From 79e52114ed45241bbcf7908f0b600f36d0422697 Mon Sep 17 00:00:00 2001 From: Simon Brandhof Date: Mon, 8 Jul 2019 16:48:26 +0200 Subject: [PATCH] SC-799 improve migration WS --- .../ws/DeleteEmptyPersonalOrgsAction.java | 12 +++++++-- .../ws/DeleteEmptyPersonalOrgsActionTest.java | 25 ++++++++++++++++--- 2 files changed, 31 insertions(+), 6 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsAction.java index 1dc06bd8f3a..d0fb9681f6b 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsAction.java @@ -25,6 +25,8 @@ import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.log.Logger; import org.sonar.api.utils.log.Loggers; import org.sonar.db.organization.OrganizationQuery; +import org.sonar.server.user.AbstractUserSession; +import org.sonar.server.user.SystemPasscode; import org.sonar.server.user.UserSession; public class DeleteEmptyPersonalOrgsAction implements OrganizationsWsAction { @@ -33,10 +35,12 @@ public class DeleteEmptyPersonalOrgsAction implements OrganizationsWsAction { private static final String ACTION = "delete_empty_personal_orgs"; + private final SystemPasscode passcode; private final UserSession userSession; private final OrganizationDeleter organizationDeleter; - public DeleteEmptyPersonalOrgsAction(UserSession userSession, OrganizationDeleter organizationDeleter) { + public DeleteEmptyPersonalOrgsAction(SystemPasscode passcode, UserSession userSession, OrganizationDeleter organizationDeleter) { + this.passcode = passcode; this.userSession = userSession; this.organizationDeleter = organizationDeleter; } @@ -52,7 +56,9 @@ public class DeleteEmptyPersonalOrgsAction implements OrganizationsWsAction { @Override public void handle(Request request, Response response) throws Exception { - userSession.checkLoggedIn().checkIsSystemAdministrator(); + if (!passcode.isValid(request) && !userSession.isSystemAdministrator()) { + throw AbstractUserSession.insufficientPrivilegesException(); + } LOGGER.info("deleting empty personal organizations"); @@ -63,6 +69,8 @@ public class DeleteEmptyPersonalOrgsAction implements OrganizationsWsAction { organizationDeleter.deleteByQuery(query); + LOGGER.info("Deleted empty personal organizations"); + response.noContent(); } diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsActionTest.java index 3ccd6c99316..ccf960804c3 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteEmptyPersonalOrgsActionTest.java @@ -43,10 +43,14 @@ import org.sonar.server.project.ProjectLifeCycleListenersImpl; import org.sonar.server.qualityprofile.QProfileFactoryImpl; import org.sonar.server.qualityprofile.index.ActiveRuleIndexer; import org.sonar.server.tester.UserSessionRule; +import org.sonar.server.user.SystemPasscode; import org.sonar.server.user.index.UserIndexer; import org.sonar.server.ws.WsActionTester; import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; public class DeleteEmptyPersonalOrgsActionTest { @@ -65,6 +69,7 @@ public class DeleteEmptyPersonalOrgsActionTest { @Rule public final ExpectedException expectedException = ExpectedException.none(); + private SystemPasscode passcode = mock(SystemPasscode.class); private final OrganizationDeleter organizationDeleter = new OrganizationDeleter(dbClient, new ComponentCleanerService(dbClient, new ResourceTypesRule(), new ProjectIndexersImpl()), new UserIndexer(dbClient, esClient), @@ -72,7 +77,7 @@ public class DeleteEmptyPersonalOrgsActionTest { new ProjectLifeCycleListenersImpl(new ProjectLifeCycleListener[0]), new BillingValidationsProxyImpl()); - private final DeleteEmptyPersonalOrgsAction underTest = new DeleteEmptyPersonalOrgsAction(userSession, organizationDeleter); + private final DeleteEmptyPersonalOrgsAction underTest = new DeleteEmptyPersonalOrgsAction(passcode, userSession, organizationDeleter); private final WsActionTester ws = new WsActionTester(underTest); @Test @@ -87,6 +92,21 @@ public class DeleteEmptyPersonalOrgsActionTest { @Test public void delete_empty_personal_orgs() { + UserDto admin = db.users().insertUser(); + db.users().insertPermissionOnUser(admin, ADMINISTER); + userSession.logIn().setSystemAdministrator(); + + doRun(); + } + + @Test + public void authenticate_with_system_passcode() { + when(passcode.isValid(any())).thenReturn(true); + + doRun(); + } + + private void doRun() { OrganizationDto emptyPersonal = db.organizations().insert(o -> o.setGuarded(true)); db.users().insertUser(u -> u.setOrganizationUuid(emptyPersonal.getUuid())); @@ -99,9 +119,6 @@ public class DeleteEmptyPersonalOrgsActionTest { OrganizationDto nonEmptyRegular = db.organizations().insert(); db.components().insertPublicProject(nonEmptyRegular); - UserDto admin = db.users().insertUser(); - db.users().insertPermissionOnUser(admin, ADMINISTER); - userSession.logIn().setSystemAdministrator(); ws.newRequest().execute(); List notDeleted = Arrays.asList( -- 2.39.5