mirror of
https://github.com/SonarSource/sonarqube.git
synced 2024-09-13 15:45:52 +02:00
SONAR-8151 support anyoneCanCreate in /api/organizations/create
This commit is contained in:
parent
82a14b1821
commit
4a4cf45089
@ -21,9 +21,11 @@ package org.sonar.server.organization.ws;
|
||||
|
||||
import javax.annotation.CheckForNull;
|
||||
import javax.annotation.Nullable;
|
||||
import org.sonar.api.config.Settings;
|
||||
import org.sonar.api.server.ws.Request;
|
||||
import org.sonar.api.server.ws.Response;
|
||||
import org.sonar.api.server.ws.WebService;
|
||||
import org.sonar.core.config.CorePropertyDefinitions;
|
||||
import org.sonar.core.permission.GlobalPermissions;
|
||||
import org.sonar.core.util.UuidFactory;
|
||||
import org.sonar.db.DbClient;
|
||||
@ -46,12 +48,14 @@ import static org.sonar.server.ws.WsUtils.writeProtobuf;
|
||||
public class CreateAction implements OrganizationsAction {
|
||||
private static final String ACTION = "create";
|
||||
|
||||
private final Settings settings;
|
||||
private final UserSession userSession;
|
||||
private final DbClient dbClient;
|
||||
private final UuidFactory uuidFactory;
|
||||
private final OrganizationsWsSupport wsSupport;
|
||||
|
||||
public CreateAction(UserSession userSession, DbClient dbClient, UuidFactory uuidFactory, OrganizationsWsSupport wsSupport) {
|
||||
public CreateAction(Settings settings, UserSession userSession, DbClient dbClient, UuidFactory uuidFactory, OrganizationsWsSupport wsSupport) {
|
||||
this.settings = settings;
|
||||
this.userSession = userSession;
|
||||
this.dbClient = dbClient;
|
||||
this.uuidFactory = uuidFactory;
|
||||
@ -62,7 +66,8 @@ public class CreateAction implements OrganizationsAction {
|
||||
public void define(WebService.NewController context) {
|
||||
WebService.NewAction action = context.createAction(ACTION)
|
||||
.setPost(true)
|
||||
.setDescription("Create an organization.<br /> Requires 'Administer System' permission.")
|
||||
.setDescription("Create an organization.<br />" +
|
||||
"Requires 'Administer System' permission unless any logged in user is allowed to create an organization (see appropriate setting).")
|
||||
.setResponseExample(getClass().getResource("example-create.json"))
|
||||
.setInternal(true)
|
||||
.setSince("6.2")
|
||||
@ -81,7 +86,11 @@ public class CreateAction implements OrganizationsAction {
|
||||
|
||||
@Override
|
||||
public void handle(Request request, Response response) throws Exception {
|
||||
userSession.checkPermission(GlobalPermissions.SYSTEM_ADMIN);
|
||||
if (settings.getBoolean(CorePropertyDefinitions.ORGANIZATIONS_ANYONE_CAN_CREATE)) {
|
||||
userSession.checkLoggedIn();
|
||||
} else {
|
||||
userSession.checkPermission(GlobalPermissions.SYSTEM_ADMIN);
|
||||
}
|
||||
|
||||
String name = wsSupport.getAndCheckName(request);
|
||||
String requestKey = getAndCheckKey(request);
|
||||
|
@ -26,6 +26,8 @@ import org.apache.commons.io.IOUtils;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
import org.sonar.api.config.MapSettings;
|
||||
import org.sonar.api.config.Settings;
|
||||
import org.sonar.api.server.ws.WebService;
|
||||
import org.sonar.api.utils.System2;
|
||||
import org.sonar.core.permission.GlobalPermissions;
|
||||
@ -34,6 +36,7 @@ import org.sonar.core.util.Uuids;
|
||||
import org.sonar.db.DbTester;
|
||||
import org.sonar.db.organization.OrganizationDto;
|
||||
import org.sonar.server.exceptions.ForbiddenException;
|
||||
import org.sonar.server.exceptions.UnauthorizedException;
|
||||
import org.sonar.server.tester.UserSessionRule;
|
||||
import org.sonar.server.ws.TestRequest;
|
||||
import org.sonar.server.ws.WsActionTester;
|
||||
@ -44,6 +47,7 @@ import org.sonarqube.ws.Organizations.Organization;
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.sonar.core.config.CorePropertyDefinitions.ORGANIZATIONS_ANYONE_CAN_CREATE;
|
||||
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.STRING_257_CHARS_LONG;
|
||||
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.STRING_65_CHARS_LONG;
|
||||
import static org.sonar.test.JsonAssert.assertJson;
|
||||
@ -61,8 +65,10 @@ public class CreateActionTest {
|
||||
@Rule
|
||||
public ExpectedException expectedException = ExpectedException.none();
|
||||
|
||||
private Settings settings = new MapSettings()
|
||||
.setProperty(ORGANIZATIONS_ANYONE_CAN_CREATE, false);
|
||||
private UuidFactory uuidFactory = mock(UuidFactory.class);
|
||||
private CreateAction underTest = new CreateAction(userSession, dbTester.getDbClient(), uuidFactory, new OrganizationsWsSupport());
|
||||
private CreateAction underTest = new CreateAction(settings, userSession, dbTester.getDbClient(), uuidFactory, new OrganizationsWsSupport());
|
||||
private WsActionTester wsTester = new WsActionTester(underTest);
|
||||
|
||||
@Test
|
||||
@ -70,7 +76,8 @@ public class CreateActionTest {
|
||||
WebService.Action action = wsTester.getDef();
|
||||
assertThat(action.key()).isEqualTo("create");
|
||||
assertThat(action.isPost()).isTrue();
|
||||
assertThat(action.description()).isEqualTo("Create an organization.<br /> Requires 'Administer System' permission.");
|
||||
assertThat(action.description()).isEqualTo("Create an organization.<br />" +
|
||||
"Requires 'Administer System' permission unless any logged in user is allowed to create an organization (see appropriate setting).");
|
||||
assertThat(action.isInternal()).isTrue();
|
||||
assertThat(action.since()).isEqualTo("6.2");
|
||||
assertThat(action.handler()).isEqualTo(underTest);
|
||||
@ -109,13 +116,40 @@ public class CreateActionTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void request_fails_if_user_does_not_have_SYSTEM_ADMIN_permission() {
|
||||
public void request_fails_if_user_does_not_have_SYSTEM_ADMIN_permission_and_logged_in_user_can_not_create_organizations() {
|
||||
expectedException.expect(ForbiddenException.class);
|
||||
expectedException.expectMessage("Insufficient privileges");
|
||||
|
||||
executeRequest("name");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void request_succeeds_if_user_has_SYSTEM_ADMIN_permission_and_logged_in_user_can_not_create_organizations() {
|
||||
giveUserSystemAdminPermission();
|
||||
mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
|
||||
|
||||
verifyResponseAndDb(executeRequest("foo"), SOME_UUID, "foo", "foo", SOME_DATE);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void request_fails_if_user_is_not_logged_in_and_logged_in_user_can_create_organizations() {
|
||||
settings.setProperty(ORGANIZATIONS_ANYONE_CAN_CREATE, true);
|
||||
|
||||
expectedException.expect(UnauthorizedException.class);
|
||||
expectedException.expectMessage("Authentication is required");
|
||||
|
||||
executeRequest("name");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void request_succeeds_if_user_is_logged_in_and_logged_in_user_can_create_organizations() {
|
||||
settings.setProperty(ORGANIZATIONS_ANYONE_CAN_CREATE, true);
|
||||
userSession.login();
|
||||
mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
|
||||
|
||||
verifyResponseAndDb(executeRequest("foo"), SOME_UUID, "foo", "foo", SOME_DATE);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void request_fails_if_name_param_is_missing() {
|
||||
giveUserSystemAdminPermission();
|
||||
|
@ -48,8 +48,7 @@ public class CorePropertyDefinitions {
|
||||
private static final String TIMEMACHINE_DEFAULT_PERIOD_5 = "";
|
||||
|
||||
private static final String CATEGORY_ORGANIZATIONS = "organizations";
|
||||
private static final String ORGANIZATIONS_ANYONE_CAN_CREATE = "sonar.organizations.anyoneCanCreate";
|
||||
private static final boolean ORGANIZATIONS_ANYONE_CAN_CREATE_DEFAULT_VALUE = false;
|
||||
public static final String ORGANIZATIONS_ANYONE_CAN_CREATE = "sonar.organizations.anyoneCanCreate";
|
||||
|
||||
private CorePropertyDefinitions() {
|
||||
// only static stuff
|
||||
@ -290,7 +289,7 @@ public class CorePropertyDefinitions {
|
||||
// ORGANIZATIONS
|
||||
PropertyDefinition.builder(ORGANIZATIONS_ANYONE_CAN_CREATE)
|
||||
.name("Allow any authenticated user to create organizations")
|
||||
.defaultValue(Boolean.toString(ORGANIZATIONS_ANYONE_CAN_CREATE_DEFAULT_VALUE))
|
||||
.defaultValue(Boolean.toString(false))
|
||||
.category(CATEGORY_ORGANIZATIONS)
|
||||
.type(PropertyType.BOOLEAN)
|
||||
.build()));
|
||||
|
Loading…
Reference in New Issue
Block a user