From a8d35ff57c84a084268cac3937729536f60e0cd7 Mon Sep 17 00:00:00 2001 From: Teryk Bellahsene Date: Thu, 23 Nov 2017 14:42:45 +0100 Subject: [PATCH] SONAR-9000 Limit number of results for api/organizations/search to 500 --- .../server/organization/ws/SearchAction.java | 16 ++++++++-- .../organization/ws/SearchActionTest.java | 31 ++++++++++--------- 2 files changed, 31 insertions(+), 16 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchAction.java index cdafe498a10..957bf0d7111 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchAction.java @@ -34,12 +34,15 @@ import org.sonarqube.ws.Organizations.Organization; import static org.sonar.db.Pagination.forPage; import static org.sonar.db.organization.OrganizationQuery.newOrganizationQueryBuilder; +import static org.sonar.server.ws.WsUtils.checkRequest; import static org.sonar.server.ws.WsUtils.writeProtobuf; import static org.sonarqube.ws.Common.Paging; public class SearchAction implements OrganizationsWsAction { private static final String PARAM_ORGANIZATIONS = "organizations"; + private static final String PARAM_MEMBER = "member"; private static final String ACTION = "search"; + private static final int MAX_SIZE = 500; private final DbClient dbClient; private final OrganizationsWsSupport wsSupport; @@ -67,14 +70,15 @@ public class SearchAction implements OrganizationsWsAction { .setRequired(false) .setSince("6.3"); - action.addPagingParams(100); + action.addPagingParams(100, MAX_SIZE); } @Override public void handle(Request request, Response response) throws Exception { try (DbSession dbSession = dbClient.openSession(false)) { + List organizations = getOrganizationKeys(request); OrganizationQuery organizationQuery = newOrganizationQueryBuilder() - .setKeys(request.paramAsStrings(PARAM_ORGANIZATIONS)) + .setKeys(organizations) .build(); int total = dbClient.organizationDao().countByQuery(dbSession, organizationQuery); @@ -103,4 +107,12 @@ public class SearchAction implements OrganizationsWsAction { .build(); } + private static List getOrganizationKeys(Request request) { + List organizations = request.paramAsStrings(PARAM_ORGANIZATIONS); + if (organizations != null) { + checkRequest(organizations.size() <= MAX_SIZE, "Size of '%s' (%d) must be less than %d", PARAM_ORGANIZATIONS, organizations.size(), MAX_SIZE); + } + return organizations; + } + } diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchActionTest.java index 1ccaad72e78..62b0a59d998 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchActionTest.java @@ -83,20 +83,23 @@ public class SearchActionTest { assertThat(action.params()).hasSize(3); assertThat(action.responseExample()).isEqualTo(getClass().getResource("search-example.json")); - WebService.Param organizationsParam = action.param("organizations"); - assertThat(organizationsParam.isRequired()).isFalse(); - assertThat(organizationsParam.defaultValue()).isNull(); - assertThat(organizationsParam.description()).isEqualTo("Comma-separated list of organization keys"); - assertThat(organizationsParam.exampleValue()).isEqualTo("my-org-1,foocorp"); - assertThat(organizationsParam.since()).isEqualTo("6.3"); - WebService.Param pParam = action.param("p"); - assertThat(pParam.isRequired()).isFalse(); - assertThat(pParam.defaultValue()).isEqualTo("1"); - assertThat(pParam.description()).isEqualTo("1-based page number"); - WebService.Param psParam = action.param("ps"); - assertThat(psParam.isRequired()).isFalse(); - assertThat(psParam.defaultValue()).isEqualTo("100"); - assertThat(psParam.description()).isEqualTo("Page size. Must be greater than 0."); + WebService.Param organizations = action.param("organizations"); + assertThat(organizations.isRequired()).isFalse(); + assertThat(organizations.defaultValue()).isNull(); + assertThat(organizations.description()).isEqualTo("Comma-separated list of organization keys"); + assertThat(organizations.exampleValue()).isEqualTo("my-org-1,foocorp"); + assertThat(organizations.since()).isEqualTo("6.3"); + + WebService.Param page = action.param("p"); + assertThat(page.isRequired()).isFalse(); + assertThat(page.defaultValue()).isEqualTo("1"); + assertThat(page.description()).isEqualTo("1-based page number"); + + WebService.Param pageSize = action.param("ps"); + assertThat(pageSize.isRequired()).isFalse(); + assertThat(pageSize.defaultValue()).isEqualTo("100"); + assertThat(pageSize.maximumValue()).isEqualTo(500); + assertThat(pageSize.description()).isEqualTo("Page size. Must be greater than 0 and less than 500"); } @Test -- 2.39.5