From 867894b876c520c1342a60e36a2e421a2a291b71 Mon Sep 17 00:00:00 2001 From: Stas Vilchik Date: Thu, 9 Feb 2017 10:52:23 +0100 Subject: [PATCH] SONAR-8662 Wrong entries in "Administration" menu of a project dashboard when not enough permission (#1642) --- .../java/org/sonar/server/ui/ws/ComponentAction.java | 11 ++++++++--- .../org/sonar/server/ui/ws/ComponentActionTest.java | 12 ++++++++++++ .../return_configuration_for_quality_gate_admin.json | 12 ++++++++++++ ...turn_configuration_for_quality_profile_admin.json | 2 +- .../app/components/nav/component/ComponentNavMenu.js | 4 ++++ 5 files changed, 37 insertions(+), 4 deletions(-) create mode 100644 server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_gate_admin.json diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java index b15ccd19b7e..6bb6be1c1da 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java @@ -59,6 +59,7 @@ import org.sonar.server.user.UserSession; import static org.sonar.api.measures.CoreMetrics.QUALITY_PROFILES_KEY; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.USER; +import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; @@ -139,7 +140,9 @@ public class ComponentAction implements NavigationWsAction { writeComponent(json, session, component, org, analysis.orElse(null)); writeProfiles(json, session, component); writeQualityGate(json, session, component); - if (userSession.hasComponentPermission(ADMIN, component) || userSession.hasOrganizationPermission(org.getUuid(), QUALITY_PROFILE_ADMIN)) { + if (userSession.hasComponentPermission(ADMIN, component) || + userSession.hasOrganizationPermission(org.getUuid(), QUALITY_PROFILE_ADMIN) || + userSession.hasOrganizationPermission(org.getUuid(), QUALITY_GATE_ADMIN)) { writeConfiguration(json, component); } writeBreadCrumbs(json, session, component); @@ -225,10 +228,12 @@ public class ComponentAction implements NavigationWsAction { private void writeConfigPageAccess(JsonWriter json, boolean isAdmin, ComponentDto component) { boolean isProject = Qualifiers.PROJECT.equals(component.qualifier()); boolean showManualMeasures = isAdmin && !Qualifiers.DIRECTORY.equals(component.qualifier()); + boolean isQualityProfileAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), QUALITY_PROFILE_ADMIN); + boolean isQualityGateAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), QUALITY_GATE_ADMIN); json.prop("showSettings", isAdmin && componentTypeHasProperty(component, PROPERTY_CONFIGURABLE)); - json.prop("showQualityProfiles", isProject); - json.prop("showQualityGates", isProject); + json.prop("showQualityProfiles", isProject && (isAdmin || isQualityProfileAdmin)); + json.prop("showQualityGates", isProject && (isAdmin || isQualityGateAdmin)); json.prop("showManualMeasures", showManualMeasures); json.prop("showLinks", isAdmin && isProject); json.prop("showPermissions", isAdmin && componentTypeHasProperty(component, PROPERTY_HAS_ROLE_POLICY)); diff --git a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java index 7b58db290d7..54afe3e27e8 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java @@ -64,6 +64,7 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.sonar.api.measures.CoreMetrics.QUALITY_PROFILES_KEY; import static org.sonar.api.web.page.Page.Scope.COMPONENT; +import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; import static org.sonar.db.component.ComponentTesting.newDirectory; import static org.sonar.db.component.ComponentTesting.newFileDto; @@ -315,6 +316,17 @@ public class ComponentActionTest { executeAndVerify(project.key(), "return_configuration_for_quality_profile_admin.json"); } + @Test + public void return_configuration_for_quality_gate_admin() throws Exception { + init(); + componentDbTester.insertComponent(project); + userSessionRule.logIn() + .addProjectUuidPermissions(UserRole.USER, project.uuid()) + .addOrganizationPermission(project.getOrganizationUuid(), QUALITY_GATE_ADMIN); + + executeAndVerify(project.key(), "return_configuration_for_quality_gate_admin.json"); + } + @Test public void return_bread_crumbs_on_several_levels() throws Exception { init(); diff --git a/server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_gate_admin.json b/server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_gate_admin.json new file mode 100644 index 00000000000..893e9dfc04a --- /dev/null +++ b/server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_gate_admin.json @@ -0,0 +1,12 @@ +{ + "configuration": { + "showSettings": false, + "showQualityProfiles": false, + "showQualityGates": true, + "showManualMeasures": false, + "showLinks": false, + "showPermissions": false, + "showHistory": false, + "showUpdateKey": false + } +} diff --git a/server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_profile_admin.json b/server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_profile_admin.json index 0b8a1b3a05d..8a8dd68ca93 100644 --- a/server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_profile_admin.json +++ b/server/sonar-server/src/test/resources/org/sonar/server/ui/ws/ComponentActionTest/return_configuration_for_quality_profile_admin.json @@ -2,7 +2,7 @@ "configuration": { "showSettings": false, "showQualityProfiles": true, - "showQualityGates": true, + "showQualityGates": false, "showManualMeasures": false, "showLinks": false, "showPermissions": false, diff --git a/server/sonar-web/src/main/js/app/components/nav/component/ComponentNavMenu.js b/server/sonar-web/src/main/js/app/components/nav/component/ComponentNavMenu.js index 4d9aa5f18ee..6b64ac85174 100644 --- a/server/sonar-web/src/main/js/app/components/nav/component/ComponentNavMenu.js +++ b/server/sonar-web/src/main/js/app/components/nav/component/ComponentNavMenu.js @@ -278,6 +278,10 @@ export default class ComponentNavMenu extends React.Component { renderDeletionLink () { const { qualifier } = this.props.component; + if (!this.props.conf.showSettings) { + return null; + } + if (qualifier !== 'TRK' && qualifier !== 'VW') { return null; } -- 2.39.5