From c4787c85599d0f9db0b2a7be05560229e36e376e Mon Sep 17 00:00:00 2001
From: Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Date: Thu, 27 Apr 2017 09:03:58 +0200
Subject: [PATCH] SONAR-9054 WS api/navigation/organization filter out billing
 pages for personal organization

---
 .../server/ui/ws/OrganizationAction.java      |  7 ++--
 .../server/ui/ws/OrganizationActionTest.java  | 34 +++++++++++++++++++
 2 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
index dcecc5ef1db..a834d1c8372 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
@@ -21,6 +21,7 @@ package org.sonar.server.ui.ws;
 
 import java.util.List;
 import java.util.function.Consumer;
+import java.util.function.Predicate;
 import org.sonar.api.server.ws.Request;
 import org.sonar.api.server.ws.Response;
 import org.sonar.api.server.ws.WebService;
@@ -34,6 +35,7 @@ import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.ui.PageRepository;
 import org.sonar.server.user.UserSession;
 
+import static org.sonar.core.util.stream.MoreCollectors.toList;
 import static org.sonar.server.ws.KeyExamples.KEY_ORG_EXAMPLE_001;
 import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
 
@@ -92,11 +94,12 @@ public class OrganizationAction implements NavigationWsAction {
       .prop("canProvisionProjects", userSession.hasPermission(OrganizationPermission.PROVISION_PROJECTS, organization))
       .prop("canDelete", organization.isGuarded() ? userSession.isSystemAdministrator() : userSession.hasPermission(OrganizationPermission.ADMINISTER, organization))
       .prop("isDefault", organization.getKey().equals(defaultOrganizationProvider.get().getKey()));
-    List<Page> pages = pageRepository.getOrganizationPages(false);
+    Predicate<Page> personalOrgForBilling = page -> organization.getUserId() == null || !page.getKey().startsWith("billing/");
+    List<Page> pages = pageRepository.getOrganizationPages(false).stream().filter(personalOrgForBilling).collect(toList());
     json.name("pages");
     writePages(json, pages);
     if (userSession.hasPermission(OrganizationPermission.ADMINISTER, organization)) {
-      List<Page> adminPages = pageRepository.getOrganizationPages(true);
+      List<Page> adminPages = pageRepository.getOrganizationPages(true).stream().filter(personalOrgForBilling).collect(toList());
       json.name("adminPages");
       writePages(json, adminPages);
     }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
index 46ab77d70f6..813f070d5ab 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
@@ -119,6 +119,40 @@ public class OrganizationActionTest {
       .doesNotContain("my-plugin/org-admin-page");
   }
 
+  @Test
+  public void filter_out_billing_pages_for_personal_organizations() {
+    initWithPages(
+      Page.builder("my-plugin/org-page").setName("Organization page").setScope(ORGANIZATION).build(),
+      Page.builder("my-plugin/org-admin-page").setName("Organization admin page").setScope(ORGANIZATION).setAdmin(true).build(),
+      Page.builder("billing/org-page").setName("Organization page").setScope(ORGANIZATION).build(),
+      Page.builder("billing/org-admin-page").setName("Organization admin page").setScope(ORGANIZATION).setAdmin(true).build()
+    );
+    OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setUserId(101));
+    userSession.logIn().addPermission(ADMINISTER, organization);
+
+    TestResponse response = executeRequest(organization);
+
+    assertThat(response.getInput())
+      .contains("my-plugin/org-page", "my-plugin/org-admin-page")
+      .doesNotContain("billing/org-page")
+      .doesNotContain("billing/org-admin-page");
+  }
+
+  @Test
+  public void include_billing_pages_for_non_personal_organizations() {
+    initWithPages(
+      Page.builder("billing/org-page").setName("Organization page").setScope(ORGANIZATION).build(),
+      Page.builder("billing/org-admin-page").setName("Organization admin page").setScope(ORGANIZATION).setAdmin(true).build()
+    );
+    OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setUserId(null));
+    userSession.logIn().addPermission(ADMINISTER, organization);
+
+    TestResponse response = executeRequest(organization);
+
+    assertThat(response.getInput())
+      .contains("billing/org-page", "billing/org-admin-page");
+  }
+
   @Test
   public void returns_non_admin_and_canDelete_false_when_user_not_logged_in_and_key_is_the_default_organization() {
     TestResponse response = executeRequest(dbTester.getDefaultOrganization());
-- 
2.39.5