDirectory;
import static org.sonar.db.component.ComponentTesting.newFileDto;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.ComponentTesting.newView;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.MediaTypes.PROTOBUF;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_ORGANIZATION;
@@ -85,7 +85,7 @@ public class SearchActionTest {
@Test
public void search_by_key_query() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey("project-_%-key"),
newProjectDto(db.getDefaultOrganization()).setKey("project-key-without-escaped-characters"));
@@ -97,7 +97,7 @@ public class SearchActionTest {
@Test
public void search_projects_when_no_qualifier_set() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
newView(db.getDefaultOrganization()));
@@ -109,7 +109,7 @@ public class SearchActionTest {
@Test
public void search_projects() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
ComponentDto project = newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1);
ComponentDto module = newModuleDto(project);
ComponentDto directory = newDirectory(module, "dir");
@@ -126,7 +126,7 @@ public class SearchActionTest {
@Test
public void search_views() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
newView(db.getDefaultOrganization()).setKey("view1"));
@@ -138,7 +138,7 @@ public class SearchActionTest {
@Test
public void search_projects_and_views() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
newView(db.getDefaultOrganization()).setKey("view1"));
@@ -150,7 +150,7 @@ public class SearchActionTest {
@Test
public void search_on_default_organization_when_no_organization_set() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
OrganizationDto otherOrganization = db.organizations().insert();
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
@@ -166,7 +166,7 @@ public class SearchActionTest {
public void search_for_projects_on_given_organization() throws IOException {
OrganizationDto organization1 = db.organizations().insert();
OrganizationDto organization2 = db.organizations().insert();
- userSession.addOrganizationPermission(organization1, SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, organization1);
ComponentDto project1 = newProjectDto(organization1);
ComponentDto project2 = newProjectDto(organization1);
ComponentDto project3 = newProjectDto(organization2);
@@ -179,7 +179,7 @@ public class SearchActionTest {
@Test
public void result_is_paginated() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
List componentDtoList = new ArrayList<>();
for (int i = 1; i <= 9; i++) {
componentDtoList.add(newProjectDto(db.getDefaultOrganization(), "project-uuid-" + i).setKey("project-key-" + i).setName("Project Name " + i));
@@ -193,7 +193,7 @@ public class SearchActionTest {
@Test
public void fail_when_not_system_admin() throws Exception {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), QUALITY_PROFILE_ADMIN);
+ userSession.addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
call(SearchWsRequest.builder().build());
@@ -208,7 +208,7 @@ public class SearchActionTest {
@Test
public void fail_on_invalid_qualifier() throws Exception {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), QUALITY_PROFILE_ADMIN);
+ userSession.addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
expectedException.expect(IllegalArgumentException.class);
expectedException.expectMessage("Value of parameter 'qualifiers' (BRC) must be one of: [TRK, VW]");
@@ -256,15 +256,15 @@ public class SearchActionTest {
@Test
public void verify_response_example() throws URISyntaxException, IOException {
- OrganizationDto organizationDto = db.organizations().insertForKey("my-org-1");
- userSession.addOrganizationPermission(organizationDto, SYSTEM_ADMIN);
+ OrganizationDto organization = db.organizations().insertForKey("my-org-1");
+ userSession.addPermission(ADMINISTER, organization);
db.components().insertComponents(
- newProjectDto(organizationDto, "project-uuid-1").setName("Project Name 1").setKey("project-key-1"),
- newProjectDto(organizationDto, "project-uuid-2").setName("Project Name 1").setKey("project-key-2"));
+ newProjectDto(organization, "project-uuid-1").setName("Project Name 1").setKey("project-key-1"),
+ newProjectDto(organization, "project-uuid-2").setName("Project Name 1").setKey("project-key-2"));
String response = ws.newRequest()
.setMediaType(MediaTypes.JSON)
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, organization.getKey())
.execute().getInput();
assertJson(response).isSimilarTo(ws.getDef().responseExampleAsString());
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java
index 083ac36bf40..e20120cf37d 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java
@@ -43,8 +43,8 @@ import static org.sonar.api.measures.Metric.ValueType.DISTRIB;
import static org.sonar.api.measures.Metric.ValueType.INT;
import static org.sonar.api.measures.Metric.ValueType.RATING;
import static org.sonar.api.measures.Metric.ValueType.WORK_DUR;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.MediaTypes.JSON;
@@ -173,7 +173,7 @@ public class AppActionTest {
@Test
public void return_edit_to_true_when_quality_gate_permission() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
AppWsResponse response = executeRequest();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java
index 0c546cc9deb..d64bba04fc1 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java
@@ -25,7 +25,6 @@ import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -41,7 +40,7 @@ import org.sonarqube.ws.MediaTypes;
import org.sonarqube.ws.WsQualityGates.CreateWsResponse;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
public class CreateActionTest {
@@ -88,7 +87,7 @@ public class CreateActionTest {
// as long as organizations don't support Quality gates, the global permission
// is defined on the default organization
OrganizationDto org = db.organizations().insert();
- userSession.logIn().addOrganizationPermission(org, GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, org);
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@@ -118,7 +117,7 @@ public class CreateActionTest {
}
private void logInAsQualityGateAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java
index c1f2de41ab1..2161ca4056d 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java
@@ -29,7 +29,6 @@ import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -48,9 +47,9 @@ import org.sonarqube.ws.MediaTypes;
import org.sonarqube.ws.WsQualityGates.CreateConditionWsResponse;
import static org.assertj.core.api.Java6Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
import static org.sonar.server.computation.task.projectanalysis.metric.Metric.MetricType.PERCENT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_ERROR;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_GATE_ID;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_METRIC;
@@ -132,7 +131,7 @@ public class CreateConditionActionTest {
// as long as organizations don't support Quality gates, the global permission
// is defined on the default organization
OrganizationDto org = db.organizations().insert();
- userSession.logIn().addOrganizationPermission(org, GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, org);
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@@ -205,6 +204,6 @@ public class CreateConditionActionTest {
}
private void logInAsQualityGateAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
index 4b6df910f96..2e841707d30 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
@@ -41,7 +41,7 @@ import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.qualitygate.QualityGates.SONAR_QUALITYGATE_PROPERTY;
public class DeselectActionTest {
@@ -173,7 +173,7 @@ public class DeselectActionTest {
public void fail_when_not_quality_gates_admin() throws Exception {
String gateId = String.valueOf(gate.getId());
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java
index eccbc6af3a2..158eb1d261d 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java
@@ -37,7 +37,7 @@ import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.server.qualitygate.QualityGates.SONAR_QUALITYGATE_PROPERTY;
public class SelectActionTest {
@@ -109,7 +109,7 @@ public class SelectActionTest {
@Test
public void gate_administrator_can_associate_a_gate_to_a_project() throws Exception {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, project.getOrganizationUuid());
String gateId = String.valueOf(gate.getId());
callByKey(gateId, project.getKey());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java
index 85b05684e82..1b961f033b9 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java
@@ -29,7 +29,6 @@ import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -48,9 +47,9 @@ import org.sonarqube.ws.MediaTypes;
import org.sonarqube.ws.WsQualityGates.CreateConditionWsResponse;
import static org.assertj.core.api.Java6Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
import static org.sonar.server.computation.task.projectanalysis.metric.Metric.MetricType.PERCENT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_ERROR;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_ID;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_METRIC;
@@ -140,7 +139,7 @@ public class UpdateConditionActionTest {
// as long as organizations don't support Quality gates, the global permission
// is defined on the default organization
OrganizationDto org = db.organizations().insert();
- userSession.logIn().addOrganizationPermission(org, GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, org);
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@@ -213,7 +212,7 @@ public class UpdateConditionActionTest {
}
private void logInAsQualityGateAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java
index 80035a363c8..19bc21cc4c4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java
@@ -36,7 +36,6 @@ import org.sonar.api.rule.RuleStatus;
import org.sonar.api.rules.Rule;
import org.sonar.api.rules.RulePriority;
import org.sonar.api.utils.ValidationMessages;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.rule.RuleDto;
@@ -54,6 +53,7 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.db.rule.RuleTesting.newXooX1;
import static org.sonar.db.rule.RuleTesting.newXooX2;
import static org.sonar.db.rule.RuleTesting.newXooX3;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.qualityprofile.QProfileTesting.XOO_P1_KEY;
import static org.sonar.server.qualityprofile.QProfileTesting.XOO_P2_KEY;
@@ -226,6 +226,6 @@ public class QProfileServiceMediumTest {
}
private void logInAsQProfileAdministrator() {
- userSessionRule.logIn().addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java
index ab22b08a54a..ee89b268100 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java
@@ -41,7 +41,7 @@ import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.qualityprofile.QProfileTesting.newQProfileDto;
public class AddProjectActionTest {
@@ -121,7 +121,7 @@ public class AddProjectActionTest {
}
private void setUserAsQualityProfileAdmin() {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid());
}
private void executeRequest(ComponentDto project, QualityProfileDto qualityProfile) {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java
index bde959af4ef..6a24e8a33d7 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java
@@ -28,7 +28,6 @@ import org.junit.Test;
import org.sonar.api.rule.RuleKey;
import org.sonar.api.rule.RuleStatus;
import org.sonar.api.rule.Severity;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleDto;
@@ -51,6 +50,7 @@ import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class ChangeParentActionMediumTest {
@@ -76,7 +76,7 @@ public class ChangeParentActionMediumTest {
ruleIndexer = tester.get(RuleIndexer.class);
activeRuleIndexer = tester.get(ActiveRuleIndexer.class);
ruleIndex = tester.get(RuleIndex.class);
- userSessionRule.logIn().addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
}
@After
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java
index d0ab85d9746..c7a09d79f81 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java
@@ -26,7 +26,6 @@ import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
@@ -40,6 +39,7 @@ import org.sonar.server.ws.WsTester;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
@RunWith(MockitoJUnitRunner.class)
public class CopyActionTest {
@@ -153,6 +153,6 @@ public class CopyActionTest {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java
index 97a0e9ff8af..ece09436339 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java
@@ -33,7 +33,6 @@ import org.sonar.api.profiles.RulesProfile;
import org.sonar.api.rules.RulePriority;
import org.sonar.api.utils.System2;
import org.sonar.api.utils.ValidationMessages;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -63,6 +62,7 @@ import org.sonarqube.ws.MediaTypes;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.sonar.server.language.LanguageTesting.newLanguages;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonarqube.ws.QualityProfiles.CreateWsResponse;
import static org.sonarqube.ws.QualityProfiles.CreateWsResponse.QualityProfile;
import static org.sonarqube.ws.QualityProfiles.CreateWsResponse.parseFrom;
@@ -246,6 +246,6 @@ public class CreateActionTest {
private void logInAsQProfileAdministrator() {
userSession
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java
index c1161ba66c8..08ef309c931 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java
@@ -27,7 +27,6 @@ import org.junit.rules.ExpectedException;
import org.sonar.api.resources.Language;
import org.sonar.api.resources.Languages;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -48,6 +47,7 @@ import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class DeleteActionTest {
@@ -190,6 +190,6 @@ public class DeleteActionTest {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java
index 51144c10a46..474c8702340 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java
@@ -24,7 +24,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.qualityprofile.QualityProfileDto;
@@ -40,6 +39,7 @@ import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class RenameActionTest {
@@ -164,6 +164,6 @@ public class RenameActionTest {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java
index 940b488dc4b..06d6ff09d8c 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java
@@ -27,7 +27,6 @@ import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
@@ -45,6 +44,7 @@ import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
@RunWith(MockitoJUnitRunner.class)
public class RestoreActionTest {
@@ -115,6 +115,6 @@ public class RestoreActionTest {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java
index 52a7ada60c1..73e8870add5 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java
@@ -23,7 +23,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.resources.Languages;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.language.LanguageTesting;
@@ -37,6 +36,7 @@ import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class RestoreBuiltInActionTest {
@@ -90,6 +90,6 @@ public class RestoreBuiltInActionTest {
private void logInAsQProfileAdministrator() {
userSession
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java
index c362d2b49ab..430cf129ca2 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java
@@ -25,7 +25,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.qualityprofile.QualityProfileDto;
@@ -42,6 +41,7 @@ import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class SetDefaultActionTest {
@@ -147,7 +147,7 @@ public class SetDefaultActionTest {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
private void createProfiles() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java
index ee464bacec4..9ba2baa50ca 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java
@@ -36,7 +36,6 @@ import org.sonar.api.rule.Severity;
import org.sonar.api.server.debt.DebtRemediationFunction;
import org.sonar.api.server.rule.RuleParamType;
import org.sonar.api.server.rule.RulesDefinition;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleDto;
@@ -60,6 +59,7 @@ import org.sonar.server.tester.UserSessionRule;
import static com.google.common.collect.Sets.newHashSet;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
// TODO remaining tests should be moved to RegisterRulesTest
public class RegisterRulesMediumTest {
@@ -459,6 +459,6 @@ public class RegisterRulesMediumTest {
}
private void logInAsQProfileAdministrator() {
- userSessionRule.logIn().addOrganizationPermission(TESTER.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, TESTER.get(DefaultOrganizationProvider.class).get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java
index e497dc62924..019f8af0e28 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java
@@ -26,7 +26,6 @@ import org.sonar.api.i18n.I18n;
import org.sonar.api.resources.Language;
import org.sonar.api.resources.Languages;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.db.rule.RuleRepositoryDto;
@@ -41,6 +40,7 @@ import static org.mockito.Matchers.anyString;
import static org.mockito.Matchers.isA;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class AppActionTest {
@@ -59,7 +59,7 @@ public class AppActionTest {
AppAction app = new AppAction(languages, db.getDbClient(), i18n, userSessionRule, defaultOrganizationProvider);
WsTester tester = new WsTester(new RulesWs(app));
- userSessionRule.addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
QualityProfileDto profile1 = QProfileTesting.newXooP1();
QualityProfileDto profile2 = QProfileTesting.newXooP2().setParentKee(QProfileTesting.XOO_P1_KEY);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java
index a3ac2ce131d..4b690bb3cfd 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java
@@ -23,7 +23,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.rule.RuleKey;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.organization.DefaultOrganizationProvider;
@@ -34,6 +33,7 @@ import org.sonar.server.ws.WsTester;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class DeleteActionTest {
@@ -77,6 +77,6 @@ public class DeleteActionTest {
private void logInAsQProfileAdministrator() {
userSession
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
index e13c79a9d53..f9f4262e0ca 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
@@ -28,7 +28,6 @@ import org.junit.Test;
import org.sonar.api.rule.RuleKey;
import org.sonar.api.rule.RuleStatus;
import org.sonar.api.rules.RuleType;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleDao;
@@ -53,6 +52,7 @@ import org.sonar.server.ws.WsTester;
import static com.google.common.collect.Sets.newHashSet;
import static org.sonar.api.rule.Severity.MINOR;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class ShowActionMediumTest {
@@ -61,7 +61,7 @@ public class ShowActionMediumTest {
@Rule
public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester).logIn()
- .addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
WsTester wsTester;
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java
index a123a389312..7c720749402 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java
@@ -28,7 +28,6 @@ import org.junit.Test;
import org.sonar.api.rule.RuleKey;
import org.sonar.api.rule.RuleStatus;
import org.sonar.api.rule.Severity;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.rule.RuleDao;
@@ -47,6 +46,7 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
import static org.sonar.api.server.debt.DebtRemediationFunction.Type.LINEAR;
import static org.sonar.api.server.debt.DebtRemediationFunction.Type.LINEAR_OFFSET;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.rule.ws.UpdateAction.PARAM_REMEDIATION_FN_BASE_EFFORT;
import static org.sonar.server.rule.ws.UpdateAction.PARAM_REMEDIATION_FN_GAP_MULTIPLIER;
import static org.sonar.server.rule.ws.UpdateAction.PARAM_REMEDIATION_FN_TYPE;
@@ -178,6 +178,6 @@ public class UpdateActionMediumTest {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java
index 549b204ff0f..e09bc2aecba 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java
@@ -56,9 +56,9 @@ import static org.sonar.api.resources.Qualifiers.PROJECT;
import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.MediaTypes.JSON;
import static org.sonarqube.ws.Settings.Definition.CategoryOneOfCase.CATEGORYONEOF_NOT_SET;
import static org.sonarqube.ws.Settings.Definition.DefaultValueOneOfCase.DEFAULTVALUEONEOF_NOT_SET;
@@ -345,7 +345,7 @@ public class ListDefinitionsActionTest {
@Test
public void return_secured_settings_when_not_authenticated_but_with_scan_permission() throws Exception {
- userSession.anonymous().addOrganizationPermission(db.getDefaultOrganization(), SCAN_EXECUTION);
+ userSession.anonymous().addPermission(SCAN, db.getDefaultOrganization());
propertyDefinitions.addComponents(asList(
PropertyDefinition.builder("foo").build(),
PropertyDefinition.builder("secret.secured").build(),
@@ -480,7 +480,7 @@ public class ListDefinitionsActionTest {
}
private void logInAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org, SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private void logInAsProjectAdmin() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
index 23aea49481c..373e11be609 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
@@ -67,11 +67,12 @@ import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.USER;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.property.PropertyTesting.newComponentPropertyDto;
import static org.sonar.db.property.PropertyTesting.newGlobalPropertyDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.MediaTypes.JSON;
import static org.sonarqube.ws.Settings.Setting.ParentValueOneOfCase.PARENTVALUEONEOF_NOT_SET;
@@ -550,7 +551,7 @@ public class ValuesActionTest {
@Test
public void return_global_secured_settings_when_not_authenticated_but_with_scan_permission() throws Exception {
- userSession.anonymous().addOrganizationPermission(db.getDefaultOrganization(), SCAN_EXECUTION);
+ userSession.anonymous().addPermission(SCAN, db.getDefaultOrganization());
definitions.addComponents(asList(
PropertyDefinition.builder("foo").build(),
PropertyDefinition.builder("secret.secured").build(),
@@ -838,7 +839,7 @@ public class ValuesActionTest {
}
private void logInAsAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, db.getDefaultOrganization());
}
private void logInAsProjectAdmin() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java b/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java
index 2371ce51a85..0fb052da600 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java
@@ -41,6 +41,17 @@ public abstract class AbstractMockUserSession
this.clazz = clazz;
}
+ public T addPermission(OrganizationPermission permission, String organizationUuid) {
+ permissionsByOrganizationUuid.put(organizationUuid, permission);
+ return clazz.cast(this);
+ }
+
+ @Override
+ protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
+ return permissionsByOrganizationUuid.get(organizationUuid).contains(permission);
+ }
+
+
public T addProjectUuidPermissions(String projectPermission, String... projectUuids) {
this.projectPermissionsCheckedByUuid.add(projectPermission);
this.projectUuidByPermission.putAll(projectPermission, newArrayList(projectUuids));
@@ -55,12 +66,7 @@ public abstract class AbstractMockUserSession
addProjectUuidPermissions(projectPermission, projectUuid);
return clazz.cast(this);
}
-
- @Override
- protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
- return permissionsByOrganizationUuid.get(organizationUuid).contains(permission);
- }
-
+
@Override
protected Optional componentUuidToProjectUuid(String componentUuid) {
return Optional.ofNullable(projectUuidByComponentUuid.get(componentUuid));
@@ -71,11 +77,6 @@ public abstract class AbstractMockUserSession
return projectPermissionsCheckedByUuid.contains(permission) && projectUuidByPermission.get(permission).contains(projectUuid);
}
- public T addOrganizationPermission(String organizationUuid, String permission) {
- permissionsByOrganizationUuid.put(organizationUuid, OrganizationPermission.fromKey(permission));
- return clazz.cast(this);
- }
-
public T setSystemAdministrator(boolean b) {
this.systemAdministrator = b;
return clazz.cast(this);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java b/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java
index 9411379652f..4ba09e9fb30 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java
@@ -53,7 +53,7 @@ import static com.google.common.base.Preconditions.checkState;
* In both cases, one can define user session behavior which should apply on all tests directly on the property, eg.:
*
* {@literal @}Rule
- * public UserSessionRule userSessionRule = UserSessionRule.standalone().login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ * public UserSessionRule userSessionRule = UserSessionRule.standalone().login("admin").setOrganizationPermissions(OrganizationPermissions.SYSTEM_ADMIN);
*
*
*
@@ -192,13 +192,13 @@ public class UserSessionRule implements TestRule, UserSession {
return this;
}
- public UserSessionRule addOrganizationPermission(String organizationUuid, String permission) {
- ensureAbstractMockUserSession().addOrganizationPermission(organizationUuid, permission);
+ public UserSessionRule addPermission(OrganizationPermission permission, String organizationUuid) {
+ ensureAbstractMockUserSession().addPermission(permission, organizationUuid);
return this;
}
- public UserSessionRule addOrganizationPermission(OrganizationDto organizationDto, String permission) {
- ensureAbstractMockUserSession().addOrganizationPermission(organizationDto.getUuid(), permission);
+ public UserSessionRule addPermission(OrganizationPermission permission, OrganizationDto organization) {
+ ensureAbstractMockUserSession().addPermission(permission, organization.getUuid());
return this;
}
@@ -292,11 +292,22 @@ public class UserSessionRule implements TestRule, UserSession {
return this;
}
+ @Override
+ public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
+ return currentUserSession.hasPermission(permission, organization);
+ }
+
@Override
public boolean hasPermission(OrganizationPermission permission, String organizationUuid) {
return currentUserSession.hasPermission(permission, organizationUuid);
}
+ @Override
+ public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
+ currentUserSession.checkPermission(permission, organization);
+ return this;
+ }
+
@Override
public UserSession checkPermission(OrganizationPermission permission, String organizationUuid) {
currentUserSession.checkPermission(permission, organizationUuid);
@@ -305,12 +316,13 @@ public class UserSessionRule implements TestRule, UserSession {
@Override
public boolean hasOrganizationPermission(String organizationUuid, String permission) {
- return currentUserSession.hasOrganizationPermission(organizationUuid, permission);
+ return currentUserSession.hasPermission(OrganizationPermission.fromKey(permission), organizationUuid);
}
@Override
- public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
- return currentUserSession.hasPermission(permission, organization);
+ public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ currentUserSession.checkPermission(OrganizationPermission.fromKey(permission), organizationUuid);
+ return this;
}
@Override
@@ -335,16 +347,4 @@ public class UserSessionRule implements TestRule, UserSession {
currentUserSession.checkIsSystemAdministrator();
return this;
}
-
- @Override
- public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
- currentUserSession.checkOrganizationPermission(organizationUuid, permission);
- return this;
- }
-
- @Override
- public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
- currentUserSession.checkPermission(permission, organization);
- return this;
- }
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java
index 0a293bc8974..053145fea5e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java
@@ -35,7 +35,6 @@ import org.sonar.api.web.page.Page;
import org.sonar.api.web.page.Page.Qualifier;
import org.sonar.api.web.page.PageDefinition;
import org.sonar.core.component.DefaultResourceTypes;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.platform.PluginRepository;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
@@ -52,6 +51,7 @@ import org.sonar.db.user.UserDto;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateFinder;
import org.sonar.server.qualityprofile.QPMeasureData;
import org.sonar.server.qualityprofile.QualityProfile;
@@ -65,8 +65,6 @@ import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import static org.sonar.api.measures.CoreMetrics.QUALITY_PROFILES_KEY;
import static org.sonar.api.web.page.Page.Scope.COMPONENT;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
import static org.sonar.db.component.ComponentTesting.newDirectory;
import static org.sonar.db.component.ComponentTesting.newFileDto;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
@@ -74,6 +72,8 @@ import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.SnapshotTesting.newAnalysis;
import static org.sonar.db.measure.MeasureTesting.newMeasureDto;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.test.JsonAssert.assertJson;
public class ComponentActionTest {
@@ -312,7 +312,7 @@ public class ComponentActionTest {
componentDbTester.insertComponent(project);
userSessionRule.logIn()
.addProjectUuidPermissions(UserRole.USER, project.uuid())
- .addOrganizationPermission(project.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid());
executeAndVerify(project.key(), "return_configuration_for_quality_profile_admin.json");
}
@@ -323,7 +323,7 @@ public class ComponentActionTest {
componentDbTester.insertComponent(project);
userSessionRule.logIn()
.addProjectUuidPermissions(UserRole.USER, project.uuid())
- .addOrganizationPermission(project.getOrganizationUuid(), QUALITY_GATE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_GATES, project.getOrganizationUuid());
executeAndVerify(project.key(), "return_configuration_for_quality_gate_admin.json");
}
@@ -389,7 +389,7 @@ public class ComponentActionTest {
userSessionRule.logIn()
.addProjectUuidPermissions(UserRole.ADMIN, project.uuid())
- .addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ .addPermission(OrganizationPermission.ADMINISTER, org);
assertJson(execute(project.key())).isSimilarTo("{\"configuration\": {\"canApplyPermissionTemplate\": true}}");
userSessionRule.logIn()
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
index 46174db1ace..625825e3ac7 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
@@ -36,7 +36,8 @@ import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonar.test.JsonAssert.assertJson;
public class OrganizationActionTest {
@@ -79,8 +80,8 @@ public class OrganizationActionTest {
public void verify_example() {
OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
userSession.logIn()
- .addOrganizationPermission(organization, "admin")
- .addOrganizationPermission(organization, "provisioning");
+ .addPermission(ADMINISTER, organization)
+ .addPermission(PROVISION_PROJECTS, organization);
TestResponse response = executeRequest(organization);
@@ -107,7 +108,7 @@ public class OrganizationActionTest {
@Test
public void returns_admin_and_canDelete_true_when_user_logged_in_and_admin_and_key_is_the_default_organization() {
OrganizationDto defaultOrganization = dbTester.getDefaultOrganization();
- userSession.logIn().addOrganizationPermission(defaultOrganization.getUuid(), "admin");
+ userSession.logIn().addPermission(ADMINISTER, defaultOrganization);
TestResponse response = executeRequest(defaultOrganization);
@@ -135,7 +136,7 @@ public class OrganizationActionTest {
@Test
public void returns_admin_and_canDelete_true_when_user_logged_in_and_admin_and_key_is_not_the_default_organization() {
OrganizationDto organization = dbTester.organizations().insert();
- userSession.logIn().addOrganizationPermission(organization.getUuid(), "admin");
+ userSession.logIn().addPermission(ADMINISTER, organization);
TestResponse response = executeRequest(organization);
@@ -145,7 +146,7 @@ public class OrganizationActionTest {
@Test
public void returns_admin_and_canDelete_false_when_user_logged_in_and_admin_and_key_is_guarded_organization() {
OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
- userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, organization);
TestResponse response = executeRequest(organization);
@@ -167,7 +168,7 @@ public class OrganizationActionTest {
// user can provision projects in org2 but not in org1
OrganizationDto org1 = dbTester.organizations().insert();
OrganizationDto org2 = dbTester.organizations().insert();
- userSession.logIn().addOrganizationPermission(org2, "provisioning");
+ userSession.logIn().addPermission(PROVISION_PROJECTS, org2);
verifyResponse(executeRequest(org1), false, false, false);
verifyResponse(executeRequest(org2), false, true, false);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
index bad1581b20d..76c53edde48 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
@@ -36,6 +36,7 @@ import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.organization.TestOrganizationFlags;
+import org.sonar.server.permission.OrganizationPermission;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
@@ -88,7 +89,6 @@ public class ServerUserSessionTest {
assertThat(session.isLoggedIn()).isFalse();
}
-
@Test
public void getGroups_is_empty_on_anonymous() {
assertThat(newAnonymousSession().getGroups()).isEmpty();
@@ -174,7 +174,7 @@ public class ServerUserSessionTest {
expectInsufficientPrivilegesForbiddenException();
- newUserSession(NON_ROOT_USER_DTO).checkOrganizationPermission(org.getUuid(), PROVISIONING);
+ newUserSession(NON_ROOT_USER_DTO).checkPermission(OrganizationPermission.PROVISION_PROJECTS, org);
}
@Test
@@ -183,72 +183,72 @@ public class ServerUserSessionTest {
db.users().insertUser(NON_ROOT_USER_DTO);
db.users().insertPermissionOnUser(org, NON_ROOT_USER_DTO, PROVISIONING);
- newUserSession(NON_ROOT_USER_DTO).checkOrganizationPermission(org.getUuid(), PROVISIONING);
+ newUserSession(NON_ROOT_USER_DTO).checkPermission(OrganizationPermission.PROVISION_PROJECTS, org);
}
@Test
public void checkOrganizationPermission_succeeds_when_user_is_root() {
OrganizationDto org = db.organizations().insert();
- newUserSession(ROOT_USER_DTO).checkOrganizationPermission(org.getUuid(), PROVISIONING);
+ newUserSession(ROOT_USER_DTO).checkPermission(OrganizationPermission.PROVISION_PROJECTS, org);
}
@Test
- public void test_hasOrganizationPermission_for_logged_in_user() {
+ public void test_hasPermission_on_organization_for_logged_in_user() {
OrganizationDto org = db.organizations().insert();
ComponentDto project = db.components().insertProject(org);
db.users().insertPermissionOnUser(org, userDto, PROVISIONING);
db.users().insertProjectPermissionOnUser(userDto, UserRole.ADMIN, project);
UserSession session = newUserSession(userDto);
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SYSTEM_ADMIN)).isFalse();
- assertThat(session.hasOrganizationPermission("another-org", PROVISIONING)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.ADMINISTER, org.getUuid())).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, "another-org")).isFalse();
}
@Test
- public void test_hasOrganizationPermission_for_anonymous_user() {
+ public void test_hasPermission_on_organization_for_anonymous_user() {
OrganizationDto org = db.organizations().insert();
db.users().insertPermissionOnAnyone(org, PROVISIONING);
UserSession session = newAnonymousSession();
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SYSTEM_ADMIN)).isFalse();
- assertThat(session.hasOrganizationPermission("another-org", PROVISIONING)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.ADMINISTER, org.getUuid())).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, "another-org")).isFalse();
}
@Test
- public void hasOrganizationPermission_keeps_cache_of_permissions_of_logged_in_user() {
+ public void hasPermission_on_organization_keeps_cache_of_permissions_of_logged_in_user() {
OrganizationDto org = db.organizations().insert();
db.users().insertPermissionOnUser(org, userDto, PROVISIONING);
UserSession session = newUserSession(userDto);
// feed the cache
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
// change permissions without updating the cache
db.users().deletePermissionFromUser(org, userDto, PROVISIONING);
db.users().insertPermissionOnUser(org, userDto, SCAN_EXECUTION);
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SYSTEM_ADMIN)).isFalse();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SCAN_EXECUTION)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.ADMINISTER, org.getUuid())).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.SCAN, org.getUuid())).isFalse();
}
@Test
- public void hasOrganizationPermission_keeps_cache_of_permissions_of_anonymous_user() {
+ public void hasPermission_on_organization_keeps_cache_of_permissions_of_anonymous_user() {
OrganizationDto org = db.organizations().insert();
db.users().insertPermissionOnAnyone(org, PROVISIONING);
UserSession session = newAnonymousSession();
// feed the cache
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
// change permissions without updating the cache
db.users().insertPermissionOnAnyone(org, SCAN_EXECUTION);
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SCAN_EXECUTION)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.SCAN, org.getUuid())).isFalse();
}
@Test
@@ -318,7 +318,6 @@ public class ServerUserSessionTest {
assertThat(session.hasComponentPermission(UserRole.ADMIN, project)).isFalse();
}
-
@Test
public void isSystemAdministrator_returns_true_if_org_feature_is_enabled_and_user_is_root() {
organizationFlags.setEnabled(true);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java
index 77995b48187..1a823ff4919 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java
@@ -23,7 +23,6 @@ import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.user.GroupDto;
@@ -37,6 +36,9 @@ import org.sonar.server.ws.WsActionTester;
import static com.google.common.collect.Lists.newArrayList;
import static org.sonar.db.user.GroupTesting.newGroupDto;
import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonar.test.JsonAssert.assertJson;
public class CurrentActionTest {
@@ -60,11 +62,11 @@ public class CurrentActionTest {
// permissions on default organization
userSessionRule
- .addOrganizationPermission(db.getDefaultOrganization(), GlobalPermissions.SCAN_EXECUTION)
- .addOrganizationPermission(db.getDefaultOrganization(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(SCAN, db.getDefaultOrganization())
+ .addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
// permissions on other organizations are ignored
- userSessionRule.addOrganizationPermission(db.organizations().insert(), GlobalPermissions.SYSTEM_ADMIN);
+ userSessionRule.addPermission(ADMINISTER, db.organizations().insert());
UserDto obiwan = db.users().insertUser(
newUserDto("obiwan.kenobi", "Obiwan Kenobi", "obiwan.kenobi@starwars.com")
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
index 95bb208352a..b8a7f962c4f 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
@@ -39,7 +39,7 @@ import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
@@ -230,7 +230,7 @@ public class AddUserActionTest {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private GroupWsSupport newGroupWsSupport() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java
index adc34488d56..ee0e3354861 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java
@@ -25,7 +25,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
@@ -37,6 +36,7 @@ import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class CreateActionTest {
@@ -219,7 +219,7 @@ public class CreateActionTest {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private GroupWsSupport newGroupWsSupport() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
index bdfd129a8eb..32c61a476ff 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
@@ -28,7 +28,6 @@ import org.sonar.api.config.MapSettings;
import org.sonar.api.config.Settings;
import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDbTester;
import org.sonar.db.component.ComponentDto;
@@ -45,6 +44,7 @@ import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
@@ -290,7 +290,7 @@ public class DeleteActionTest {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private WsTester.TestRequest newRequest() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
index 1bd98d38376..5463bed8a70 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
@@ -37,6 +37,7 @@ import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
@@ -225,7 +226,7 @@ public class RemoveUserActionTest {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn("admin").addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn("admin").addPermission(ADMINISTER, org);
}
private UserDto insertAnAdministratorInDefaultOrganization() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java
index 4ef669b469d..27c329e546b 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java
@@ -36,8 +36,8 @@ import org.sonar.server.ws.WsTester;
import static org.apache.commons.lang.StringUtils.capitalize;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.user.GroupTesting.newGroupDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class SearchActionTest {
@@ -159,7 +159,7 @@ public class SearchActionTest {
// the group in default org is not returned
db.users().insertGroup(db.getDefaultOrganization(), "users");
loginAsDefaultOrgAdmin();
- userSession.addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, org);
newRequest()
.setParam("organization", org.getKey())
@@ -191,7 +191,7 @@ public class SearchActionTest {
}
private void loginAsDefaultOrgAdmin() {
- userSession.logIn("user").addOrganizationPermission(db.getDefaultOrganization().getUuid(), SYSTEM_ADMIN);
+ userSession.logIn("user").addPermission(ADMINISTER, db.getDefaultOrganization());
}
private GroupWsSupport newGroupWsSupport() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java
index 72316db5bc1..ee2de184ab5 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java
@@ -25,7 +25,6 @@ import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
@@ -45,6 +44,7 @@ import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class UpdateActionTest {
@@ -292,6 +292,6 @@ public class UpdateActionTest {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java
index b867cf1b6ec..5a0b33b6951 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java
@@ -26,7 +26,6 @@ import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.server.ws.WebService.SelectionMode;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
@@ -40,6 +39,7 @@ import org.sonar.server.ws.WsTester.TestRequest;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
public class UsersActionTest {
@@ -273,6 +273,6 @@ public class UsersActionTest {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
}
--
2.39.5