From 58307a744f000d184f4cbc11538d49e6fdef9a60 Mon Sep 17 00:00:00 2001 From: Teryk Bellahsene Date: Fri, 27 Jan 2017 19:10:04 +0100 Subject: [PATCH] SONAR-8366 Make a consistent permission documentation and checks for api/measures WS --- .../server/measure/ws/ComponentAction.java | 15 ++--------- .../measure/ws/ComponentTreeAction.java | 7 +----- .../measure/ws/ComponentTreeDataLoader.java | 6 +---- .../sonar/server/measure/ws/SearchAction.java | 2 +- .../measure/ws/SearchHistoryAction.java | 25 ++++++++++--------- .../measure/ws/ComponentActionTest.java | 7 +++--- .../measure/ws/ComponentTreeActionTest.java | 8 +++--- .../server/measure/ws/SearchActionTest.java | 4 --- 8 files changed, 26 insertions(+), 48 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java index dfd151a35cd..9e89a6812ac 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java @@ -37,7 +37,6 @@ import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService; import org.sonar.api.web.UserRole; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.util.stream.Collectors; import org.sonar.db.DbClient; import org.sonar.db.DbSession; @@ -69,7 +68,6 @@ import static org.sonar.server.measure.ws.MeasuresWsParametersBuilder.createDeve import static org.sonar.server.measure.ws.MeasuresWsParametersBuilder.createMetricKeysParameter; import static org.sonar.server.measure.ws.MetricDtoToWsMetric.metricDtoToWsMetric; import static org.sonar.server.measure.ws.SnapshotDtoToWsPeriods.snapshotToWsPeriods; -import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; import static org.sonar.server.ws.WsUtils.checkRequest; import static org.sonar.server.ws.WsUtils.writeProtobuf; @@ -100,12 +98,7 @@ public class ComponentAction implements MeasuresWsAction { public void define(WebService.NewController context) { WebService.NewAction action = context.createAction(ACTION_COMPONENT) .setDescription(format("Return component with specified measures. The %s or the %s parameter must be provided.
" + - "Requires one of the following permissions:" + - "", + "Requires the following permission: 'Browse' on the project of specified component.", PARAM_COMPONENT_ID, PARAM_COMPONENT_KEY)) .setResponseExample(getClass().getResource("component-example.json")) .setSince("5.4") @@ -266,10 +259,6 @@ public class ComponentAction implements MeasuresWsAction { private void checkPermissions(ComponentDto baseComponent) { String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid()); - if (!userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN) && - !userSession.hasComponentUuidPermission(UserRole.ADMIN, projectUuid) && - !userSession.hasComponentUuidPermission(UserRole.USER, projectUuid)) { - throw insufficientPrivilegesException(); - } + userSession.checkComponentUuidPermission(UserRole.USER, projectUuid); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java index e55526c4218..fcdf5f4dc55 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java @@ -119,12 +119,7 @@ public class ComponentTreeAction implements MeasuresWsAction { public void define(WebService.NewController context) { WebService.NewAction action = context.createAction(ACTION_COMPONENT_TREE) .setDescription(format("Navigate through components based on the chosen strategy with specified measures. The %s or the %s parameter must be provided.
" + - "Requires one of the following permissions:" + - "" + + "Requires the following permission: 'Browse' on the specified project.
" + "When limiting search with the %s parameter, directories are not returned.", PARAM_BASE_COMPONENT_ID, PARAM_BASE_COMPONENT_KEY, Param.TEXT_QUERY)) .setResponseExample(getClass().getResource("component_tree-example.json")) diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java index 911e31500bf..4fe6125defe 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java +++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java @@ -74,7 +74,6 @@ import static org.sonar.server.measure.ws.ComponentTreeAction.LEAVES_STRATEGY; import static org.sonar.server.measure.ws.ComponentTreeAction.STRATEGIES; import static org.sonar.server.measure.ws.ComponentTreeAction.WITH_MEASURES_ONLY_METRIC_SORT_FILTER; import static org.sonar.server.measure.ws.SnapshotDtoToWsPeriods.snapshotToWsPeriods; -import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; public class ComponentTreeDataLoader { private static final Set QUALIFIERS_ELIGIBLE_FOR_BEST_VALUE = newHashSet(Qualifiers.FILE, Qualifiers.UNIT_TEST_FILE); @@ -300,10 +299,7 @@ public class ComponentTreeDataLoader { private void checkPermissions(ComponentDto baseComponent) { String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid()); - if (!userSession.hasComponentUuidPermission(UserRole.ADMIN, projectUuid) && - !userSession.hasComponentUuidPermission(UserRole.USER, projectUuid)) { - throw insufficientPrivilegesException(); - } + userSession.checkComponentUuidPermission(UserRole.USER, projectUuid); } private enum IsFileComponent implements Predicate { diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchAction.java index 2fc599297f0..72ff209b51f 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchAction.java @@ -72,7 +72,7 @@ public class SearchAction implements MeasuresWsAction { .setInternal(true) .setDescription("Search for project measures ordered by project names.
" + "At most %d projects can be provided.
" + - "Requires 'Browse' on the provided projects", + "Returns the projects with the 'Browse' permission.", SearchRequest.MAX_NB_PROJECTS) .setSince("6.2") .setResponseExample(getClass().getResource("search-example.json")) diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchHistoryAction.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchHistoryAction.java index ab2d4394762..9b9992e5ec7 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchHistoryAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/SearchHistoryAction.java @@ -73,12 +73,24 @@ public class SearchHistoryAction implements MeasuresWsAction { this.userSession = userSession; } + private static SearchHistoryRequest toWsRequest(Request request) { + return SearchHistoryRequest.builder() + .setComponent(request.mandatoryParam(PARAM_COMPONENT)) + .setMetrics(request.mandatoryParamAsStrings(PARAM_METRICS)) + .setFrom(request.param(PARAM_FROM)) + .setTo(request.param(PARAM_TO)) + .setPage(request.mandatoryParamAsInt(Param.PAGE)) + .setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE)) + .build(); + } + @Override public void define(WebService.NewController context) { WebService.NewAction action = context.createAction(ACTION_SEARCH_HISTORY) .setDescription("Search measures history of a component.
" + "Measures are ordered chronologically.
" + - "Pagination applies to the number of measures for each metric.") + "Pagination applies to the number of measures for each metric.
" + + "Requires the following permission: 'Browse' on the specified component") .setResponseExample(getClass().getResource("search_history-example.json")) .setSince("6.3") .setHandler(this); @@ -170,15 +182,4 @@ public class SearchHistoryAction implements MeasuresWsAction { return metrics; } - private static SearchHistoryRequest toWsRequest(Request request) { - return SearchHistoryRequest.builder() - .setComponent(request.mandatoryParam(PARAM_COMPONENT)) - .setMetrics(request.mandatoryParamAsStrings(PARAM_METRICS)) - .setFrom(request.param(PARAM_FROM)) - .setTo(request.param(PARAM_TO)) - .setPage(request.mandatoryParamAsInt(Param.PAGE)) - .setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE)) - .build(); - } - } diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java index 5eceb985948..dd5ea771779 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java @@ -51,6 +51,7 @@ import org.sonarqube.ws.WsMeasures.ComponentWsResponse; import static org.assertj.core.api.Assertions.assertThat; import static org.sonar.api.utils.DateUtils.parseDateTime; +import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newDeveloper; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newProjectCopy; @@ -83,7 +84,7 @@ public class ComponentActionTest { @Before public void setUp() { - userSession.setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN); + userSession.login().setRoot().setGlobalPermissions(SYSTEM_ADMIN); } @Test @@ -103,7 +104,7 @@ public class ComponentActionTest { @Test public void provided_project() { componentDb.insertComponent(newProjectDto(db.getDefaultOrganization(), PROJECT_UUID)); - userSession.anonymous().addProjectUuidPermissions(UserRole.USER, PROJECT_UUID); + userSession.addProjectUuidPermissions(UserRole.USER, PROJECT_UUID); insertNclocMetric(); ComponentWsResponse response = newRequest(PROJECT_UUID, "ncloc"); @@ -231,7 +232,7 @@ public class ComponentActionTest { @Test public void fail_when_not_enough_permission() { - userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN); + userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN); componentDb.insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), PROJECT_UUID)); insertNclocMetric(); diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java index 137a50a1230..7cc2347b0a3 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java @@ -106,7 +106,7 @@ public class ComponentTreeActionTest { @Before public void setUp() { - userSession.setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN); + userSession.login().setRoot().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN); resourceTypes.setChildrenQualifiers(Qualifiers.MODULE, Qualifiers.FILE, Qualifiers.DIRECTORY); resourceTypes.setLeavesQualifiers(Qualifiers.FILE, Qualifiers.UNIT_TEST_FILE); } @@ -149,7 +149,7 @@ public class ComponentTreeActionTest { .setPeriodMode(1, "last_version") .setPeriodDate(3, System.currentTimeMillis()) .setPeriodMode(3, "last_analysis")); - userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, "project-uuid"); + userSession.anonymous().addProjectUuidPermissions(UserRole.USER, "project-uuid"); ComponentDto directoryDto = newDirectory(projectDto, "directory-uuid", "path/to/directory").setName("directory-1"); componentDb.insertComponent(directoryDto); ComponentDto file = newFileDto(directoryDto, null, "file-uuid").setName("file-1"); @@ -179,7 +179,7 @@ public class ComponentTreeActionTest { public void load_measures_with_best_value() { ComponentDto projectDto = newProjectDto(db.getDefaultOrganization(), "project-uuid"); SnapshotDto projectSnapshot = componentDb.insertProjectAndSnapshot(projectDto); - userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, "project-uuid"); + userSession.anonymous().addProjectUuidPermissions(UserRole.USER, "project-uuid"); ComponentDto directoryDto = newDirectory(projectDto, "directory-uuid", "path/to/directory").setName("directory-1"); componentDb.insertComponent(directoryDto); ComponentDto file = newFileDto(directoryDto, null, "file-uuid").setName("file-1"); @@ -220,7 +220,7 @@ public class ComponentTreeActionTest { @Test public void use_best_value_for_rating() { - userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, "project-uuid"); + userSession.anonymous().addProjectUuidPermissions(UserRole.USER, "project-uuid"); ComponentDto projectDto = newProjectDto(db.getDefaultOrganization(), "project-uuid"); componentDb.insertComponent(projectDto); SnapshotDto projectSnapshot = dbClient.snapshotDao().insert(dbSession, newAnalysis(projectDto) diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/SearchActionTest.java index e95d795be82..fdd2f2a96a9 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/SearchActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/SearchActionTest.java @@ -274,10 +274,6 @@ public class SearchActionTest { assertThat(result.since()).isEqualTo("6.2"); assertThat(result.params()).hasSize(2); assertThat(result.responseExampleAsString()).isNotEmpty(); - assertThat(result.description()).isEqualToIgnoringWhitespace("" + - "Search for project measures ordered by project names.
" + - "At most 100 projects can be provided.
" + - "Requires 'Browse' on the provided projects"); } private SearchWsResponse call(@Nullable List keys, @Nullable List metrics) { -- 2.39.5