From 5134301fee17cc8c542fd6e5fad0be0ecc51af6a Mon Sep 17 00:00:00 2001 From: Simon Brandhof Date: Tue, 7 Feb 2017 16:53:53 +0100 Subject: [PATCH] SONAR-8716 api/users/current must return permissions on default organization --- .../sonar/server/user/ws/CurrentAction.java | 23 +++++++++++------ .../sonar/server/user/ws/current-example.json | 5 +--- .../server/user/ws/CurrentActionTest.java | 25 ++++++++++++++----- .../org/sonar/server/user/ws/UsersWsTest.java | 3 ++- 4 files changed, 37 insertions(+), 19 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java index dee0ad0fdc9..231ed51bb2f 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java @@ -25,9 +25,11 @@ import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService.NewController; import org.sonar.api.utils.text.JsonWriter; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.user.UserDto; +import org.sonar.server.organization.DefaultOrganizationProvider; import org.sonar.server.user.UserSession; import static com.google.common.base.Strings.isNullOrEmpty; @@ -39,10 +41,12 @@ import static org.sonar.server.user.ws.UserJsonWriter.FIELD_EXTERNAL_PROVIDER; public class CurrentAction implements UsersWsAction { private final UserSession userSession; private final DbClient dbClient; + private final DefaultOrganizationProvider defaultOrganizationProvider; - public CurrentAction(UserSession userSession, DbClient dbClient) { + public CurrentAction(UserSession userSession, DbClient dbClient, DefaultOrganizationProvider defaultOrganizationProvider) { this.userSession = userSession; this.dbClient = dbClient; + this.defaultOrganizationProvider = defaultOrganizationProvider; } @Override @@ -103,7 +107,7 @@ public class CurrentAction implements UsersWsAction { writeScmAccounts(json, optionalUser); writeGroups(json, groups); - writePermissions(json, userSession); + writePermissions(json); } private static void writeScmAccounts(JsonWriter json, Optional optionalUser) { @@ -126,17 +130,20 @@ public class CurrentAction implements UsersWsAction { json.endArray(); } - private static void writePermissions(JsonWriter json, UserSession session) { + private void writePermissions(JsonWriter json) { json.name("permissions").beginObject(); - writeGlobalPermissions(json, session); + writeGlobalPermissions(json); json.endObject(); } - private static void writeGlobalPermissions(JsonWriter json, UserSession session) { + private void writeGlobalPermissions(JsonWriter json) { json.name("global").beginArray(); - for (String permission : session.globalPermissions()) { - json.value(permission); - } + + String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid(); + GlobalPermissions.ALL.stream() + .filter(permission -> userSession.hasOrganizationPermission(defaultOrganizationUuid, permission)) + .forEach(permission -> json.value(permission)); + json.endArray(); } diff --git a/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json b/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json index 787861dc917..9237b50fe0e 100644 --- a/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json +++ b/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json @@ -15,11 +15,8 @@ ], "permissions": { "global": [ - "admin", "profileadmin", - "gateadmin", - "scan", - "provisioning" + "scan" ] } } diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java index 505dd60c02b..5ad7bd1a664 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java @@ -29,6 +29,8 @@ import org.sonar.db.DbTester; import org.sonar.db.user.GroupDto; import org.sonar.db.user.UserDto; import org.sonar.db.user.UserGroupDto; +import org.sonar.server.organization.DefaultOrganizationProvider; +import org.sonar.server.organization.TestDefaultOrganizationProvider; import org.sonar.server.tester.UserSessionRule; import org.sonar.server.ws.WsActionTester; @@ -42,19 +44,28 @@ public class CurrentActionTest { public UserSessionRule userSessionRule = UserSessionRule.standalone(); @Rule public DbTester db = DbTester.create(System2.INSTANCE); - private DbClient dbClient = db.getDbClient(); + private DbClient dbClient = db.getDbClient(); + private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db); private WsActionTester ws; @Before public void before() { - ws = new WsActionTester(new CurrentAction(userSessionRule, dbClient)); + ws = new WsActionTester(new CurrentAction(userSessionRule, dbClient, defaultOrganizationProvider)); } @Test - public void json_example() throws Exception { - userSessionRule.logIn("obiwan.kenobi").setName("Obiwan Kenobi") - .setGlobalPermissions(GlobalPermissions.ALL.toArray(new String[0])); + public void json_example() { + userSessionRule.logIn("obiwan.kenobi").setName("Obiwan Kenobi"); + + // permissions on default organization + userSessionRule + .addOrganizationPermission(db.getDefaultOrganization(), GlobalPermissions.SCAN_EXECUTION) + .addOrganizationPermission(db.getDefaultOrganization(), GlobalPermissions.QUALITY_PROFILE_ADMIN); + + // permissions on other organizations are ignored + userSessionRule.addOrganizationPermission(db.organizations().insert(), GlobalPermissions.SYSTEM_ADMIN); + UserDto obiwan = db.users().insertUser( newUserDto("obiwan.kenobi", "Obiwan Kenobi", "obiwan.kenobi@starwars.com") .setLocal(true) @@ -78,7 +89,9 @@ public class CurrentActionTest { } @Test - public void anonymous() throws Exception { + public void anonymous() { + userSessionRule.anonymous(); + String response = ws.newRequest().execute().getInput(); assertJson(response).isSimilarTo(getClass().getResource("CurrentActionTest/anonymous.json")); diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ws/UsersWsTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ws/UsersWsTest.java index 4a91b32b958..15a0408c65a 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/user/ws/UsersWsTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/user/ws/UsersWsTest.java @@ -24,6 +24,7 @@ import org.junit.Rule; import org.junit.Test; import org.sonar.api.server.ws.WebService; import org.sonar.db.DbClient; +import org.sonar.server.organization.DefaultOrganizationProvider; import org.sonar.server.tester.UserSessionRule; import org.sonar.server.user.UserUpdater; import org.sonar.server.user.index.UserIndex; @@ -43,7 +44,7 @@ public class UsersWsTest { WsTester tester = new WsTester(new UsersWs( new CreateAction(mock(UserUpdater.class), userSessionRule), new UpdateAction(mock(UserUpdater.class), userSessionRule, mock(UserJsonWriter.class), mock(DbClient.class)), - new CurrentAction(userSessionRule, mock(org.sonar.db.DbClient.class)), + new CurrentAction(userSessionRule, mock(DbClient.class), mock(DefaultOrganizationProvider.class)), new ChangePasswordAction(mock(DbClient.class), mock(UserUpdater.class), userSessionRule), new SearchAction(mock(UserIndex.class), mock(DbClient.class), mock(UserJsonWriter.class)))); controller = tester.controller("api/users"); -- 2.39.5