@@ -30,7 +30,6 @@ import org.junit.Test; | |||
import org.sonar.wsclient.SonarClient; | |||
import org.sonar.wsclient.user.UserParameters; | |||
import org.sonarqube.ws.client.WsClient; | |||
import org.sonarqube.ws.client.permission.AddUserWsRequest; | |||
import util.selenium.SeleneseTest; | |||
import static util.ItUtils.newAdminWsClient; | |||
@@ -85,7 +84,7 @@ public class MeasureFiltersTest { | |||
public void share_measure_filters() { | |||
// SONAR-4099 | |||
String user = "user-measures-filter-with-sharing-perm"; | |||
createUser(user, "User Measure Filters with sharing permission", "shareDashboard"); | |||
createUser(user, "User Measure Filters with sharing permission"); | |||
try { | |||
Selenese selenese = Selenese.builder().setHtmlTestsInClasspath("share_measure_filters", | |||
@@ -97,22 +96,6 @@ public class MeasureFiltersTest { | |||
} | |||
} | |||
/** | |||
* SONAR-4099 | |||
*/ | |||
@Test | |||
public void should_not_share_filter_when_user_have_no_sharing_permissions() { | |||
String user = "user-measures-filter-with-no-share-perm"; | |||
createUser(user, "User Measure Filters without sharing permission"); | |||
try { | |||
new SeleneseTest(Selenese.builder().setHtmlTestsInClasspath("should_not_share_filter_when_user_have_no_sharing_permissions", | |||
"/measureFilter/MeasureFiltersTest/should-not-share-filter-when-user-have-no-sharing-permissions.html").build()).runOn(orchestrator); | |||
} finally { | |||
deactivateUser(user); | |||
} | |||
} | |||
@Test | |||
public void copy_measure_filters() { | |||
Selenese selenese = Selenese.builder().setHtmlTestsInClasspath("copy_measure_filters", | |||
@@ -138,19 +121,9 @@ public class MeasureFiltersTest { | |||
} | |||
private static void createUser(String login, String name) { | |||
createUser(login, name, null); | |||
} | |||
private static void createUser(String login, String name, String permission) { | |||
SonarClient client = orchestrator.getServer().adminWsClient(); | |||
UserParameters userCreationParameters = UserParameters.create().login(login).name(name).password("password").passwordConfirmation("password"); | |||
client.userClient().create(userCreationParameters); | |||
if (permission != null) { | |||
adminWsClient.permissions().addUser(new AddUserWsRequest() | |||
.setLogin(login) | |||
.setPermission(permission)); | |||
} | |||
} | |||
private static void deactivateUser(String user) { |
@@ -1,99 +0,0 @@ | |||
<?xml version="1.0" encoding="UTF-8"?> | |||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | |||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> | |||
<head profile="http://selenium-ide.openqa.org/profiles/test-case"> | |||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> | |||
<title>should_save_issue_filters</title> | |||
</head> | |||
<body> | |||
<table cellpadding="1" cellspacing="1" border="1"> | |||
<tbody> | |||
<tr> | |||
<td>storeEval</td> | |||
<td>'filter_'+(new Date()).getTime()</td> | |||
<td>FILTER_NAME</td> | |||
</tr> | |||
<tr> | |||
<td>open</td> | |||
<td>/sessions/logout</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>open</td> | |||
<td>/sessions/new</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>type</td> | |||
<td>login</td> | |||
<td>user-measures-filter-with-no-share-perm</td> | |||
</tr> | |||
<tr> | |||
<td>type</td> | |||
<td>password</td> | |||
<td>password</td> | |||
</tr> | |||
<tr> | |||
<td>clickAndWait</td> | |||
<td>commit</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>waitForElementPresent</td> | |||
<td>css=.js-user-authenticated</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>open</td> | |||
<td>/measures</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>click</td> | |||
<td>css=.navigator-filter[title='Components: Any']</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>click</td> | |||
<td>css=label[title='Projects']</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>clickAndWait</td> | |||
<td>class=navigator-filter-submit</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>click</td> | |||
<td>id=save-as</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>waitForText</td> | |||
<td>save-as-filter-form</td> | |||
<td>*Save Filter*</td> | |||
</tr> | |||
<tr> | |||
<td>type</td> | |||
<td>id=name</td> | |||
<td>user_${FILTER_NAME}</td> | |||
</tr> | |||
<tr> | |||
<td>assertNotText</td> | |||
<td>save-as-filter-form</td> | |||
<td>*Shared with all users*</td> | |||
</tr> | |||
<tr> | |||
<td>click</td> | |||
<td>id=save-as-submit</td> | |||
<td></td> | |||
</tr> | |||
<tr> | |||
<td>waitForText</td> | |||
<td>filter-title</td> | |||
<td>*user_${FILTER_NAME}*Private*</td> | |||
</tr> | |||
</tbody> | |||
</table> | |||
</body> | |||
</html> |
@@ -204,11 +204,7 @@ public class IssueFilterService { | |||
} | |||
public boolean canShareFilter(UserSession userSession) { | |||
if (userSession.isLoggedIn()) { | |||
String user = userSession.getLogin(); | |||
return hasUserSharingPermission(user); | |||
} | |||
return false; | |||
return userSession.isLoggedIn(); | |||
} | |||
public String getLoggedLogin(UserSession userSession) { | |||
@@ -243,12 +239,6 @@ public class IssueFilterService { | |||
} | |||
} | |||
private void verifyCurrentUserCanShareFilter(IssueFilterDto issueFilter, String user) { | |||
if (issueFilter.isShared() && !hasUserSharingPermission(user)) { | |||
throw new ForbiddenException("User cannot own this filter because of insufficient rights"); | |||
} | |||
} | |||
private void validateFilter(final IssueFilterDto issueFilter) { | |||
List<IssueFilterDto> userFilters = selectUserIssueFilters(issueFilter.getUserLogin()); | |||
IssueFilterDto userFilterSameName = findFilterWithSameName(userFilters, issueFilter.getName()); | |||
@@ -261,7 +251,6 @@ public class IssueFilterService { | |||
if (sharedFilterWithSameName != null && !sharedFilterWithSameName.getId().equals(issueFilter.getId())) { | |||
throw new BadRequestException("Other users already share filters with the same name"); | |||
} | |||
verifyCurrentUserCanShareFilter(issueFilter, issueFilter.getUserLogin()); | |||
} | |||
} | |||
@@ -322,10 +311,6 @@ public class IssueFilterService { | |||
return new IssueFilterResult(issues.getDocs(), paging); | |||
} | |||
private boolean hasUserSharingPermission(String user) { | |||
return permissionDao.selectGlobalPermissions(user).contains(GlobalPermissions.DASHBOARD_SHARING); | |||
} | |||
private boolean isFilterOwnedByUser(IssueFilterDto filter, String login) { | |||
String ownerLogin = filter.getUserLogin(); | |||
return ownerLogin != null && ownerLogin.equals(login); |
@@ -21,13 +21,6 @@ | |||
"usersCount": 2, | |||
"groupsCount": 0 | |||
}, | |||
{ | |||
"key": "shareDashboard", | |||
"name": "Share Dashboards And Filters", | |||
"description": "Ability to share dashboards, issue filters and measure filters.", | |||
"usersCount": 0, | |||
"groupsCount": 1 | |||
}, | |||
{ | |||
"key": "scan", | |||
"name": "Execute Analysis", |
@@ -18,7 +18,6 @@ | |||
"admin", | |||
"profileadmin", | |||
"gateadmin", | |||
"shareDashboard", | |||
"scan", | |||
"provisioning" | |||
] |
@@ -168,7 +168,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void fail_with_forbidden_exception_when_no_scan_permission() { | |||
userSession.setGlobalPermissions(GlobalPermissions.DASHBOARD_SHARING); | |||
userSession.setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
thrown.expect(ForbiddenException.class); | |||
underTest.submit(PROJECT_KEY, null, PROJECT_NAME, IOUtils.toInputStream("{binary}")); |
@@ -217,7 +217,7 @@ public class IssueFilterServiceTest { | |||
@Test | |||
public void should_not_save_shared_filter_if_name_already_used_by_shared_filter() { | |||
when(issueFilterDao.selectByUser(eq("john"))).thenReturn(Collections.<IssueFilterDto>emptyList()); | |||
when(issueFilterDao.selectByUser(eq("john"))).thenReturn(Collections.emptyList()); | |||
when(issueFilterDao.selectSharedFilters()).thenReturn(newArrayList(new IssueFilterDto().setId(1L).setName("My Issue").setUserLogin("henry").setShared(true))); | |||
IssueFilterDto issueFilter = new IssueFilterDto().setName("My Issue").setShared(true); | |||
try { | |||
@@ -239,34 +239,8 @@ public class IssueFilterServiceTest { | |||
verify(issueFilterDao).update(any(IssueFilterDto.class)); | |||
} | |||
@Test | |||
public void should_have_permission_to_share_filter() { | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); | |||
when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Filter").setShared(false).setUserLogin("john")); | |||
IssueFilterDto result = underTest.update(new IssueFilterDto().setId(1L).setName("My Filter").setShared(true).setUserLogin("john"), userSession); | |||
assertThat(result.isShared()).isTrue(); | |||
verify(issueFilterDao).update(any(IssueFilterDto.class)); | |||
} | |||
@Test | |||
public void should_not_share_filter_if_no_permission() { | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(Collections.<String>emptyList()); | |||
when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Filter").setShared(false).setUserLogin("john")); | |||
try { | |||
underTest.update(new IssueFilterDto().setId(1L).setName("My Filter").setShared(true).setUserLogin("john"), userSession); | |||
fail(); | |||
} catch (Exception e) { | |||
assertThat(e).isInstanceOf(ForbiddenException.class).hasMessage("User cannot own this filter because of insufficient rights"); | |||
} | |||
verify(issueFilterDao, never()).update(any(IssueFilterDto.class)); | |||
} | |||
@Test | |||
public void should_not_share_filter_if_filter_owner_is_platform() { | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); | |||
when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Filter").setShared(false)); | |||
try { | |||
@@ -321,9 +295,8 @@ public class IssueFilterServiceTest { | |||
} | |||
@Test | |||
public void should_update_other_shared_filter_if_admin_and_if_filter_owner_has_sharing_permission() { | |||
public void should_update_other_shared_filter_if_admin() { | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.SYSTEM_ADMIN)); | |||
when(permissionDao.selectGlobalPermissions("arthur")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); | |||
when(issueFilterDao.selectById(1L)) | |||
.thenReturn(new IssueFilterDto().setId(1L).setName("My Old Filter").setDescription("Old description").setUserLogin("arthur").setShared(true)); | |||
@@ -336,9 +309,8 @@ public class IssueFilterServiceTest { | |||
} | |||
@Test | |||
public void should_not_update_other_shared_filter_if_admin_and_if_filter_owner_has_no_sharing_permission() { | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.SYSTEM_ADMIN)); | |||
when(permissionDao.selectGlobalPermissions("arthur")).thenReturn(Collections.<String>emptyList()); | |||
public void should_not_update_other_shared_filter_if_not_admin() { | |||
when(permissionDao.selectGlobalPermissions("arthur")).thenReturn(Collections.emptyList()); | |||
when(issueFilterDao.selectById(1L)) | |||
.thenReturn(new IssueFilterDto().setId(1L).setName("My Old Filter").setDescription("Old description").setUserLogin("arthur").setShared(true)); | |||
@@ -346,7 +318,7 @@ public class IssueFilterServiceTest { | |||
underTest.update(new IssueFilterDto().setId(1L).setName("My New Filter").setDescription("New description").setShared(true).setUserLogin("arthur"), userSession); | |||
fail(); | |||
} catch (Exception e) { | |||
assertThat(e).isInstanceOf(ForbiddenException.class).hasMessage("User cannot own this filter because of insufficient rights"); | |||
assertThat(e).isInstanceOf(ForbiddenException.class).hasMessage("User is not authorized to modify this filter"); | |||
} | |||
verify(issueFilterDao, never()).update(any(IssueFilterDto.class)); | |||
} | |||
@@ -411,8 +383,6 @@ public class IssueFilterServiceTest { | |||
IssueFilterDto sharedFilter = new IssueFilterDto().setId(1L).setName("My filter").setUserLogin("former.owner").setShared(true); | |||
IssueFilterDto expectedDto = new IssueFilterDto().setName("My filter").setUserLogin("new.owner").setShared(true); | |||
// New owner should have sharing perm in order to own the filter | |||
when(permissionDao.selectGlobalPermissions("new.owner")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.SYSTEM_ADMIN)); | |||
when(issueFilterDao.selectById(1L)).thenReturn(sharedFilter); | |||
@@ -602,7 +572,7 @@ public class IssueFilterServiceTest { | |||
public void should_add_favourite_issue_filter_id() { | |||
when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Issues").setUserLogin("john").setData("componentRoots=struts")); | |||
// The filter is not in the favorite list --> add to favorite | |||
when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.<IssueFilterFavouriteDto>emptyList()); | |||
when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.emptyList()); | |||
ArgumentCaptor<IssueFilterFavouriteDto> issueFilterFavouriteDtoCaptor = ArgumentCaptor.forClass(IssueFilterFavouriteDto.class); | |||
boolean result = underTest.toggleFavouriteIssueFilter(1L, userSession); | |||
@@ -618,7 +588,7 @@ public class IssueFilterServiceTest { | |||
public void should_add_favourite_on_shared_filter() { | |||
when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Issues").setUserLogin("arthur").setShared(true)); | |||
// The filter is not in the favorite list --> add to favorite | |||
when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.<IssueFilterFavouriteDto>emptyList()); | |||
when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.emptyList()); | |||
ArgumentCaptor<IssueFilterFavouriteDto> issueFilterFavouriteDtoCaptor = ArgumentCaptor.forClass(IssueFilterFavouriteDto.class); | |||
boolean result = underTest.toggleFavouriteIssueFilter(1L, userSession); | |||
@@ -675,16 +645,11 @@ public class IssueFilterServiceTest { | |||
} | |||
@Test | |||
public void user_can_share_filter_if_logged_and_own_sharing_permission() { | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); | |||
public void user_can_share_filter_if_logged() { | |||
UserSession userSession = new MockUserSession("john"); | |||
assertThat(underTest.canShareFilter(userSession)).isTrue(); | |||
assertThat(underTest.canShareFilter(new AnonymousMockUserSession())).isFalse(); | |||
when(permissionDao.selectGlobalPermissions("john")).thenReturn(Collections.<String>emptyList()); | |||
userSession = new MockUserSession("john"); | |||
assertThat(underTest.canShareFilter(userSession)).isFalse(); | |||
} | |||
@Test |
@@ -34,6 +34,7 @@ import org.sonar.api.config.PropertyDefinition; | |||
import org.sonar.api.config.PropertyDefinitions; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.property.PropertyDbTester; | |||
@@ -50,7 +51,6 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Java6Assertions.entry; | |||
import static org.sonar.api.CoreProperties.PERMANENT_SERVER_ID; | |||
import static org.sonar.api.PropertyType.LICENSE; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.property.PropertyTesting.newGlobalPropertyDto; | |||
@@ -260,7 +260,7 @@ public class ListActionTest { | |||
@Test | |||
public void fail_when_not_system_admin() throws Exception { | |||
userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
definitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
expectedException.expect(ForbiddenException.class); |
@@ -117,7 +117,7 @@ public class PermissionChangeTest { | |||
PermissionChange query = PermissionChange.buildFromParams(inconsistentParams); | |||
thrown.expect(BadRequestException.class); | |||
thrown.expectMessage("Invalid global permission key invalid. Valid values are [admin, profileadmin, gateadmin, shareDashboard, scan, provisioning]"); | |||
thrown.expectMessage("Invalid global permission key invalid. Valid values are [admin, profileadmin, gateadmin, scan, provisioning]"); | |||
query.validate(); | |||
} | |||
@@ -40,7 +40,6 @@ import org.sonarqube.ws.MediaTypes; | |||
import org.sonarqube.ws.WsPermissions; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; | |||
@@ -75,7 +74,6 @@ public class SearchGlobalPermissionsActionTest { | |||
insertGroupRole(newGroupRole(SCAN_EXECUTION, userGroup.getId())); | |||
insertGroupRole(newGroupRole(SYSTEM_ADMIN, adminGroup.getId())); | |||
insertGroupRole(newGroupRole(PROVISIONING, userGroup.getId())); | |||
insertGroupRole(newGroupRole(DASHBOARD_SHARING, null)); | |||
UserDto user = insertUser(newUserDto("user", "user-name")); | |||
UserDto adminUser = insertUser(newUserDto("admin", "admin-name")); | |||
@@ -126,8 +124,6 @@ public class SearchGlobalPermissionsActionTest { | |||
i18n.put("global_permissions.profileadmin.desc", "Ability to perform any action on the quality profiles."); | |||
i18n.put("global_permissions.gateadmin", "Administer Quality Gates"); | |||
i18n.put("global_permissions.gateadmin.desc", "Ability to perform any action on the quality gates."); | |||
i18n.put("global_permissions.shareDashboard", "Share Dashboards And Filters"); | |||
i18n.put("global_permissions.shareDashboard.desc", "Ability to share dashboards, issue filters and measure filters."); | |||
i18n.put("global_permissions.scan", "Execute Analysis"); | |||
i18n.put("global_permissions.scan.desc", "Ability to execute analyses, and to get all settings required to perform the analysis, " + | |||
"even the secured ones like the scm account password, the jira account password, and so on."); |
@@ -27,6 +27,7 @@ import org.junit.Test; | |||
import org.junit.rules.ExpectedException; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
@@ -52,7 +53,6 @@ import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto; | |||
import static org.sonar.db.user.GroupTesting.newGroupDto; | |||
@@ -374,7 +374,7 @@ public class TemplateGroupsActionTest { | |||
expectedException.expect(BadRequestException.class); | |||
ws.newRequest() | |||
.setParam(PARAM_PERMISSION, DASHBOARD_SHARING) | |||
.setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) | |||
.setParam(PARAM_TEMPLATE_ID, template1.getUuid()) | |||
.execute(); | |||
} |
@@ -126,7 +126,7 @@ public class AddProjectCreatorToTemplateActionTest { | |||
expectedException.expect(BadRequestException.class); | |||
call(ws.newRequest() | |||
.setParam(PARAM_PERMISSION, GlobalPermissions.DASHBOARD_SHARING) | |||
.setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) | |||
.setParam(PARAM_TEMPLATE_ID, template.getUuid())); | |||
} | |||
@@ -128,7 +128,7 @@ public class RemoveProjectCreatorFromTemplateActionTest { | |||
expectedException.expect(BadRequestException.class); | |||
call(ws.newRequest() | |||
.setParam(PARAM_PERMISSION, GlobalPermissions.DASHBOARD_SHARING) | |||
.setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) | |||
.setParam(PARAM_TEMPLATE_ID, template.getUuid())); | |||
} | |||
@@ -20,13 +20,12 @@ | |||
package org.sonar.server.plugins.ws; | |||
import com.google.common.base.Optional; | |||
import org.junit.Ignore; | |||
import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.junit.rules.ExpectedException; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.DateUtils; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.tester.UserSessionRule; | |||
import org.sonar.server.ws.WsTester; | |||
@@ -39,7 +38,6 @@ import static com.google.common.collect.ImmutableList.of; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.mockito.Matchers.anyBoolean; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonar.updatecenter.common.PluginUpdate.Status.COMPATIBLE; | |||
@@ -147,7 +145,7 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio | |||
@Test | |||
public void fail_when_user_is_not_admin() throws Exception { | |||
userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
expectedException.expect(ForbiddenException.class); | |||
underTest.handle(request, response); |
@@ -29,6 +29,7 @@ import org.junit.rules.TemporaryFolder; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.server.ws.WebService.Param; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.core.platform.PluginInfo; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.plugins.ServerPluginRepository; | |||
@@ -46,7 +47,6 @@ import static org.mockito.Mockito.RETURNS_DEEP_STUBS; | |||
import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.verifyZeroInteractions; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
@@ -270,7 +270,7 @@ public class InstalledActionTest { | |||
@Test | |||
public void fail_when_user_is_not_sys_admin() throws Exception { | |||
userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
expectedException.expect(ForbiddenException.class); | |||
underTest.handle(request, response); |
@@ -27,6 +27,7 @@ import org.junit.Test; | |||
import org.junit.rules.ExpectedException; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.core.platform.PluginInfo; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.plugins.PluginDownloader; | |||
@@ -43,7 +44,6 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.mockito.Mockito.RETURNS_DEEP_STUBS; | |||
import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
@@ -92,8 +92,7 @@ public class PendingActionTest { | |||
" \"installing\": []," + | |||
" \"removing\": []," + | |||
" \"updating\": []" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
@@ -108,8 +107,7 @@ public class PendingActionTest { | |||
" \"installing\": []," + | |||
" \"removing\": []," + | |||
" \"updating\": []" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
@@ -140,8 +138,7 @@ public class PendingActionTest { | |||
" ]," + | |||
" \"removing\": []," + | |||
" \"updating\": []" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
@@ -170,8 +167,7 @@ public class PendingActionTest { | |||
" \"implementationBuild\": \"9ce9d330c313c296fab051317cc5ad4b26319e07\"" + | |||
" }" + | |||
" ]" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
@@ -193,8 +189,7 @@ public class PendingActionTest { | |||
" \"key\": \"scmgit\"" + | |||
" }" + | |||
" ]" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
@@ -231,8 +226,7 @@ public class PendingActionTest { | |||
" \"key\": \"java\"" + | |||
" }" + | |||
" ]" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
@@ -241,8 +235,7 @@ public class PendingActionTest { | |||
when(pluginDownloader.getDownloadedPlugins()).thenReturn(of( | |||
newPluginInfo(0).setName("Foo"), | |||
newPluginInfo(3).setName("Bar"), | |||
newPluginInfo(2).setName("Bar") | |||
)); | |||
newPluginInfo(2).setName("Bar"))); | |||
underTest.handle(request, response); | |||
@@ -265,8 +258,7 @@ public class PendingActionTest { | |||
" ]," + | |||
" \"removing\": []," + | |||
" \"updating\": []" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
@@ -275,8 +267,7 @@ public class PendingActionTest { | |||
when(serverPluginRepository.getUninstalledPlugins()).thenReturn(of( | |||
newPluginInfo(0).setName("Foo"), | |||
newPluginInfo(3).setName("Bar"), | |||
newPluginInfo(2).setName("Bar") | |||
)); | |||
newPluginInfo(2).setName("Bar"))); | |||
underTest.handle(request, response); | |||
@@ -299,13 +290,12 @@ public class PendingActionTest { | |||
" \"name\": \"Foo\"," + | |||
" }" + | |||
" ]" + | |||
"}" | |||
); | |||
"}"); | |||
} | |||
@Test | |||
public void fail_when_user_is_not_sys_admin() throws Exception { | |||
userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
expectedException.expect(ForbiddenException.class); | |||
underTest.handle(request, response); |
@@ -24,6 +24,7 @@ import org.junit.Test; | |||
import org.junit.rules.ExpectedException; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.DateUtils; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.tester.UserSessionRule; | |||
import org.sonar.server.ws.WsTester; | |||
@@ -33,7 +34,6 @@ import org.sonar.updatecenter.common.Release; | |||
import static com.google.common.collect.ImmutableList.of; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonar.updatecenter.common.PluginUpdate.Status.COMPATIBLE; | |||
@@ -184,7 +184,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT | |||
@Test | |||
public void fail_when_user_is_not_sys_admin() throws Exception { | |||
userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
expectedException.expect(ForbiddenException.class); | |||
underTest.handle(request, response); |
@@ -25,6 +25,7 @@ import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
@@ -40,7 +41,6 @@ import static org.sonar.api.measures.Metric.ValueType.DISTRIB; | |||
import static org.sonar.api.measures.Metric.ValueType.INT; | |||
import static org.sonar.api.measures.Metric.ValueType.RATING; | |||
import static org.sonar.api.measures.Metric.ValueType.WORK_DUR; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.db.metric.MetricTesting.newMetricDto; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
@@ -170,7 +170,7 @@ public class AppActionTest { | |||
@Test | |||
public void return_edit_to_false_when_not_quality_gate_permission() throws Exception { | |||
userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); | |||
AppWsResponse response = executeRequest(); | |||
@@ -30,6 +30,7 @@ import org.junit.Test; | |||
import org.junit.rules.ExpectedException; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.property.PropertyDbTester; | |||
@@ -45,7 +46,6 @@ import org.sonarqube.ws.ServerId.ShowWsResponse; | |||
import static org.assertj.core.api.Java6Assertions.assertThat; | |||
import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.property.PropertyTesting.newGlobalPropertyDto; | |||
import static org.sonarqube.ws.MediaTypes.JSON; | |||
@@ -141,7 +141,7 @@ public class ShowActionTest { | |||
@Test | |||
public void fail_when_not_system_admin() throws Exception { | |||
userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
expectedException.expect(ForbiddenException.class); | |||
@@ -33,6 +33,7 @@ import org.sonar.api.config.PropertyDefinitions; | |||
import org.sonar.api.config.PropertyFieldDefinition; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
@@ -53,7 +54,6 @@ import static org.sonar.api.resources.Qualifiers.MODULE; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newProjectDto; | |||
import static org.sonarqube.ws.MediaTypes.JSON; | |||
@@ -329,7 +329,7 @@ public class ListDefinitionsActionTest { | |||
@Test | |||
public void fail_when_not_system_admin() throws Exception { | |||
userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
expectedException.expect(ForbiddenException.class); |
@@ -29,6 +29,7 @@ import org.sonar.api.config.PropertyDefinition; | |||
import org.sonar.api.config.PropertyDefinitions; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
@@ -54,7 +55,6 @@ import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.resources.Qualifiers.VIEW; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newProjectDto; | |||
import static org.sonar.db.property.PropertyTesting.newComponentPropertyDto; | |||
@@ -225,7 +225,7 @@ public class ResetActionTest { | |||
@Test | |||
public void fail_when_not_system_admin() throws Exception { | |||
userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
definitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
expectedException.expect(ForbiddenException.class); |
@@ -35,6 +35,7 @@ import org.sonar.api.config.PropertyDefinitions; | |||
import org.sonar.api.config.PropertyFieldDefinition; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
@@ -54,7 +55,6 @@ import static java.util.Arrays.asList; | |||
import static org.assertj.core.api.Java6Assertions.assertThat; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newProjectDto; | |||
@@ -501,7 +501,7 @@ public class ValuesActionTest { | |||
@Test | |||
public void fail_when_not_system_admin() throws Exception { | |||
userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); | |||
userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
definitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
expectedException.expect(ForbiddenException.class); |
@@ -39,7 +39,7 @@ import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.user.UserTesting.newUserDto; | |||
@@ -83,7 +83,7 @@ public class ServerUserSessionTest { | |||
assertThat(session.hasPermission(QUALITY_PROFILE_ADMIN)).isTrue(); | |||
assertThat(session.hasPermission(SYSTEM_ADMIN)).isTrue(); | |||
assertThat(session.hasPermission(DASHBOARD_SHARING)).isFalse(); | |||
assertThat(session.hasPermission(QUALITY_GATE_ADMIN)).isFalse(); | |||
} | |||
@Test | |||
@@ -100,7 +100,7 @@ public class ServerUserSessionTest { | |||
UserSession session = newUserSession(userDto); | |||
expectedException.expect(ForbiddenException.class); | |||
session.checkPermission(DASHBOARD_SHARING); | |||
session.checkPermission(QUALITY_GATE_ADMIN); | |||
} | |||
@Test | |||
@@ -216,7 +216,7 @@ public class ServerUserSessionTest { | |||
assertThat(session.hasGlobalPermission(QUALITY_PROFILE_ADMIN)).isTrue(); | |||
assertThat(session.hasGlobalPermission(SYSTEM_ADMIN)).isTrue(); | |||
assertThat(session.hasGlobalPermission(DASHBOARD_SHARING)).isFalse(); | |||
assertThat(session.hasGlobalPermission(QUALITY_GATE_ADMIN)).isFalse(); | |||
} | |||
@Test | |||
@@ -251,7 +251,7 @@ public class ServerUserSessionTest { | |||
assertThat(session.hasPermission(GlobalPermissions.QUALITY_PROFILE_ADMIN)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermissions.SYSTEM_ADMIN)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermissions.DASHBOARD_SHARING)).isFalse(); | |||
assertThat(session.hasPermission(GlobalPermissions.QUALITY_GATE_ADMIN)).isFalse(); | |||
} | |||
@Test |
@@ -44,7 +44,6 @@ const PERMISSIONS_ORDER = [ | |||
'admin', | |||
'profileadmin', | |||
'gateadmin', | |||
'shareDashboard', | |||
'scan', | |||
'provisioning' | |||
]; |
@@ -180,7 +180,7 @@ class DashboardsController < ApplicationController | |||
def load_dashboard_from_params(dashboard) | |||
dashboard.name = params[:name] | |||
dashboard.description = params[:description] | |||
dashboard.shared = params[:shared].present? && has_role?(:shareDashboard) | |||
dashboard.shared = params[:shared].present? | |||
dashboard.column_layout = Dashboard::DEFAULT_LAYOUT if !dashboard.column_layout | |||
dashboard.user = User.find_active_by_login(params[:owner]) unless params[:owner].nil? | |||
end |
@@ -92,7 +92,7 @@ class MeasuresController < ApplicationController | |||
end | |||
@filter.name=params[:name] | |||
@filter.description=params[:description] | |||
@filter.shared=(params[:shared]=='true') && has_role?(:shareDashboard) | |||
@filter.shared=(params[:shared]=='true') | |||
@filter.data=URI.unescape(params[:data]) | |||
if @filter.save | |||
current_user.favourited_measure_filters<<@filter if add_to_favourites | |||
@@ -145,7 +145,7 @@ class MeasuresController < ApplicationController | |||
@filter.name=params[:name] | |||
@filter.description=params[:description] | |||
@filter.shared=(params[:shared]=='true') && has_role?(:shareDashboard) | |||
@filter.shared=(params[:shared]=='true') | |||
if has_role?(:admin) && params[:owner] | |||
@filter.user = User.find_by_login(params[:owner]) | |||
end | |||
@@ -181,7 +181,7 @@ class MeasuresController < ApplicationController | |||
target.name=params[:name] | |||
target.description=params[:description] | |||
target.user_id=current_user.id | |||
target.shared=(params[:shared]=='true') && has_role?(:shareDashboard) | |||
target.shared=(params[:shared]=='true') | |||
target.data=source.data | |||
if target.save | |||
current_user.favourited_measure_filters << target |
@@ -45,7 +45,7 @@ class Dashboard < ActiveRecord::Base | |||
end | |||
def user_rights_consistency | |||
if shared? && user && !user.has_role?(:shareDashboard) | |||
if shared? && !user | |||
errors.add(:user, "cannot own this dashboard because of insufficient rights") | |||
end | |||
end | |||
@@ -79,7 +79,7 @@ class Dashboard < ActiveRecord::Base | |||
end | |||
def can_be_shared_by(user) | |||
owner?(user) && user.has_role?(:shareDashboard) | |||
owner?(user) | |||
end | |||
def can_be_reassigned_by(user) |
@@ -361,7 +361,7 @@ class MeasureFilter < ActiveRecord::Base | |||
errors.add_to_base('Other users already share filters with the same name') if count>0 | |||
# Verify filter owner has sharing permission | |||
if user && !user.has_role?(:shareDashboard) | |||
if !user | |||
errors.add(:user, "cannot own this filter because of insufficient rights") | |||
end | |||
elsif system? |
@@ -18,7 +18,7 @@ | |||
<label for="description"><%= h message('description') -%></label> | |||
<input id="description" name="description" type="text" size="50" maxlength="4000" value="<%= h @dashboard.description -%>"/> | |||
</div> | |||
<% if has_role?(:shareDashboard) %> | |||
<% if logged_in? %> | |||
<div class="modal-field"> | |||
<label for="shared"><%= h message('shared') -%></label> | |||
<input id="shared" name="shared" type="checkbox" value="true" <%= 'checked' if @dashboard.shared -%>/> |
@@ -17,7 +17,7 @@ | |||
<%= user_select_tag('owner', :html_id => 'select-filter-owner', :selected_user => @filter.user) -%> | |||
</div> | |||
<% end %> | |||
<% if has_role?(:shareDashboard) %> | |||
<% if logged_in? %> | |||
<% if @filter.user_id.nil? || @filter.user_id == current_user.id %> | |||
<div class="modal-field"> | |||
<label for="shared"><%= h message('measure_filter.shared_with_all_users') -%></label> | |||
@@ -27,4 +27,4 @@ | |||
<input id="shared" name="shared" type="hidden" value="<%= @filter.shared -%>"/> | |||
<% end %> | |||
<% end %> | |||
</div> | |||
</div> |
@@ -3678,8 +3678,6 @@ global_permissions.profileadmin=Administer Quality Profiles | |||
global_permissions.profileadmin.desc=Ability to perform any action on quality profiles. | |||
global_permissions.gateadmin=Administer Quality Gates | |||
global_permissions.gateadmin.desc=Ability to perform any action on quality gates. | |||
global_permissions.shareDashboard=Share Dashboards And Filters | |||
global_permissions.shareDashboard.desc=Ability to share dashboards, issue filters and measure filters. | |||
global_permissions.scan=Execute Analysis | |||
global_permissions.scan.desc=Ability to get all settings required to perform an analysis (including the secured settings like passwords) and to push analysis results to the SonarQube server. | |||
global_permissions.provisioning=Create Projects |
@@ -32,7 +32,6 @@ public final class GlobalPermissions { | |||
public static final String SYSTEM_ADMIN = "admin"; | |||
public static final String QUALITY_PROFILE_ADMIN = "profileadmin"; | |||
public static final String QUALITY_GATE_ADMIN = "gateadmin"; | |||
public static final String DASHBOARD_SHARING = "shareDashboard"; | |||
public static final String SCAN_EXECUTION = "scan"; | |||
public static final String PROVISIONING = "provisioning"; | |||
@@ -40,7 +39,7 @@ public final class GlobalPermissions { | |||
* All the global permissions values, ordered from {@link #SYSTEM_ADMIN} to {@link #PROVISIONING}. | |||
*/ | |||
public static final List<String> ALL = ImmutableList.of( | |||
SYSTEM_ADMIN, QUALITY_PROFILE_ADMIN, QUALITY_GATE_ADMIN, DASHBOARD_SHARING, SCAN_EXECUTION, PROVISIONING); | |||
SYSTEM_ADMIN, QUALITY_PROFILE_ADMIN, QUALITY_GATE_ADMIN, SCAN_EXECUTION, PROVISIONING); | |||
public static final String ALL_ON_ONE_LINE = Joiner.on(", ").join(GlobalPermissions.ALL); | |||
private GlobalPermissions() { |
@@ -7,11 +7,10 @@ ALTER TABLE GROUPS ALTER COLUMN ID RESTART WITH 3; | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (1, 1, null, 'admin'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (2, 1, null, 'profileadmin'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (3, 1, null, 'gateadmin'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (4, 1, null, 'shareDashboard'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (5, null, null, 'scan'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (6, null, null, 'provisioning'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (7, 1, null, 'provisioning'); | |||
ALTER TABLE GROUP_ROLES ALTER COLUMN ID RESTART WITH 9; | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (4, null, null, 'scan'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (5, null, null, 'provisioning'); | |||
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (6, 1, null, 'provisioning'); | |||
ALTER TABLE GROUP_ROLES ALTER COLUMN ID RESTART WITH 7; | |||
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 1); | |||
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 2); |
@@ -93,8 +93,8 @@ public class RoleDaoTest { | |||
assertThat(underTest.selectGroupPermissions(db.getSession(), "sonar-administrators", null)).containsOnly(GlobalPermissions.SYSTEM_ADMIN, | |||
GlobalPermissions.QUALITY_PROFILE_ADMIN, | |||
GlobalPermissions.DASHBOARD_SHARING); | |||
assertThat(underTest.selectGroupPermissions(db.getSession(), "sonar-users", null)).containsOnly(GlobalPermissions.DASHBOARD_SHARING); | |||
GlobalPermissions.QUALITY_GATE_ADMIN); | |||
assertThat(underTest.selectGroupPermissions(db.getSession(), "sonar-users", null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
assertThat(underTest.selectGroupPermissions(db.getSession(), DefaultGroups.ANYONE, null)).containsOnly(GlobalPermissions.PROVISIONING, | |||
GlobalPermissions.SCAN_EXECUTION); | |||
assertThat(underTest.selectGroupPermissions(db.getSession(), "anyone", null)).containsOnly(GlobalPermissions.PROVISIONING, GlobalPermissions.SCAN_EXECUTION); |
@@ -3,7 +3,7 @@ | |||
<groups id="100" name="sonar-administrators"/> | |||
<groups id="101" name="sonar-users"/> | |||
<group_roles id="4" group_id="101" role="shareDashboard" resource_id="[null]"/> | |||
<group_roles id="4" group_id="101" role="gateadmin" resource_id="[null]"/> | |||
<group_roles id="5" group_id="[null]" role="scan" resource_id="[null]"/> | |||
<group_roles id="6" group_id="[null]" role="provisioning" resource_id="[null]"/> |
@@ -6,9 +6,9 @@ | |||
<!-- All 3 lines with group_id 100 will be deleted --> | |||
<group_roles id="1" group_id="100" role="admin" resource_id="[null]"/> | |||
<group_roles id="2" group_id="100" role="profileadmin" resource_id="1"/> | |||
<group_roles id="3" group_id="100" role="shareDashboard" resource_id="[null]"/> | |||
<group_roles id="3" group_id="100" role="gateadmin" resource_id="[null]"/> | |||
<group_roles id="4" group_id="101" role="shareDashboard" resource_id="[null]"/> | |||
<group_roles id="4" group_id="101" role="gateadmin" resource_id="[null]"/> | |||
<group_roles id="5" group_id="[null]" role="scan" resource_id="[null]"/> | |||
<group_roles id="6" group_id="[null]" role="provisioning" resource_id="[null]"/> |
@@ -4,8 +4,8 @@ | |||
<groups id="101" name="sonar-users"/> | |||
<group_roles id="1" group_id="100" role="admin" resource_id="[null]"/> | |||
<group_roles id="3" group_id="100" role="shareDashboard" resource_id="[null]"/> | |||
<group_roles id="4" group_id="101" role="shareDashboard" resource_id="[null]"/> | |||
<group_roles id="3" group_id="100" role="gateadmin" resource_id="[null]"/> | |||
<group_roles id="4" group_id="101" role="gateadmin" resource_id="[null]"/> | |||
<!-- Group 'anyone' has a NULL group_id --> | |||
<group_roles id="5" group_id="[null]" role="scan" resource_id="[null]"/> |
@@ -5,8 +5,8 @@ | |||
<group_roles id="1" group_id="100" role="admin" resource_id="[null]"/> | |||
<group_roles id="2" group_id="100" role="profileadmin" resource_id="[null]"/> | |||
<group_roles id="3" group_id="100" role="shareDashboard" resource_id="[null]"/> | |||
<group_roles id="4" group_id="101" role="shareDashboard" resource_id="[null]"/> | |||
<group_roles id="3" group_id="100" role="gateadmin" resource_id="[null]"/> | |||
<group_roles id="4" group_id="101" role="gateadmin" resource_id="[null]"/> | |||
<!-- Group 'anyone' has a NULL group_id --> | |||
<group_roles id="5" group_id="[null]" role="scan" resource_id="[null]"/> |