From bb6f15af9ddfef036ffd99afedebe81d5bd6c57d Mon Sep 17 00:00:00 2001 From: Teryk Bellahsene Date: Tue, 19 May 2015 11:01:56 +0200 Subject: [PATCH] WS api/projects/provisioned checks for 'Provision Projects' permission - SONAR-6526 --- .../ws/ProjectsProvisionedAction.java | 6 +-- .../ws/ProjectsGhostsActionTest.java | 3 ++ .../ws/ProjectsProvisionedActionTest.java | 44 ++++++++++++------- 3 files changed, 35 insertions(+), 18 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/component/ws/ProjectsProvisionedAction.java b/server/sonar-server/src/main/java/org/sonar/server/component/ws/ProjectsProvisionedAction.java index 56954c40844..90d2b8cad37 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/component/ws/ProjectsProvisionedAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/component/ws/ProjectsProvisionedAction.java @@ -26,8 +26,8 @@ import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService; import org.sonar.api.server.ws.WebService.Param; import org.sonar.api.utils.text.JsonWriter; -import org.sonar.api.web.UserRole; import org.sonar.core.component.ComponentDto; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.persistence.DbSession; import org.sonar.core.persistence.MyBatis; import org.sonar.server.db.DbClient; @@ -57,7 +57,7 @@ public class ProjectsProvisionedAction implements ProjectsWsAction { .createAction("provisioned") .setDescription( "Get the list of provisioned projects.
" + - "Require admin role.") + "Require 'Provision Projects' permission.") .setSince("5.2") .setResponseExample(Resources.getResource(getClass(), "projects-example-provisioned.json")) .setHandler(this) @@ -68,7 +68,7 @@ public class ProjectsProvisionedAction implements ProjectsWsAction { @Override public void handle(Request request, Response response) throws Exception { - userSession.checkGlobalPermission(UserRole.ADMIN, "You need admin rights."); + userSession.checkGlobalPermission(GlobalPermissions.PROVISIONING); SearchOptions options = new SearchOptions().setPage( request.mandatoryParamAsInt(Param.PAGE), request.mandatoryParamAsInt(Param.PAGE_SIZE) diff --git a/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsGhostsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsGhostsActionTest.java index 0c964c2a5db..1cd6a645b01 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsGhostsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsGhostsActionTest.java @@ -27,6 +27,7 @@ import org.junit.Before; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; +import org.junit.experimental.categories.Category; import org.sonar.api.server.ws.WebService.Param; import org.sonar.api.utils.DateUtils; import org.sonar.api.utils.System2; @@ -43,10 +44,12 @@ import org.sonar.server.db.DbClient; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.tester.UserSessionRule; import org.sonar.server.ws.WsTester; +import org.sonar.test.DbTests; import org.sonar.test.JsonAssert; import static org.assertj.core.api.Assertions.assertThat; +@Category(DbTests.class) public class ProjectsGhostsActionTest { @ClassRule diff --git a/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsProvisionedActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsProvisionedActionTest.java index e0e7be965ff..2abe36c9447 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsProvisionedActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/component/ws/ProjectsProvisionedActionTest.java @@ -27,12 +27,14 @@ import org.junit.Before; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.junit.rules.ExpectedException; import org.sonar.api.server.ws.WebService.Param; import org.sonar.api.utils.DateUtils; import org.sonar.api.utils.System2; -import org.sonar.api.web.UserRole; import org.sonar.core.component.ComponentDto; import org.sonar.core.component.SnapshotDto; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.persistence.DbSession; import org.sonar.core.persistence.DbTester; import org.sonar.server.component.ComponentTesting; @@ -40,25 +42,28 @@ import org.sonar.server.component.SnapshotTesting; import org.sonar.server.component.db.ComponentDao; import org.sonar.server.component.db.SnapshotDao; import org.sonar.server.db.DbClient; +import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.tester.UserSessionRule; import org.sonar.server.ws.WsTester; +import org.sonar.test.DbTests; import org.sonar.test.JsonAssert; import static org.assertj.core.api.Assertions.assertThat; -import static org.mockito.Mockito.mock; +@Category(DbTests.class) public class ProjectsProvisionedActionTest { @ClassRule public static DbTester db = new DbTester(); @Rule public UserSessionRule userSessionRule = UserSessionRule.standalone(); + @Rule + public ExpectedException expectedException = ExpectedException.none(); WsTester ws; DbClient dbClient; DbSession dbSession; ComponentDao componentDao; - System2 system2 = mock(System2.class); @After public void tearDown() { @@ -76,7 +81,7 @@ public class ProjectsProvisionedActionTest { @Test public void all_provisioned_projects_without_analyzed_projects() throws Exception { - userSessionRule.setGlobalPermissions(UserRole.ADMIN); + userSessionRule.setGlobalPermissions(GlobalPermissions.PROVISIONING); ComponentDto analyzedProject = ComponentTesting.newProjectDto("analyzed-uuid-1"); componentDao.insert(dbSession, newProvisionedProject("1"), newProvisionedProject("2"), analyzedProject); SnapshotDto snapshot = SnapshotTesting.createForProject(analyzedProject); @@ -91,7 +96,7 @@ public class ProjectsProvisionedActionTest { @Test public void provisioned_projects_with_correct_pagination() throws Exception { - userSessionRule.setGlobalPermissions(UserRole.ADMIN); + userSessionRule.setGlobalPermissions(GlobalPermissions.PROVISIONING); for (int i = 1; i <= 10; i++) { componentDao.insert(dbSession, newProvisionedProject(String.valueOf(i))); } @@ -108,7 +113,7 @@ public class ProjectsProvisionedActionTest { @Test public void provisioned_projects_with_desired_fields() throws Exception { - userSessionRule.setGlobalPermissions(UserRole.ADMIN); + userSessionRule.setGlobalPermissions(GlobalPermissions.PROVISIONING); componentDao.insert(dbSession, newProvisionedProject("1")); dbSession.commit(); @@ -123,7 +128,7 @@ public class ProjectsProvisionedActionTest { @Test public void provisioned_projects_with_query() throws Exception { - userSessionRule.setGlobalPermissions(UserRole.ADMIN); + userSessionRule.setGlobalPermissions(GlobalPermissions.PROVISIONING); componentDao.insert(dbSession, newProvisionedProject("1"), newProvisionedProject("2")); dbSession.commit(); @@ -139,16 +144,9 @@ public class ProjectsProvisionedActionTest { assertThat(componentDao.countProvisionedProjects(dbSession, "visioned-name-")).isEqualTo(2); } - private static ComponentDto newProvisionedProject(String uuid) { - return ComponentTesting - .newProjectDto("provisioned-uuid-" + uuid) - .setName("provisioned-name-" + uuid) - .setKey("provisioned-key-" + uuid); - } - @Test public void provisioned_projects_as_defined_in_the_example() throws Exception { - userSessionRule.setGlobalPermissions(UserRole.ADMIN); + userSessionRule.setGlobalPermissions(GlobalPermissions.PROVISIONING); ComponentDto hBaseProject = ComponentTesting.newProjectDto("ce4c03d6-430f-40a9-b777-ad877c00aa4d") .setKey("org.apache.hbas:hbase") .setName("HBase") @@ -164,4 +162,20 @@ public class ProjectsProvisionedActionTest { JsonAssert.assertJson(result.outputAsString()).isSimilarTo(Resources.getResource(getClass(), "projects-example-provisioned.json")); } + + @Test + public void fail_when_not_enough_privileges() throws Exception { + expectedException.expect(ForbiddenException.class); + userSessionRule.setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); + componentDao.insert(dbSession, newProvisionedProject("1")); + + ws.newGetRequest("api/projects", "provisioned").execute(); + } + + private static ComponentDto newProvisionedProject(String uuid) { + return ComponentTesting + .newProjectDto("provisioned-uuid-" + uuid) + .setName("provisioned-name-" + uuid) + .setKey("provisioned-key-" + uuid); + } } -- 2.39.5