From ffd013ca900c526e74f009d1cdf3b769a866284f Mon Sep 17 00:00:00 2001 From: Viktor Vorona Date: Fri, 5 May 2023 12:20:46 +0200 Subject: [PATCH] SONAR-18596 Change permissions for get_binding API to Browse --- .../almsettings/ws/GetBindingActionIT.java | 17 ++++++++--------- .../server/almsettings/ws/GetBindingAction.java | 9 +++++---- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/almsettings/ws/GetBindingActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/almsettings/ws/GetBindingActionIT.java index 36ba01895f8..beb7bdf66f6 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/almsettings/ws/GetBindingActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/almsettings/ws/GetBindingActionIT.java @@ -39,7 +39,6 @@ import org.sonarqube.ws.AlmSettings.GetBindingWsResponse; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.groups.Tuple.tuple; -import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.USER; import static org.sonar.test.JsonAssert.assertJson; @@ -63,7 +62,7 @@ public class GetBindingActionIT { @Test public void get_github_project_binding() { - userSession.logIn(user).addProjectPermission(ADMIN, project); + userSession.logIn(user).addProjectPermission(USER, project); AlmSettingDto githubAlmSetting = db.almSettings().insertGitHubAlmSetting(); ProjectAlmSettingDto githubProjectAlmSetting = db.almSettings().insertGitHubProjectAlmSetting(githubAlmSetting, project); @@ -80,7 +79,7 @@ public class GetBindingActionIT { @Test public void get_azure_project_binding() { - userSession.logIn(user).addProjectPermission(ADMIN, project); + userSession.logIn(user).addProjectPermission(USER, project); AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting(); ProjectAlmSettingDto projectAlmSettingDto = db.almSettings().insertAzureMonoRepoProjectAlmSetting(almSetting, project); @@ -101,7 +100,7 @@ public class GetBindingActionIT { public void get_gitlab_project_binding() { UserDto user = db.users().insertUser(); ProjectDto project = db.components().insertPrivateProjectDto(); - userSession.logIn(user).addProjectPermission(ADMIN, project); + userSession.logIn(user).addProjectPermission(USER, project); AlmSettingDto almSetting = db.almSettings().insertGitlabAlmSetting(); db.almSettings().insertGitlabProjectAlmSetting(almSetting, project); @@ -119,7 +118,7 @@ public class GetBindingActionIT { @Test public void get_bitbucket_project_binding() { - userSession.logIn(user).addProjectPermission(ADMIN, project); + userSession.logIn(user).addProjectPermission(USER, project); AlmSettingDto almSetting = db.almSettings().insertBitbucketAlmSetting(); ProjectAlmSettingDto projectAlmSettingDto = db.almSettings().insertBitbucketProjectAlmSetting(almSetting, project); @@ -137,7 +136,7 @@ public class GetBindingActionIT { @Test public void fail_when_project_does_not_exist() { - userSession.logIn(user).addProjectPermission(ADMIN, project); + userSession.logIn(user).addProjectPermission(USER, project); AlmSettingDto githubAlmSetting = db.almSettings().insertGitHubAlmSetting(); db.almSettings().insertGitHubProjectAlmSetting(githubAlmSetting, project); @@ -148,8 +147,8 @@ public class GetBindingActionIT { } @Test - public void fail_when_missing_administer_permission_on_project() { - userSession.logIn(user).addProjectPermission(USER, project); + public void fail_when_missing_browse_permission_on_project() { + userSession.logIn(user); AlmSettingDto githubAlmSetting = db.almSettings().insertGitHubAlmSetting(); db.almSettings().insertGitHubProjectAlmSetting(githubAlmSetting, project); @@ -161,7 +160,7 @@ public class GetBindingActionIT { @Test public void json_example() { - userSession.logIn(user).addProjectPermission(ADMIN, project); + userSession.logIn(user).addProjectPermission(USER, project); AlmSettingDto githubAlmSetting = db.almSettings().insertGitHubAlmSetting( almSettingDto -> almSettingDto .setKey("GitHub Server - Dev Team") diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GetBindingAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GetBindingAction.java index a977aa505dc..aa818b82b93 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GetBindingAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GetBindingAction.java @@ -35,7 +35,7 @@ import org.sonarqube.ws.AlmSettings.GetBindingWsResponse; import static java.lang.String.format; import static java.util.Optional.ofNullable; -import static org.sonar.api.web.UserRole.ADMIN; +import static org.sonar.api.web.UserRole.USER; import static org.sonar.server.almsettings.ws.AlmSettingsSupport.toAlmWs; import static org.sonar.server.ws.WsUtils.writeProtobuf; @@ -57,12 +57,13 @@ public class GetBindingAction implements AlmSettingsWsAction { public void define(WebService.NewController context) { WebService.NewAction action = context.createAction("get_binding") .setDescription("Get DevOps Platform binding of a given project.
" + - "Requires the 'Administer' permission on the project") + "Requires the 'Browse' permission on the project") .setSince("8.1") .setResponseExample(getClass().getResource("example-get_binding.json")) .setChangelog( new Change("8.6", "Azure binding now contains the project and repository names"), - new Change("8.7", "Azure binding now contains a monorepo flag for monorepo feature in Enterprise Edition and above")) + new Change("8.7", "Azure binding now contains a monorepo flag for monorepo feature in Enterprise Edition and above"), + new Change("10.1", "Permission needed changed from 'Administer' to 'Browse'")) .setHandler(this); action @@ -81,7 +82,7 @@ public class GetBindingAction implements AlmSettingsWsAction { String projectKey = request.mandatoryParam(PARAM_PROJECT); try (DbSession dbSession = dbClient.openSession(false)) { ProjectDto project = componentFinder.getProjectByKey(dbSession, projectKey); - userSession.checkProjectPermission(ADMIN, project); + userSession.checkProjectPermission(USER, project); ProjectAlmSettingDto projectAlmSetting = dbClient.projectAlmSettingDao().selectByProject(dbSession, project) .orElseThrow(() -> new NotFoundException(format("Project '%s' is not bound to any DevOps Platform", project.getKey()))); AlmSettingDto almSetting = dbClient.almSettingDao().selectByUuid(dbSession, projectAlmSetting.getAlmSettingUuid()) -- 2.39.5