SONAR-20630 Discriminate between UI and API calls for projects creation

server/sonar-ce-task-projectanalysis/src/it/java/org/sonar/ce/task/projectexport/steps/LoadProjectStepIT.java

@@ -59,7 +59,7 @@ public class LoadProjectStepIT {
       "qualifier", Qualifiers.APP,
       "uuid", "not_used",
       "private", false,
-      "creation_method", CreationMethod.LOCAL.name(),
+      "creation_method", CreationMethod.LOCAL_API.name(),
       "created_at", 1L,
       "updated_at", 1L);
 

server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/AnticipatedTransitionRepositoryImplTest.java

@@ -139,7 +139,7 @@ public class AnticipatedTransitionRepositoryImplTest {
     projectDto.setUuid(projectUuid);
     projectDto.setQualifier("TRK");
     projectDto.setName("project");
-    projectDto.setCreationMethod(CreationMethod.LOCAL);
+    projectDto.setCreationMethod(CreationMethod.LOCAL_API);
     return projectDto;
   }
 

server/sonar-ce/src/it/java/org/sonar/ce/notification/ReportAnalysisFailureNotificationExecutionListenerIT.java

@@ -146,7 +146,7 @@ public class ReportAnalysisFailureNotificationExecutionListenerIT {
   @Test
   public void onEnd_fails_with_ISE_if_branch_does_not_exist_in_DB() {
     String componentUuid = randomAlphanumeric(6);
-    ProjectDto project = new ProjectDto().setUuid(componentUuid).setKey(randomAlphanumeric(5)).setQualifier(Qualifiers.PROJECT).setCreationMethod(CreationMethod.LOCAL);
+    ProjectDto project = new ProjectDto().setUuid(componentUuid).setKey(randomAlphanumeric(5)).setQualifier(Qualifiers.PROJECT).setCreationMethod(CreationMethod.LOCAL_API);
     dbTester.getDbClient().projectDao().insert(dbTester.getSession(), project);
     dbTester.getSession().commit();
     when(ceTaskMock.getType()).thenReturn(CeTaskTypes.REPORT);

server/sonar-db-dao/src/it/java/org/sonar/db/component/ApplicationProjectsDaoIT.java

@@ -170,7 +170,7 @@ public class ApplicationProjectsDaoIT {
       "kee", appUuid,
       "qualifier", "APP",
       "private", true,
-      "creation_method", CreationMethod.LOCAL.name(),
+      "creation_method", CreationMethod.LOCAL_API.name(),
       "updated_at", 1000L,
       "created_at", 1000L);
   }

server/sonar-db-dao/src/it/java/org/sonar/db/project/ProjectDaoIT.java

@@ -123,9 +123,10 @@ public class ProjectDaoIT {
     List<ProjectDto> projects = projectDao.selectProjects(db.getSession());
     assertThat(projects).extracting(ProjectDto::getKey).containsExactlyInAnyOrder("projectKee_o1_p1", "projectKee_o1_p2");
   }
+
   @Test
   public void selectProjects_returnsCreationMethod() {
-    ProjectDto dto1 = createProject("o1", "p1").setCreationMethod(CreationMethod.SCANNER);
+    ProjectDto dto1 = createProject("o1", "p1").setCreationMethod(CreationMethod.SCANNER_API);
     ProjectDto dto2 = createProject("o1", "p2").setCreationMethod(CreationMethod.UNKNOWN);
 
     projectDao.insert(db.getSession(), dto1);
@@ -135,7 +136,7 @@ public class ProjectDaoIT {
     Map<String, CreationMethod> projectToCreationMethod = projects.stream().collect(Collectors.toMap(EntityDto::getName, ProjectDto::getCreationMethod));
     assertThat(projectToCreationMethod)
       .hasSize(2)
-      .containsEntry("projectName_p1", CreationMethod.SCANNER)
+      .containsEntry("projectName_p1", CreationMethod.SCANNER_API)
       .containsEntry("projectName_p2", CreationMethod.UNKNOWN);
   }
 
@@ -469,7 +470,7 @@ public class ProjectDaoIT {
       .setUuid("uuid_" + org + "_" + name)
       .setTags(Arrays.asList("tag1", "tag2"))
       .setDescription("desc_" + name)
-      .setCreationMethod(CreationMethod.LOCAL)
+      .setCreationMethod(CreationMethod.LOCAL_API)
       .setPrivate(false);
   }
 }

server/sonar-db-dao/src/main/java/org/sonar/db/project/CreationMethod.java

@@ -19,10 +19,39 @@
  */
 package org.sonar.db.project;
 
+import java.util.Arrays;
+
 public enum CreationMethod {
-  UNKNOWN,
-  LOCAL,
-  ALM_IMPORT_API,
-  ALM_IMPORT_UI,
-  SCANNER
+  UNKNOWN(Category.UNKNOWN, false),
+  LOCAL_API(Category.LOCAL, false),
+  LOCAL_BROWSER(Category.LOCAL, true),
+  ALM_IMPORT_API(Category.ALM_IMPORT, false),
+  ALM_IMPORT_BROWSER(Category.ALM_IMPORT, true),
+  SCANNER_API(Category.SCANNER, false);
+
+  private final boolean isCreatedViaBrowser;
+  private final Category category;
+
+  CreationMethod(Category category, boolean isCreatedViaBrowser) {
+    this.isCreatedViaBrowser = isCreatedViaBrowser;
+    this.category = category;
+  }
+
+  public static CreationMethod getCreationMethod(Category category, boolean isBrowserCall) {
+    return Arrays.stream(CreationMethod.values())
+      .filter(creationMethod -> creationMethod.getCategory().equals(category))
+      .filter(creationMethod -> creationMethod.isCreatedViaBrowser() == isBrowserCall)
+      .findAny()
+      .orElse(UNKNOWN);
+  }
+
+  private boolean isCreatedViaBrowser() {
+    return isCreatedViaBrowser;
+  }
+
+  private Category getCategory() {
+    return category;
+  }
+
+  public enum Category {UNKNOWN, LOCAL, ALM_IMPORT, SCANNER}
 }

server/sonar-db-dao/src/test/java/org/sonar/db/project/CreationMethodTest.java

@@ -0,0 +1,62 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2023 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.db.project;
+
+import java.util.Arrays;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+@RunWith(Parameterized.class)
+public class CreationMethodTest {
+
+  @Parameterized.Parameters(name = "Category:{0}, Is gui Call:{1}, Expected creation method:{2}")
+  public static Iterable<Object[]> testData() {
+    return Arrays.asList(new Object[][] {
+      {CreationMethod.Category.UNKNOWN, true, CreationMethod.UNKNOWN},
+      {CreationMethod.Category.UNKNOWN, false, CreationMethod.UNKNOWN},
+      {CreationMethod.Category.LOCAL, true, CreationMethod.LOCAL_BROWSER},
+      {CreationMethod.Category.LOCAL, false, CreationMethod.LOCAL_API},
+      {CreationMethod.Category.ALM_IMPORT, true, CreationMethod.ALM_IMPORT_BROWSER},
+      {CreationMethod.Category.ALM_IMPORT, false, CreationMethod.ALM_IMPORT_API},
+      {CreationMethod.Category.SCANNER, true, CreationMethod.UNKNOWN},
+      {CreationMethod.Category.SCANNER, false, CreationMethod.SCANNER_API},
+    });
+  }
+
+  private final CreationMethod.Category category;
+  private final boolean isCreatedViaBrowser;
+  private final CreationMethod expectedCreationMethod;
+
+  public CreationMethodTest(CreationMethod.Category category, boolean isCreatedViaBrowser, CreationMethod expectedCreationMethod) {
+    this.category = category;
+    this.isCreatedViaBrowser = isCreatedViaBrowser;
+    this.expectedCreationMethod = expectedCreationMethod;
+  }
+
+  @Test
+  public void getCreationMethod_returnsCorrectCreationMethod() {
+    CreationMethod creationMethod = CreationMethod.getCreationMethod(category, isCreatedViaBrowser);
+    assertThat(creationMethod).isEqualTo(expectedCreationMethod);
+  }
+
+}

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/component/ComponentDbTester.java

@@ -582,7 +582,7 @@ public class ComponentDbTester {
       .setPrivate(componentDto.isPrivate())
       .setDescription(componentDto.description())
       .setName(componentDto.name())
-      .setCreationMethod(CreationMethod.LOCAL);
+      .setCreationMethod(CreationMethod.LOCAL_API);
   }
 
   public static PortfolioDto toPortfolioDto(ComponentDto componentDto, long createTime) {

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/component/ComponentTesting.java

@@ -269,7 +269,7 @@ public class ComponentTesting {
   }
 
   public static ProjectDto newProjectDto() {
-    return newProjectDto("uuid").setPrivate(true).setCreationMethod(CreationMethod.LOCAL);
+    return newProjectDto("uuid").setPrivate(true).setCreationMethod(CreationMethod.LOCAL_API);
   }
 
   public static ProjectDto newProjectDto(String projectUuid) {
@@ -277,7 +277,7 @@ public class ComponentTesting {
       .setKey("projectKey")
       .setUuid(projectUuid)
       .setName("projectName")
-      .setCreationMethod(CreationMethod.LOCAL)
+      .setCreationMethod(CreationMethod.LOCAL_API)
       .setQualifier(Qualifiers.PROJECT);
   }
 
@@ -286,7 +286,7 @@ public class ComponentTesting {
       .setKey("appKey")
       .setUuid("uuid")
       .setName("appName")
-      .setCreationMethod(CreationMethod.LOCAL)
+      .setCreationMethod(CreationMethod.LOCAL_API)
       .setQualifier(Qualifiers.APP);
   }
 

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/component/ProjectTesting.java

@@ -48,7 +48,7 @@ public class ProjectTesting {
       .setName("NAME_" + uuid)
       .setDescription("DESCRIPTION_" + uuid)
       .setQualifier(Qualifiers.PROJECT)
-      .setCreationMethod(CreationMethod.LOCAL)
+      .setCreationMethod(CreationMethod.LOCAL_API)
       .setPrivate(isPrivate);
   }
 

server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java

@@ -58,6 +58,7 @@ public class ServerUserSessionIT {
     assertThat(session.getLogin()).isNull();
     assertThat(session.getUuid()).isNull();
     assertThat(session.isLoggedIn()).isFalse();
+    assertThat(session.isAuthenticatedBrowserSession()).isFalse();
   }
 
   @Test
@@ -804,7 +805,7 @@ public class ServerUserSessionIT {
   }
 
   private ServerUserSession newUserSession(@Nullable UserDto userDto) {
-    return new ServerUserSession(dbClient, userDto);
+    return new ServerUserSession(dbClient, userDto, false);
   }
 
   private ServerUserSession newAnonymousSession() {

server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java

@@ -55,6 +55,7 @@ public class TokenUserSessionIT {
     assertThat(userSession.getUserToken().getName()).isEqualTo("User Token");
     assertThat(userSession.getUserToken().getUserUuid()).isEqualTo("userUid");
     assertThat(userSession.getUserToken().getType()).isEqualTo("USER_TOKEN");
+    assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
   }
 
   @Test

server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/BaseContextFactory.java

@@ -99,7 +99,7 @@ public class BaseContextFactory {
           .setSource(Source.external(identityProvider))
           .build());
       jwtHttpHandler.generateToken(userDto, request, response);
-      threadLocalUserSession.set(userSessionFactory.create(userDto));
+      threadLocalUserSession.set(userSessionFactory.create(userDto, true));
     }
   }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/OAuth2ContextFactory.java

@@ -156,7 +156,7 @@ public class OAuth2ContextFactory {
           .setSource(AuthenticationEvent.Source.oauth2(identityProvider))
           .build());
       jwtHttpHandler.generateToken(userDto, request, response);
-      threadLocalUserSession.set(userSessionFactory.create(userDto));
+      threadLocalUserSession.set(userSessionFactory.create(userDto, true));
     }
   }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/RequestAuthenticatorImpl.java

@@ -70,7 +70,8 @@ public class RequestAuthenticatorImpl implements RequestAuthenticator {
       if (TOKEN.equals(userAuthResult.getAuthType())) {
         return userSessionFactory.create(userAuthResult.getUserDto(), userAuthResult.getTokenDto());
       }
-      return userSessionFactory.create(userAuthResult.getUserDto());
+      boolean isAuthenticatedBrowserSession = JWT.equals(userAuthResult.getAuthType());
+      return userSessionFactory.create(userAuthResult.getUserDto(), isAuthenticatedBrowserSession);
     } else if (GITHUB_WEBHOOK.equals(userAuthResult.getAuthType())) {
       return userSessionFactory.createGithubWebhookUserSession();
     }

server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java

@@ -108,4 +108,9 @@ public class SafeModeUserSession extends AbstractUserSession {
   public boolean isActive() {
     return false;
   }
+
+  @Override
+  public boolean isAuthenticatedBrowserSession() {
+    return false;
+  }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java

@@ -148,6 +148,11 @@ public final class DoPrivileged {
         return true;
       }
 
+      @Override
+      public boolean isAuthenticatedBrowserSession() {
+        return false;
+      }
+
     }
 
     private void start() {

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java

@@ -80,6 +80,11 @@ public class GithubWebhookUserSession extends AbstractUserSession {
     return true;
   }
 
+  @Override
+  public boolean isAuthenticatedBrowserSession() {
+    return false;
+  }
+
   @Override
   protected boolean hasPermissionImpl(GlobalPermission permission) {
     return false;

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java

@@ -62,6 +62,7 @@ public class ServerUserSession extends AbstractUserSession {
 
   @CheckForNull
   private final UserDto userDto;
+  private final boolean isAuthenticatedBrowserSession;
   private final DbClient dbClient;
   private final Map<String, String> entityUuidByComponentUuid = new HashMap<>();
   private final Map<String, Set<String>> permissionsByEntityUuid = new HashMap<>();
@@ -70,9 +71,10 @@ public class ServerUserSession extends AbstractUserSession {
   private Boolean isSystemAdministrator;
   private Set<GlobalPermission> permissions;
 
-  public ServerUserSession(DbClient dbClient, @Nullable UserDto userDto) {
+  public ServerUserSession(DbClient dbClient, @Nullable UserDto userDto, boolean isAuthenticatedBrowserSession) {
     this.dbClient = dbClient;
     this.userDto = userDto;
+    this.isAuthenticatedBrowserSession = isAuthenticatedBrowserSession;
   }
 
   private Collection<GroupDto> loadGroups() {
@@ -400,6 +402,11 @@ public class ServerUserSession extends AbstractUserSession {
     return userDto.isActive();
   }
 
+  @Override
+  public boolean isAuthenticatedBrowserSession() {
+    return isAuthenticatedBrowserSession;
+  }
+
   private boolean loadIsSystemAdministrator() {
     return hasPermission(GlobalPermission.ADMINISTER);
   }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java

@@ -168,6 +168,11 @@ public class ThreadLocalUserSession implements UserSession {
     return get().isActive();
   }
 
+  @Override
+  public boolean isAuthenticatedBrowserSession() {
+    return get().isAuthenticatedBrowserSession();
+  }
+
   @Override
   public boolean hasComponentPermission(String permission, ComponentDto component) {
     return get().hasComponentPermission(permission, component);

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java

@@ -34,7 +34,7 @@ public class TokenUserSession extends ServerUserSession {
   private final UserTokenDto userToken;
 
   public TokenUserSession(DbClient dbClient, UserDto user, UserTokenDto userToken) {
-    super(dbClient, user);
+    super(dbClient, user, false);
     this.userToken = userToken;
   }
 

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java

@@ -227,4 +227,6 @@ public interface UserSession {
   UserSession checkIsSystemAdministrator();
 
   boolean isActive();
+
+  boolean isAuthenticatedBrowserSession();
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactory.java

@@ -26,7 +26,7 @@ import org.sonar.db.user.UserTokenDto;
 @ServerSide
 public interface UserSessionFactory {
 
-  UserSession create(UserDto user);
+  UserSession create(UserDto user, boolean isAuthenticatedGuiSession);
 
   UserSession create(UserDto user, UserTokenDto userToken);
 

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactoryImpl.java

@@ -39,10 +39,10 @@ public class UserSessionFactoryImpl implements UserSessionFactory {
   }
 
   @Override
-  public ServerUserSession create(UserDto user) {
+  public ServerUserSession create(UserDto user, boolean isAuthenticatedGuiSession) {
     requireNonNull(user, "UserDto must not be null");
     userLastConnectionDatesUpdater.updateLastConnectionDateIfNeeded(user);
-    return new ServerUserSession(dbClient, user);
+    return new ServerUserSession(dbClient, user, isAuthenticatedGuiSession);
   }
 
   @Override
@@ -60,6 +60,6 @@ public class UserSessionFactoryImpl implements UserSessionFactory {
 
   @Override
   public ServerUserSession createAnonymous() {
-    return new ServerUserSession(dbClient, null);
+    return new ServerUserSession(dbClient, null, false);
   }
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/RequestAuthenticatorImplTest.java

@@ -22,6 +22,7 @@ package org.sonar.server.authentication;
 import java.util.Optional;
 import org.junit.Before;
 import org.junit.Test;
+import org.mockito.stubbing.Answer;
 import org.sonar.api.server.http.HttpRequest;
 import org.sonar.api.server.http.HttpResponse;
 import org.sonar.db.user.UserDto;
@@ -34,7 +35,9 @@ import org.sonar.server.user.UserSessionFactory;
 import org.sonar.server.usertoken.UserTokenAuthentication;
 
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.ArgumentMatchers.anyBoolean;
 import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.verify;
@@ -62,7 +65,16 @@ public class RequestAuthenticatorImplTest {
 
   @Before
   public void setUp() {
-    when(sessionFactory.create(A_USER)).thenReturn(new MockUserSession(A_USER));
+    when(sessionFactory.create(eq(A_USER), anyBoolean())).thenAnswer((Answer<UserSession>) invocation -> {
+      MockUserSession mockUserSession = new MockUserSession(A_USER);
+      Boolean isAuthenticatedBrowserSession = invocation.getArgument(1, Boolean.class);
+      if (isAuthenticatedBrowserSession) {
+        mockUserSession.flagAsBrowserSession();
+      }
+      return mockUserSession;
+    })
+
+      .thenReturn(new MockUserSession(A_USER));
     when(sessionFactory.create(A_USER, A_USER_TOKEN)).thenReturn(new MockUserSession(A_USER));
     when(sessionFactory.createAnonymous()).thenReturn(new AnonymousMockUserSession());
     when(sessionFactory.createGithubWebhookUserSession()).thenReturn(githubWebhookMockUserSession);
@@ -73,7 +85,10 @@ public class RequestAuthenticatorImplTest {
     when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.empty());
     when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.of(A_USER));
 
-    assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+    UserSession userSession = underTest.authenticate(request, response);
+    assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+    assertThat(userSession.isAuthenticatedBrowserSession()).isTrue();
+
     verify(response, never()).setStatus(anyInt());
   }
 
@@ -83,7 +98,9 @@ public class RequestAuthenticatorImplTest {
     when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
     when(githubWebhookAuthentication.authenticate(request)).thenReturn(Optional.of(UserAuthResult.withGithubWebhook()));
 
-    assertThat(underTest.authenticate(request, response)).isInstanceOf(GithubWebhookUserSession.class);
+    UserSession userSession = underTest.authenticate(request, response);
+    assertThat(userSession).isInstanceOf(GithubWebhookUserSession.class);
+    assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
     verify(response, never()).setStatus(anyInt());
   }
 
@@ -93,7 +110,9 @@ public class RequestAuthenticatorImplTest {
     when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.empty());
     when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
 
-    assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+    UserSession userSession = underTest.authenticate(request, response);
+    assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+    assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
 
     verify(jwtHttpHandler).validateToken(request, response);
     verify(basicAuthentication).authenticate(request);
@@ -108,7 +127,9 @@ public class RequestAuthenticatorImplTest {
     when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.empty());
     when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
 
-    assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+    UserSession userSession = underTest.authenticate(request, response);
+    assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+    assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
 
     verify(jwtHttpHandler).validateToken(request, response);
     verify(userTokenAuthentication).authenticate(request);
@@ -120,7 +141,9 @@ public class RequestAuthenticatorImplTest {
     when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.of(A_USER));
     when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
 
-    assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+    UserSession userSession = underTest.authenticate(request, response);
+    assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+    assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
 
     verify(httpHeadersAuthentication).authenticate(request, response);
     verify(jwtHttpHandler, never()).validateToken(request, response);
@@ -136,6 +159,8 @@ public class RequestAuthenticatorImplTest {
     UserSession session = underTest.authenticate(request, response);
     assertThat(session.isLoggedIn()).isFalse();
     assertThat(session.getUuid()).isNull();
+    assertThat(session.isAuthenticatedBrowserSession()).isFalse();
+
     verify(response, never()).setStatus(anyInt());
   }
 

server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java

@@ -38,6 +38,7 @@ public class SafeModeUserSessionTest {
     assertThat(underTest.getName()).isNull();
     assertThat(underTest.getGroups()).isEmpty();
     assertThat(underTest.isActive()).isFalse();
+    assertThat(underTest.isAuthenticatedBrowserSession()).isFalse();
   }
 
   @Test

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/DoPrivilegedTest.java

@@ -54,6 +54,7 @@ public class DoPrivilegedTest {
     assertThat(catcher.userSession.isActive()).isTrue();
     assertThat(catcher.userSession.hasChildProjectsPermission(USER, new ComponentDto().setUuid("uuid"))).isTrue();
     assertThat(catcher.userSession.hasPortfolioChildProjectsPermission(USER, new ComponentDto())).isTrue();
+    assertThat(catcher.userSession.isAuthenticatedBrowserSession()).isFalse();
 
     // verify session in place after task is done
     assertThat(threadLocalUserSession.get()).isSameAs(session);

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java

@@ -113,4 +113,9 @@ public class GithubWebhookUserSessionTest {
   public void hasComponentUuidPermission_returnsAlwaysTrue() {
     assertThat(githubWebhookUserSession.hasComponentUuidPermission("perm", "project")).isTrue();
   }
+
+  @Test
+  public void isAuthenticatedGuiSession_isAlwaysFalse() {
+    assertThat(githubWebhookUserSession.isAuthenticatedBrowserSession()).isFalse();
+  }
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java

@@ -75,6 +75,7 @@ public class ThreadLocalUserSessionTest {
     assertThat(threadLocalUserSession.hasChildProjectsPermission(USER, new ProjectDto())).isFalse();
     assertThat(threadLocalUserSession.hasPortfolioChildProjectsPermission(USER, new ComponentDto())).isFalse();
     assertThat(threadLocalUserSession.hasEntityPermission(USER, new ProjectDto().getUuid())).isFalse();
+    assertThat(threadLocalUserSession.isAuthenticatedBrowserSession()).isFalse();
   }
 
   @Test

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java

@@ -236,4 +236,6 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
   public boolean shouldResetPassword() {
     return resetPassword;
   }
+
+  public abstract void flagAsBrowserSession();
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AnonymousMockUserSession.java

@@ -35,6 +35,11 @@ public class AnonymousMockUserSession extends AbstractMockUserSession<AnonymousM
     return false;
   }
 
+  @Override
+  public boolean isAuthenticatedBrowserSession() {
+    return false;
+  }
+
   @Override
   public String getLogin() {
     return null;
@@ -69,4 +74,9 @@ public class AnonymousMockUserSession extends AbstractMockUserSession<AnonymousM
   public Optional<ExternalIdentity> getExternalIdentity() {
     return Optional.empty();
   }
+
+  @Override
+  public void flagAsBrowserSession() {
+    throw new UnsupportedOperationException("An anonymous session can't be authenticated");
+  }
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/MockUserSession.java

@@ -44,6 +44,8 @@ public class MockUserSession extends AbstractMockUserSession<MockUserSession> {
   private UserSession.ExternalIdentity externalIdentity;
   private Long lastSonarlintConnectionDate;
 
+  private boolean isAuthenticatedBrowserSession = false;
+
   public MockUserSession(String login) {
     super(MockUserSession.class);
     checkArgument(!login.isEmpty());
@@ -85,6 +87,11 @@ public class MockUserSession extends AbstractMockUserSession<MockUserSession> {
     return true;
   }
 
+  @Override
+  public boolean isAuthenticatedBrowserSession() {
+    return isAuthenticatedBrowserSession;
+  }
+
   @Override
   public String getLogin() {
     return this.login;
@@ -141,4 +148,8 @@ public class MockUserSession extends AbstractMockUserSession<MockUserSession> {
     return Optional.ofNullable(externalIdentity);
   }
 
+  @Override
+  public void flagAsBrowserSession() {
+    isAuthenticatedBrowserSession = true;
+  }
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java

@@ -81,7 +81,7 @@ import static com.google.common.base.Preconditions.checkState;
 public class UserSessionRule implements TestRule, UserSession {
   private static final String DEFAULT_LOGIN = "default_login";
 
-  private UserSession currentUserSession;
+  private AbstractMockUserSession<?> currentUserSession;
 
   private UserSessionRule() {
     anonymous();
@@ -170,7 +170,7 @@ public class UserSessionRule implements TestRule, UserSession {
     this.currentUserSession = null;
   }
 
-  public void set(UserSession userSession) {
+  public void set(AbstractMockUserSession<?> userSession) {
     checkNotNull(userSession);
     setCurrentUserSession(userSession);
   }
@@ -220,7 +220,6 @@ public class UserSessionRule implements TestRule, UserSession {
     return this;
   }
 
-
   public UserSessionRule addPortfolioPermission(String portfolioPermission, PortfolioDto... portfolioDto) {
     ensureAbstractMockUserSession().addPortfolioPermission(portfolioPermission, portfolioDto);
     return this;
@@ -255,7 +254,7 @@ public class UserSessionRule implements TestRule, UserSession {
     return (MockUserSession) currentUserSession;
   }
 
-  private void setCurrentUserSession(UserSession userSession) {
+  private void setCurrentUserSession(AbstractMockUserSession<?> userSession) {
     this.currentUserSession = Preconditions.checkNotNull(userSession);
   }
 
@@ -415,4 +414,13 @@ public class UserSessionRule implements TestRule, UserSession {
   public boolean isActive() {
     return currentUserSession.isActive();
   }
+
+  @Override
+  public boolean isAuthenticatedBrowserSession() {
+    return currentUserSession.isAuthenticatedBrowserSession();
+  }
+
+  public void flagSessionAsGui() {
+    currentUserSession.flagAsBrowserSession();
+  }
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java

@@ -42,7 +42,7 @@ public class TestUserSessionFactory implements UserSessionFactory {
   }
 
   @Override
-  public UserSession create(UserDto user) {
+  public UserSession create(UserDto user, boolean isAuthenticatedGuiSession) {
     return new TestUserSession(requireNonNull(user));
   }
 
@@ -145,6 +145,11 @@ public class TestUserSessionFactory implements UserSessionFactory {
       throw notImplemented();
     }
 
+    @Override
+    public boolean isAuthenticatedBrowserSession() {
+      return false;
+    }
+
     private static RuntimeException notImplemented() {
       return new UnsupportedOperationException("not implemented");
     }

server/sonar-webserver-pushapi/src/main/java/org/sonar/server/pushapi/sonarlint/SonarLintClientPermissionsValidator.java

@@ -59,7 +59,7 @@ public class SonarLintClientPermissionsValidator {
     if (userDto == null) {
       throw new ForbiddenException("User does not exist");
     }
-    UserSession userSession = userSessionFactory.create(userDto);
+    UserSession userSession = userSessionFactory.create(userDto, false);
     List<ProjectDto> projectDtos;
     try (DbSession dbSession = dbClient.openSession(false)) {
       projectDtos = dbClient.projectDao().selectByUuids(dbSession, projectUuids);

server/sonar-webserver-pushapi/src/test/java/org/sonar/server/pushapi/sonarlint/SonarLintClientPermissionsValidatorTest.java

@@ -35,6 +35,7 @@ import org.sonar.server.user.UserSessionFactory;
 import static org.assertj.core.api.Assertions.assertThatCode;
 import static org.junit.Assert.assertThrows;
 import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -56,7 +57,7 @@ public class SonarLintClientPermissionsValidatorTest {
   public void before() {
     when(dbClient.userDao()).thenReturn(userDao);
     when(dbClient.projectDao()).thenReturn(projectDao);
-    when(userSessionFactory.create(any())).thenReturn(userSession);
+    when(userSessionFactory.create(any(), eq(false))).thenReturn(userSession);
     when(projectDao.selectProjectsByKeys(any(), any())).thenReturn(projectDtos);
     when(projectDao.selectByUuids(any(), any())).thenReturn(projectDtos);
   }

server/sonar-webserver-webapi/src/it/java/org/sonar/server/almintegration/ws/azure/ImportAzureProjectActionIT.java

@@ -63,6 +63,7 @@ import org.sonar.server.ws.TestRequest;
 import org.sonar.server.ws.WsActionTester;
 import org.sonarqube.ws.Projects;
 
+import static java.util.Objects.requireNonNull;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.assertj.core.api.Assertions.tuple;
@@ -119,42 +120,22 @@ public class ImportAzureProjectActionIT {
 
   @Test
   public void import_project() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
-    GsonAzureRepo repo = getGsonAzureRepo();
-    when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
-      "project-name", "repo-name"))
-      .thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
+    GsonAzureRepo repo = mockAzureInteractions(almSetting);
 
-    Projects.CreateWsResponse response = ws.newRequest()
-      .setParam("almSetting", almSetting.getKey())
-      .setParam("projectName", "project-name")
-      .setParam("repositoryName", "repo-name")
-      .executeProtobuf(Projects.CreateWsResponse.class);
+    Projects.CreateWsResponse.Project result = callWebserviceAndEnsureProjectIsCreated(almSetting, repo);
 
-    Projects.CreateWsResponse.Project result = response.getProject();
-    assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
-    assertThat(result.getName()).isEqualTo(repo.getName());
+    ProjectDto projectDto = getProjectDto(result);
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+    Optional<ProjectAlmSettingDto> projectAlmSettingDto = db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(),      projectDto);
 
-    Optional<ProjectAlmSettingDto> projectAlmSettingDto = db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(),
-      projectDto.get());
     assertThat(projectAlmSettingDto.get().getAlmRepo()).isEqualTo("repo-name");
     assertThat(projectAlmSettingDto.get().getAlmSettingUuid()).isEqualTo(almSetting.getUuid());
     assertThat(projectAlmSettingDto.get().getAlmSlug()).isEqualTo("project-name");
 
     Optional<BranchDto> mainBranch = db.getDbClient()
       .branchDao()
-      .selectByProject(db.getSession(), projectDto.get())
+      .selectByProject(db.getSession(), projectDto)
       .stream()
       .filter(BranchDto::isMain)
       .findFirst();
@@ -164,22 +145,47 @@ public class ImportAzureProjectActionIT {
     verify(projectKeyGenerator).generateUniqueProjectKey(repo.getProject().getName(), repo.getName());
   }
 
+  @Test
+  public void importProject_whenCallIsNotFromBrowser_shouldFlagTheProjectAsCreatedFromApi() {
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
+    GsonAzureRepo repo = mockAzureInteractions(almSetting);
+
+    Projects.CreateWsResponse.Project result = callWebserviceAndEnsureProjectIsCreated(almSetting, repo);
+
+    assertThat(getProjectDto(result).getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+  }
+
+  @Test
+  public void importProject_whenCallIsFromBrowser_shouldFlagTheProjectAsCreatedFromBrowser() {
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
+    userSession.flagSessionAsGui();
+
+    GsonAzureRepo repo = mockAzureInteractions(almSetting);
+
+    Projects.CreateWsResponse.Project result = callWebserviceAndEnsureProjectIsCreated(almSetting, repo);
+
+    assertThat(getProjectDto(result).getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_BROWSER);
+  }
+
+  private Projects.CreateWsResponse.Project callWebserviceAndEnsureProjectIsCreated(AlmSettingDto almSetting, GsonAzureRepo repo) {
+    Projects.CreateWsResponse response = ws.newRequest()
+      .setParam("almSetting", almSetting.getKey())
+      .setParam("projectName", "project-name")
+      .setParam("repositoryName", "repo-name")
+      .executeProtobuf(Projects.CreateWsResponse.class);
+
+    Projects.CreateWsResponse.Project result = response.getProject();
+    assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
+    assertThat(result.getName()).isEqualTo(repo.getName());
+    return result;
+  }
+
   @Test
   public void import_project_with_NCD_developer_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
-    GsonAzureRepo repo = getGsonAzureRepo();
-    when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
-      "project-name", "repo-name"))
-      .thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
+    mockAzureInteractions(almSetting);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -191,10 +197,8 @@ public class ImportAzureProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.get().getUuid()))
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue, NewCodePeriodDto::getBranchUuid)
@@ -205,18 +209,8 @@ public class ImportAzureProjectActionIT {
   public void import_project_with_NCD_community_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.COMMUNITY));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
-    GsonAzureRepo repo = getGsonAzureRepo();
-    when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
-      "project-name", "repo-name"))
-      .thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
+    mockAzureInteractions(almSetting);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -244,18 +238,8 @@ public class ImportAzureProjectActionIT {
   public void import_project_throw_IAE_when_newCodeDefinitionValue_provided_and_no_newCodeDefinitionType() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
-    GsonAzureRepo repo = getGsonAzureRepo();
-    when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
-      "project-name", "repo-name"))
-      .thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
+    mockAzureInteractions(almSetting);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -267,10 +251,8 @@ public class ImportAzureProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.get().getUuid()))
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue, NewCodePeriodDto::getBranchUuid)
@@ -281,14 +263,7 @@ public class ImportAzureProjectActionIT {
   public void import_project_reference_branch_ncd_no_default_branch_name() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
     GsonAzureRepo repo = getEmptyGsonAzureRepo();
     when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
       "project-name", "repo-name"))
@@ -303,10 +278,8 @@ public class ImportAzureProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.get().getUuid()))
+    ProjectDto  projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue)
@@ -317,18 +290,8 @@ public class ImportAzureProjectActionIT {
   public void import_project_reference_branch_ncd() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
-    GsonAzureRepo repo = getGsonAzureRepo();
-    when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
-      "project-name", "repo-name"))
-      .thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
+    mockAzureInteractions(almSetting);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -339,10 +302,8 @@ public class ImportAzureProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.get().getUuid()))
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue)
@@ -351,14 +312,7 @@ public class ImportAzureProjectActionIT {
 
   @Test
   public void import_project_from_empty_repo() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
     GsonAzureRepo repo = getEmptyGsonAzureRepo();
     when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
       "project-name", "repo-name"))
@@ -434,14 +388,7 @@ public class ImportAzureProjectActionIT {
 
   @Test
   public void fail_project_already_exists() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setPersonalAccessToken(almSetting.getDecryptedPersonalAccessToken(encryption));
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndAlmSettings();
     GsonAzureRepo repo = getGsonAzureRepo();
     db.components().insertPublicProject(p -> p.setKey(GENERATED_PROJECT_KEY)).getMainBranchComponent();
 
@@ -474,6 +421,32 @@ public class ImportAzureProjectActionIT {
         tuple(PARAM_NEW_CODE_DEFINITION_VALUE, false));
   }
 
+  private AlmSettingDto configureUserAndAlmSettings() {
+    UserDto user = db.users().insertUser();
+    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
+    AlmSettingDto almSetting = db.almSettings().insertAzureAlmSetting();
+    db.almPats().insert(dto -> {
+      dto.setAlmSettingUuid(almSetting.getUuid());
+      dto.setPersonalAccessToken(requireNonNull(almSetting.getDecryptedPersonalAccessToken(encryption)));
+      dto.setUserUuid(user.getUuid());
+    });
+    return almSetting;
+  }
+
+  private GsonAzureRepo mockAzureInteractions(AlmSettingDto almSetting) {
+    GsonAzureRepo repo = getGsonAzureRepo();
+    when(azureDevOpsHttpClient.getRepo(almSetting.getUrl(), almSetting.getDecryptedPersonalAccessToken(encryption),
+      "project-name", "repo-name"))
+      .thenReturn(repo);
+    return repo;
+  }
+
+  private ProjectDto getProjectDto(Projects.CreateWsResponse.Project result) {
+    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
+    assertThat(projectDto).isPresent();
+    return projectDto.get();
+  }
+
   private GsonAzureRepo getGsonAzureRepo() {
     return new GsonAzureRepo("repo-id", "repo-name", "repo-url",
       new GsonAzureProject("project-name", "project-description"),

server/sonar-webserver-webapi/src/it/java/org/sonar/server/almintegration/ws/bitbucketcloud/ImportBitbucketCloudRepoActionIT.java

@@ -113,34 +113,19 @@ public class ImportBitbucketCloudRepoActionIT {
 
   @Test
   public void import_project() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertBitbucketCloudAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
-    Repository repo = getGsonBBCRepo();
-    when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    Repository repo = mockBitbucketCloudRepo();
 
-    Projects.CreateWsResponse response = ws.newRequest()
-      .setParam("almSetting", almSetting.getKey())
-      .setParam("repositorySlug", "repo-slug-1")
-      .executeProtobuf(Projects.CreateWsResponse.class);
+    Projects.CreateWsResponse.Project result = callWebServiceAndVerifyProjectCreation(almSetting, repo);
 
-    Projects.CreateWsResponse.Project result = response.getProject();
-    assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
-    assertThat(result.getName()).isEqualTo(repo.getName());
-
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
 
-    Optional<ProjectAlmSettingDto> projectAlmSettingDto = db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(), projectDto.get());
+    Optional<ProjectAlmSettingDto> projectAlmSettingDto = db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(), projectDto);
     assertThat(projectAlmSettingDto).isPresent();
     assertThat(projectAlmSettingDto.get().getAlmRepo()).isEqualTo("repo-slug-1");
 
-    Optional<BranchDto> branchDto = db.getDbClient().branchDao().selectByBranchKey(db.getSession(), projectDto.get().getUuid(), "develop");
+    Optional<BranchDto> branchDto = db.getDbClient().branchDao().selectByBranchKey(db.getSession(), projectDto.getUuid(), "develop");
     assertThat(branchDto).isPresent();
     assertThat(branchDto.get().isMain()).isTrue();
     verify(projectKeyGenerator).generateUniqueProjectKey(requireNonNull(almSetting.getAppId()), repo.getSlug());
@@ -149,19 +134,47 @@ public class ImportBitbucketCloudRepoActionIT {
       .isEmpty();
   }
 
+  @Test
+  public void importProject_whenCallIsNotFromBrowser_shouldFlagTheProjectAsCreatedFromApi() {
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    Repository repo = mockBitbucketCloudRepo();
+
+    Projects.CreateWsResponse.Project result = callWebServiceAndVerifyProjectCreation(almSetting, repo);
+
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+  }
+
+  @Test
+  public void importProject_whenCallIsFromBrowser_shouldFlagTheProjectAsCreatedFromBrowser() {
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    userSession.flagSessionAsGui();
+    Repository repo = mockBitbucketCloudRepo();
+
+    Projects.CreateWsResponse.Project result = callWebServiceAndVerifyProjectCreation(almSetting, repo);
+
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_BROWSER);
+  }
+
+  private Projects.CreateWsResponse.Project callWebServiceAndVerifyProjectCreation(AlmSettingDto almSetting, Repository repo) {
+    Projects.CreateWsResponse response = ws.newRequest()
+      .setParam("almSetting", almSetting.getKey())
+      .setParam("repositorySlug", "repo-slug-1")
+      .executeProtobuf(Projects.CreateWsResponse.class);
+
+    Projects.CreateWsResponse.Project result = response.getProject();
+    assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
+    assertThat(result.getName()).isEqualTo(repo.getName());
+    return result;
+  }
+
   @Test
   public void import_project_with_NCD_developer_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertBitbucketCloudAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
-    Repository repo = getGsonBBCRepo();
-    when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    Repository repo = mockBitbucketCloudRepo();
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -174,10 +187,8 @@ public class ImportBitbucketCloudRepoActionIT {
     assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
     assertThat(result.getName()).isEqualTo(repo.getName());
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(),  projectDto.get().getUuid()))
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue, NewCodePeriodDto::getBranchUuid)
@@ -188,15 +199,8 @@ public class ImportBitbucketCloudRepoActionIT {
   public void import_project_with_NCD_community_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.COMMUNITY));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertBitbucketCloudAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
-    Repository repo = getGsonBBCRepo();
-    when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    Repository repo = mockBitbucketCloudRepo();
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -209,11 +213,10 @@ public class ImportBitbucketCloudRepoActionIT {
     assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
     assertThat(result.getName()).isEqualTo(repo.getName());
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-    BranchDto branchDto = db.getDbClient().branchDao().selectMainBranchByProjectUuid(db.getSession(), projectDto.get().getUuid()).orElseThrow();
+    ProjectDto projectDto = getProjectDto(result);
+    BranchDto branchDto = db.getDbClient().branchDao().selectMainBranchByProjectUuid(db.getSession(), projectDto.getUuid()).orElseThrow();
 
-    String projectUuid = projectDto.get().getUuid();
+    String projectUuid = projectDto.getUuid();
     assertThat(db.getDbClient().newCodePeriodDao().selectByBranch(db.getSession(), projectUuid, branchDto.getUuid()))
       .isPresent()
       .get()
@@ -226,13 +229,7 @@ public class ImportBitbucketCloudRepoActionIT {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
     when(defaultBranchNameResolver.getEffectiveMainBranchName()).thenReturn("default-branch");
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertBitbucketCloudAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Repository repo = getGsonBBCRepoWithNoMainBranchName();
     when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
 
@@ -246,10 +243,8 @@ public class ImportBitbucketCloudRepoActionIT {
     assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
     assertThat(result.getName()).isEqualTo(repo.getName());
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(),  projectDto.get().getUuid()))
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue)
@@ -260,15 +255,8 @@ public class ImportBitbucketCloudRepoActionIT {
   public void import_project_reference_branch_NCD() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertBitbucketCloudAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
-    Repository repo = getGsonBBCRepo();
-    when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    Repository repo = mockBitbucketCloudRepo();
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -280,10 +268,8 @@ public class ImportBitbucketCloudRepoActionIT {
     assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
     assertThat(result.getName()).isEqualTo(repo.getName());
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(),  projectDto.get().getUuid()))
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue)
@@ -292,15 +278,8 @@ public class ImportBitbucketCloudRepoActionIT {
 
   @Test
   public void import_project_throw_IAE_when_newCodeDefinitionValue_provided_and_no_newCodeDefinitionType() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertBitbucketCloudAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
-    Repository repo = getGsonBBCRepo();
-    when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    mockBitbucketCloudRepo();
 
     TestRequest request = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -321,11 +300,9 @@ public class ImportBitbucketCloudRepoActionIT {
       dto.setAlmSettingUuid(almSetting.getUuid());
       dto.setUserUuid(user.getUuid());
     });
-    Repository repo = getGsonBBCRepo();
+    Repository repo = mockBitbucketCloudRepo();
     db.components().insertPublicProject(p -> p.setKey(GENERATED_PROJECT_KEY)).getMainBranchComponent();
 
-    when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
-
     TestRequest request = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
       .setParam("repositorySlug", "repo-slug-1");
@@ -420,10 +397,23 @@ public class ImportBitbucketCloudRepoActionIT {
         tuple(PARAM_NEW_CODE_DEFINITION_VALUE, false));
   }
 
-  private Repository getGsonBBCRepo() {
+  private AlmSettingDto configureUserAndPatAndAlmSettings() {
+    UserDto user = db.users().insertUser();
+    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
+    AlmSettingDto almSetting = db.almSettings().insertBitbucketCloudAlmSetting();
+    db.almPats().insert(dto -> {
+      dto.setAlmSettingUuid(almSetting.getUuid());
+      dto.setUserUuid(user.getUuid());
+    });
+    return almSetting;
+  }
+
+  private Repository mockBitbucketCloudRepo() {
     Project project1 = new Project("PROJECT-UUID-ONE", "projectKey1", "projectName1");
     MainBranch mainBranch = new MainBranch("branch", "develop");
-    return new Repository("REPO-UUID-ONE", "repo-slug-1", "repoName1", project1, mainBranch);
+    Repository repo = new Repository("REPO-UUID-ONE", "repo-slug-1", "repoName1", project1, mainBranch);
+    when(bitbucketCloudRestClient.getRepo(any(), any(), any())).thenReturn(repo);
+    return repo;
   }
 
   private Repository getGsonBBCRepoWithNoMainBranchName() {
@@ -432,4 +422,10 @@ public class ImportBitbucketCloudRepoActionIT {
     return new Repository("REPO-UUID-ONE", "repo-slug-1", "repoName1", project1, mainBranch);
   }
 
+  private ProjectDto getProjectDto(Projects.CreateWsResponse.Project result) {
+    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
+    assertThat(projectDto).isPresent();
+    return projectDto.orElseThrow();
+  }
+
 }

server/sonar-webserver-webapi/src/it/java/org/sonar/server/almintegration/ws/bitbucketserver/ImportBitbucketServerProjectActionIT.java

@@ -127,17 +127,9 @@ public class ImportBitbucketServerProjectActionIT {
 
   @Test
   public void import_project() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
-    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(defaultBranchesList);
+    Repository repo = mockBitbucketServerRepo(project);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -149,29 +141,53 @@ public class ImportBitbucketServerProjectActionIT {
     assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
     assertThat(result.getName()).isEqualTo(repo.getName());
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
 
-    assertThat(db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(), projectDto.get())).isPresent();
+    assertThat(db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(), projectDto)).isPresent();
     verify(projectKeyGenerator).generateUniqueProjectKey(requireNonNull(project.getKey()), repo.getSlug());
   }
 
+  @Test
+  public void importProject_whenCallIsNotFromBrowser_shouldFlagTheProjectAsCreatedFromApi() {
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    Project project = getGsonBBSProject();
+    mockBitbucketServerRepo(project);
+
+    Projects.CreateWsResponse response = ws.newRequest()
+      .setParam("almSetting", almSetting.getKey())
+      .setParam("projectKey", "projectKey")
+      .setParam("repositorySlug", "repo-slug")
+      .executeProtobuf(Projects.CreateWsResponse.class);
+
+    ProjectDto projectDto = getProjectDto(response.getProject());
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+  }
+
+  @Test
+  public void importProject_whenCallIsFromBrowser_shouldFlagTheProjectAsCreatedFromBrowser() {
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    userSession.flagSessionAsGui();
+    Project project = getGsonBBSProject();
+    mockBitbucketServerRepo(project);
+
+    Projects.CreateWsResponse response = ws.newRequest()
+      .setParam("almSetting", almSetting.getKey())
+      .setParam("projectKey", "projectKey")
+      .setParam("repositorySlug", "repo-slug")
+      .executeProtobuf(Projects.CreateWsResponse.class);
+
+    ProjectDto projectDto = getProjectDto(response.getProject());
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_BROWSER);
+  }
+
   @Test
   public void import_project_with_NCD_developer_edition_sets_project_NCD() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
-    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(defaultBranchesList);
+    Repository repo = mockBitbucketServerRepo(project);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -185,12 +201,11 @@ public class ImportBitbucketServerProjectActionIT {
     assertThat(result.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
     assertThat(result.getName()).isEqualTo(repo.getName());
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-    assertThat(db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(), projectDto.get())).isPresent();
+    ProjectDto projectDto = getProjectDto(result);
+    assertThat(db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(), projectDto)).isPresent();
     verify(projectKeyGenerator).generateUniqueProjectKey(requireNonNull(project.getKey()), repo.getSlug());
 
-    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(),  projectDto.get().getUuid()))
+    assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectDto.getUuid()))
       .isPresent()
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue, NewCodePeriodDto::getBranchUuid)
@@ -201,17 +216,9 @@ public class ImportBitbucketServerProjectActionIT {
   public void import_project_with_NCD_community_edition_sets_branch_NCD() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.COMMUNITY));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
-    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(defaultBranchesList);
+    mockBitbucketServerRepo(project);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -223,12 +230,10 @@ public class ImportBitbucketServerProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-    BranchDto branchDto = db.getDbClient().branchDao().selectMainBranchByProjectUuid(db.getSession(), projectDto.get().getUuid()).orElseThrow();
-
+    ProjectDto projectDto = getProjectDto(result);
+    BranchDto branchDto = db.getDbClient().branchDao().selectMainBranchByProjectUuid(db.getSession(), projectDto.getUuid()).orElseThrow();
 
-    String projectUuid = projectDto.get().getUuid();
+    String projectUuid = projectDto.getUuid();
     assertThat(db.getDbClient().newCodePeriodDao().selectByBranch(db.getSession(), projectUuid, branchDto.getUuid()))
       .isPresent()
       .get()
@@ -241,17 +246,9 @@ public class ImportBitbucketServerProjectActionIT {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
     when(defaultBranchNameResolver.getEffectiveMainBranchName()).thenReturn("default-branch");
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
-    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(new BranchesList());
+    mockBitbucketServerRepo(project, new BranchesList());
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -262,11 +259,9 @@ public class ImportBitbucketServerProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
-
+    ProjectDto projectDto = getProjectDto(result);
 
-    String projectUuid = projectDto.get().getUuid();
+    String projectUuid = projectDto.getUuid();
     assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectUuid))
       .isPresent()
       .get()
@@ -278,17 +273,9 @@ public class ImportBitbucketServerProjectActionIT {
   public void import_project_reference_branch_ncd() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
-    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(defaultBranchesList);
+    mockBitbucketServerRepo(project);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -299,10 +286,9 @@ public class ImportBitbucketServerProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-    assertThat(projectDto).isPresent();
+    ProjectDto projectDto = getProjectDto(result);
 
-    String projectUuid = projectDto.get().getUuid();
+    String projectUuid = projectDto.getUuid();
     assertThat(db.getDbClient().newCodePeriodDao().selectByProject(db.getSession(), projectUuid))
       .isPresent()
       .get()
@@ -312,20 +298,12 @@ public class ImportBitbucketServerProjectActionIT {
 
   @Test
   public void fail_project_already_exist() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
+    mockBitbucketServerRepo(project);
     db.components().insertPublicProject(p -> p.setKey(GENERATED_PROJECT_KEY)).getMainBranchComponent();
 
     assertThatThrownBy(() -> {
-      when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-      when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(defaultBranchesList);
 
       ws.newRequest()
         .setParam("almSetting", almSetting.getKey())
@@ -416,17 +394,9 @@ public class ImportBitbucketServerProjectActionIT {
     Branch branch = new Branch("not_a_master", false);
     branchesList.addBranch(branch);
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
-    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(branchesList);
+    mockBitbucketServerRepo(project, branchesList);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -436,9 +406,8 @@ public class ImportBitbucketServerProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-
-    Collection<BranchDto> branchDtos = db.getDbClient().branchDao().selectByProject(db.getSession(), projectDto.get());
+    ProjectDto projectDto = getProjectDto(result);
+    Collection<BranchDto> branchDtos = db.getDbClient().branchDao().selectByProject(db.getSession(), projectDto);
     List<BranchDto> collect = branchDtos.stream().filter(BranchDto::isMain).toList();
     String mainBranchName = collect.iterator().next().getKey();
     assertThat(mainBranchName).isEqualTo(DEFAULT_MAIN_BRANCH_NAME);
@@ -450,17 +419,9 @@ public class ImportBitbucketServerProjectActionIT {
     Branch branch = new Branch("default", true);
     branchesList.addBranch(branch);
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
-    db.almPats().insert(dto -> {
-      dto.setAlmSettingUuid(almSetting.getUuid());
-      dto.setUserUuid(user.getUuid());
-    });
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = getGsonBBSProject();
-    Repository repo = getGsonBBSRepo(project);
-    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(repo);
-    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(branchesList);
+    mockBitbucketServerRepo(project, branchesList);
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam("almSetting", almSetting.getKey())
@@ -470,9 +431,8 @@ public class ImportBitbucketServerProjectActionIT {
 
     Projects.CreateWsResponse.Project result = response.getProject();
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
-
-    Collection<BranchDto> branchDtos = db.getDbClient().branchDao().selectByProject(db.getSession(), projectDto.get());
+    ProjectDto projectDto = getProjectDto(result);
+    Collection<BranchDto> branchDtos = db.getDbClient().branchDao().selectByProject(db.getSession(), projectDto);
     List<BranchDto> collect = branchDtos.stream().filter(BranchDto::isMain).toList();
     String mainBranchName = collect.iterator().next().getKey();
     assertThat(mainBranchName).isEqualTo("default");
@@ -494,12 +454,29 @@ public class ImportBitbucketServerProjectActionIT {
         tuple(PARAM_NEW_CODE_DEFINITION_VALUE, false));
   }
 
-  private Repository getGsonBBSRepo(Project project) {
+  private AlmSettingDto configureUserAndPatAndAlmSettings() {
+    UserDto user = db.users().insertUser();
+    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
+    AlmSettingDto almSetting = db.almSettings().insertGitHubAlmSetting();
+    db.almPats().insert(dto -> {
+      dto.setAlmSettingUuid(almSetting.getUuid());
+      dto.setUserUuid(user.getUuid());
+    });
+    return almSetting;
+  }
+
+  private Repository mockBitbucketServerRepo(Project project) {
+    return mockBitbucketServerRepo(project, defaultBranchesList);
+  }
+
+  private Repository mockBitbucketServerRepo(Project project, BranchesList branchesList) {
     Repository bbsResult = new Repository();
     bbsResult.setProject(project);
     bbsResult.setSlug(randomAlphanumeric(5));
     bbsResult.setName(randomAlphanumeric(5));
     bbsResult.setId(nextLong(100));
+    when(bitbucketServerRestClient.getRepo(any(), any(), any(), any())).thenReturn(bbsResult);
+    when(bitbucketServerRestClient.getBranches(any(), any(), any(), any())).thenReturn(branchesList);
     return bbsResult;
   }
 
@@ -510,4 +487,10 @@ public class ImportBitbucketServerProjectActionIT {
       .setName(randomAlphanumeric(5));
   }
 
+  private ProjectDto getProjectDto(Projects.CreateWsResponse.Project result) {
+    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), result.getKey());
+    assertThat(projectDto).isPresent();
+    return projectDto.orElseThrow();
+  }
+
 }

server/sonar-webserver-webapi/src/it/java/org/sonar/server/almintegration/ws/github/ImportGithubProjectActionIT.java

@@ -74,6 +74,7 @@ import org.sonar.server.ws.TestRequest;
 import org.sonar.server.ws.WsActionTester;
 import org.sonarqube.ws.Projects;
 
+import static java.util.Objects.requireNonNull;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.assertj.core.api.Assertions.tuple;
@@ -138,20 +139,11 @@ public class ImportGithubProjectActionIT {
 
   @Test
   public void importProject_ifProjectWithSameNameDoesNotExist_importSucceed() {
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
 
-    GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
-      "octocat/" + PROJECT_KEY_NAME,
-      "https://github.sonarsource.com/api/v3/repos/octocat/" + PROJECT_KEY_NAME, "default-branch");
-    when(appClient.getRepository(any(), any(), any(), any())).thenReturn(Optional.of(repository));
-    when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn(PROJECT_KEY_NAME);
+    GithubApplicationClient.Repository repository = mockGithubInteractions();
 
-    Projects.CreateWsResponse response = ws.newRequest()
-      .setParam(PARAM_ALM_SETTING, githubAlmSetting.getKey())
-      .setParam(PARAM_ORGANIZATION, "octocat")
-      .setParam(PARAM_REPOSITORY_KEY, "octocat/" + PROJECT_KEY_NAME)
-      .executeProtobuf(Projects.CreateWsResponse.class);
+    Projects.CreateWsResponse response = callWebService(githubAlmSetting);
 
     Projects.CreateWsResponse.Project result = response.getProject();
     assertThat(result.getKey()).isEqualTo(PROJECT_KEY_NAME);
@@ -171,14 +163,9 @@ public class ImportGithubProjectActionIT {
   public void importProject_withNCD_developer_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
 
-    GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
-      "octocat/" + PROJECT_KEY_NAME,
-      "https://github.sonarsource.com/api/v3/repos/octocat/" + PROJECT_KEY_NAME, "default-branch");
-    when(appClient.getRepository(any(), any(), any(), any())).thenReturn(Optional.of(repository));
-    when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn(PROJECT_KEY_NAME);
+    mockGithubInteractions();
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam(PARAM_ALM_SETTING, githubAlmSetting.getKey())
@@ -204,14 +191,9 @@ public class ImportGithubProjectActionIT {
   public void importProject_withNCD_community_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.COMMUNITY));
 
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
 
-    GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
-      "octocat/" + PROJECT_KEY_NAME,
-      "https://github.sonarsource.com/api/v3/repos/octocat/" + PROJECT_KEY_NAME, "default-branch");
-    when(appClient.getRepository(any(), any(), any(), any())).thenReturn(Optional.of(repository));
-    when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn(PROJECT_KEY_NAME);
+    mockGithubInteractions();
 
     Projects.CreateWsResponse response = ws.newRequest()
       .setParam(PARAM_ALM_SETTING, githubAlmSetting.getKey())
@@ -240,8 +222,7 @@ public class ImportGithubProjectActionIT {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
     when(defaultBranchNameResolver.getEffectiveMainBranchName()).thenReturn("default-branch");
 
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
 
     GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
       "octocat/" + PROJECT_KEY_NAME,
@@ -272,8 +253,7 @@ public class ImportGithubProjectActionIT {
   public void importProject_reference_branch_ncd() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
 
     GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
       "octocat/" + PROJECT_KEY_NAME,
@@ -302,8 +282,7 @@ public class ImportGithubProjectActionIT {
 
   @Test
   public void importProject_ifProjectWithSameNameAlreadyExists_importSucceed() {
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
     db.components().insertPublicProject(p -> p.setKey("Hello-World")).getMainBranchComponent();
 
     GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, "Hello-World", false, "Hello-World",
@@ -324,14 +303,9 @@ public class ImportGithubProjectActionIT {
 
   @Test
   public void importProject_whenGithubProvisioningIsDisabled_shouldApplyPermissionTemplate() {
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
 
-    GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
-      "octocat/" + PROJECT_KEY_NAME,
-      "https://github.sonarsource.com/api/v3/repos/octocat/" + PROJECT_KEY_NAME, "default-branch");
-    when(appClient.getRepository(any(), any(), any(), any())).thenReturn(Optional.of(repository));
-    when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn(PROJECT_KEY_NAME);
+    mockGithubInteractions();
     when(gitHubSettings.isProvisioningEnabled()).thenReturn(false);
 
     ws.newRequest()
@@ -349,14 +323,9 @@ public class ImportGithubProjectActionIT {
 
   @Test
   public void importProject_whenGithubProvisioningIsEnabled_shouldNotApplyPermissionTemplate() {
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
 
-    GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
-      "octocat/" + PROJECT_KEY_NAME,
-      "https://github.sonarsource.com/api/v3/repos/octocat/" + PROJECT_KEY_NAME, "default-branch");
-    when(appClient.getRepository(any(), any(), any(), any())).thenReturn(Optional.of(repository));
-    when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn(PROJECT_KEY_NAME);
+    mockGithubInteractions();
     when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
 
     ws.newRequest()
@@ -370,25 +339,43 @@ public class ImportGithubProjectActionIT {
   }
 
   @Test
-  public void importProject_shouldSetCreationMethod() {
-    AlmSettingDto githubAlmSetting = setupAlm();
-    db.almPats().insert(p -> p.setAlmSettingUuid(githubAlmSetting.getUuid()).setUserUuid(userSession.getUuid()));
+  public void importProject_shouldSetCreationMethodToApi_ifNonBrowserRequest() {
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
+    mockGithubInteractions();
 
-    GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
-      "octocat/" + PROJECT_KEY_NAME,
-      "https://github.sonarsource.com/api/v3/repos/octocat/" + PROJECT_KEY_NAME, "default-branch");
-    when(appClient.getRepository(any(), any(), any(), any())).thenReturn(Optional.of(repository));
-    when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn(PROJECT_KEY_NAME);
-    when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
+    Projects.CreateWsResponse response = callWebService(githubAlmSetting);
 
-    Projects.CreateWsResponse response = ws.newRequest()
+    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), response.getProject().getKey());
+    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+  }
+
+  @Test
+  public void importProject_shouldSetCreationMethodToBrowser_ifBrowserRequest() {
+    AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();
+    userSession.flagSessionAsGui();
+    mockGithubInteractions();
+
+    Projects.CreateWsResponse response = callWebService(githubAlmSetting);
+
+    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), response.getProject().getKey());
+    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_BROWSER);
+  }
+
+  private Projects.CreateWsResponse callWebService(AlmSettingDto githubAlmSetting) {
+    return ws.newRequest()
       .setParam(PARAM_ALM_SETTING, githubAlmSetting.getKey())
       .setParam(PARAM_ORGANIZATION, "octocat")
       .setParam(PARAM_REPOSITORY_KEY, "octocat/" + PROJECT_KEY_NAME)
       .executeProtobuf(Projects.CreateWsResponse.class);
+  }
 
-    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), response.getProject().getKey());
-    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
+  private GithubApplicationClient.Repository mockGithubInteractions() {
+    GithubApplicationClient.Repository repository = new GithubApplicationClient.Repository(1L, PROJECT_KEY_NAME, false,
+      "octocat/" + PROJECT_KEY_NAME,
+      "https://github.sonarsource.com/api/v3/repos/octocat/" + PROJECT_KEY_NAME, "default-branch");
+    when(appClient.getRepository(any(), any(), any(), any())).thenReturn(Optional.of(repository));
+    when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn(PROJECT_KEY_NAME);
+    return repository;
   }
 
   @Test
@@ -424,7 +411,7 @@ public class ImportGithubProjectActionIT {
 
   @Test
   public void fail_when_personal_access_token_doesnt_exist() {
-    AlmSettingDto githubAlmSetting = setupAlm();
+    AlmSettingDto githubAlmSetting = setupUserAndAlmSettings();
 
     TestRequest request = ws.newRequest()
       .setParam(PARAM_ALM_SETTING, githubAlmSetting.getKey())
@@ -451,10 +438,15 @@ public class ImportGithubProjectActionIT {
         tuple(PARAM_NEW_CODE_DEFINITION_VALUE, false));
   }
 
-  private AlmSettingDto setupAlm() {
+  private AlmSettingDto setupUserWithPatAndAlmSettings() {
+    AlmSettingDto almSettings = setupUserAndAlmSettings();
+    db.almPats().insert(p -> p.setAlmSettingUuid(almSettings.getUuid()).setUserUuid(requireNonNull(userSession.getUuid())));
+    return almSettings;
+  }
+
+  private AlmSettingDto setupUserAndAlmSettings() {
     UserDto user = db.users().insertUser();
     userSession.logIn(user).addPermission(GlobalPermission.PROVISION_PROJECTS);
-
     return db.almSettings().insertGitHubAlmSetting(alm -> alm.setClientId("client_123").setClientSecret("client_secret_123"));
   }
 }

server/sonar-webserver-webapi/src/it/java/org/sonar/server/almintegration/ws/gitlab/ImportGitLabProjectActionIT.java

@@ -111,9 +111,7 @@ public class ImportGitLabProjectActionIT {
   public void import_project_developer_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.DEVELOPER));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = insertGitLabConfigurationAndPat(user);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = mockGitlabProject(singletonList(new GitLabBranch("master", true)));
 
     Projects.CreateWsResponse response = ws.newRequest()
@@ -144,9 +142,7 @@ public class ImportGitLabProjectActionIT {
   public void import_project_community_edition() {
     when(editionProvider.get()).thenReturn(Optional.of(EditionProvider.Edition.COMMUNITY));
 
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = insertGitLabConfigurationAndPat(user);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     mockGitlabProject(singletonList(new GitLabBranch("master", true)));
 
     Projects.CreateWsResponse response = ws.newRequest()
@@ -167,17 +163,11 @@ public class ImportGitLabProjectActionIT {
       .get()
       .extracting(NewCodePeriodDto::getType, NewCodePeriodDto::getValue, NewCodePeriodDto::getBranchUuid)
       .containsExactly(NUMBER_OF_DAYS, "30", branchDto.getUuid());
-
-    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
   }
 
-
-
   @Test
   public void import_project_with_specific_different_default_branch() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = insertGitLabConfigurationAndPat(user);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = mockGitlabProject(singletonList(new GitLabBranch("main", true)));
 
     Projects.CreateWsResponse response = ws.newRequest()
@@ -203,9 +193,7 @@ public class ImportGitLabProjectActionIT {
 
   @Test
   public void import_project_no_gitlab_default_branch() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = insertGitLabConfigurationAndPat(user);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = mockGitlabProject(emptyList());
 
     Projects.CreateWsResponse response = ws.newRequest()
@@ -231,9 +219,7 @@ public class ImportGitLabProjectActionIT {
 
   @Test
   public void import_project_without_NCD() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = insertGitLabConfigurationAndPat(user);
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     Project project = mockGitlabProject(singletonList(new GitLabBranch("master", true)));
 
     Projects.CreateWsResponse response = ws.newRequest()
@@ -253,10 +239,8 @@ public class ImportGitLabProjectActionIT {
   }
 
   @Test
-  public void import_project_setsCreationMethod() {
-    UserDto user = db.users().insertUser();
-    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
-    AlmSettingDto almSetting = insertGitLabConfigurationAndPat(user);
+  public void importProject_whenNonBrowserCall_setsCreationMethodToApi() {
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
     mockGitlabProject(singletonList(new GitLabBranch("master", true)));
 
     Projects.CreateWsResponse response = ws.newRequest()
@@ -268,6 +252,27 @@ public class ImportGitLabProjectActionIT {
     assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_API);
   }
 
+  @Test
+  public void importProject_whenBrowserCall_setsCreationMethodToBrowser() {
+    AlmSettingDto almSetting = configureUserAndPatAndAlmSettings();
+    userSession.flagSessionAsGui();
+    mockGitlabProject(singletonList(new GitLabBranch("master", true)));
+
+    Projects.CreateWsResponse response = ws.newRequest()
+      .setParam("almSetting", almSetting.getKey())
+      .setParam("gitlabProjectId", "12345")
+      .executeProtobuf(Projects.CreateWsResponse.class);
+
+    Optional<ProjectDto> projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), response.getProject().getKey());
+    assertThat(projectDto.orElseThrow().getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_BROWSER);
+  }
+
+  private AlmSettingDto configureUserAndPatAndAlmSettings() {
+    UserDto user = db.users().insertUser();
+    userSession.logIn(user).addPermission(PROVISION_PROJECTS);
+    return insertGitLabConfigurationAndPat(user);
+  }
+
   private AlmSettingDto insertGitLabConfigurationAndPat(UserDto user) {
     AlmSettingDto almSetting = db.almSettings().insertGitlabAlmSetting();
     db.almPats().insert(dto -> {

server/sonar-webserver-webapi/src/it/java/org/sonar/server/ce/queue/BranchReportSubmitterIT.java

@@ -149,7 +149,7 @@ public class BranchReportSubmitterIT {
     verifyQueueSubmit(mainBranch, branch, user, randomCharacteristics, taskUuid);
 
     ProjectDto projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), componentKey.getKey()).orElseThrow();
-    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.LOCAL);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.LOCAL_API);
   }
 
   @Test
@@ -196,8 +196,7 @@ public class BranchReportSubmitterIT {
     ComponentCreationData componentCreationData = mock(ComponentCreationData.class);
     when(componentCreationData.mainBranchComponent())
       .thenAnswer((Answer<ComponentDto>) invocation -> db.components().insertPrivateProject(PROJECT_UUID, nonExistingBranch).getMainBranchComponent());
-    when(componentUpdater.createWithoutCommit(any(), any()))
-      .thenReturn(componentCreationData);
+    when(componentUpdater.createWithoutCommit(any(), any())).thenReturn(componentCreationData);
     when(branchSupportDelegate.createBranchComponent(any(DbSession.class), same(componentKey), any(), any())).thenReturn(createdBranch);
     when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(nonExistingBranch.getKey()))).thenReturn(true);
     String taskUuid = mockSuccessfulPrepareSubmitCall();
@@ -212,14 +211,13 @@ public class BranchReportSubmitterIT {
     verifyNoMoreInteractions(branchSupportDelegate);
     verifyQueueSubmit(nonExistingBranch, createdBranch, user, randomCharacteristics, taskUuid);
     verify(componentUpdater).commitAndIndex(any(DbSession.class), eq(componentCreationData));
-
     assertProjectCreatedWithCreationMethodEqualsScanner();
   }
 
   private void assertProjectCreatedWithCreationMethodEqualsScanner() {
     ArgumentCaptor<ComponentCreationParameters> componentCreationParametersCaptor = ArgumentCaptor.forClass(ComponentCreationParameters.class);
     verify(componentUpdater).createWithoutCommit(any(), componentCreationParametersCaptor.capture());
-    assertThat(componentCreationParametersCaptor.getValue().creationMethod()).isEqualTo(CreationMethod.SCANNER);
+    assertThat(componentCreationParametersCaptor.getValue().creationMethod()).isEqualTo(CreationMethod.SCANNER_API);
   }
 
   @Test

server/sonar-webserver-webapi/src/it/java/org/sonar/server/ce/queue/ReportSubmitterIT.java

@@ -175,7 +175,7 @@ public class ReportSubmitterIT {
     verify(queue).submit(argThat(submit -> submit.getType().equals(CeTaskTypes.REPORT)
       && submit.getComponent().filter(cpt -> cpt.getUuid().equals(createdProject.uuid()) && cpt.getEntityUuid().equals(projectDto.getUuid())).isPresent()
       && submit.getUuid().equals(TASK_UUID)));
-    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.SCANNER);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.SCANNER_API);
   }
 
   @Test

server/sonar-webserver-webapi/src/it/java/org/sonar/server/component/ComponentUpdaterIT.java

@@ -122,7 +122,7 @@ public class ComponentUpdaterIT {
   public void persist_and_index_when_creating_project() {
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(PRIVATE_COMPONENT)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ComponentCreationData returned = underTest.create(db.getSession(), creationParameters);
 
@@ -154,7 +154,7 @@ public class ComponentUpdaterIT {
     when(defaultBranchNameResolver.getEffectiveMainBranchName()).thenReturn("main-branch-global");
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(PRIVATE_COMPONENT)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     ComponentDto returned = underTest.create(db.getSession(), creationParameters).mainBranchComponent();
@@ -167,7 +167,7 @@ public class ComponentUpdaterIT {
   public void persist_private_flag_true_when_creating_project() {
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(PRIVATE_COMPONENT)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ComponentDto returned = underTest.create(db.getSession(), creationParameters).mainBranchComponent();
     ComponentDto loaded = db.getDbClient().componentDao().selectOrFailByUuid(db.getSession(), returned.uuid());
@@ -183,7 +183,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(project)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ComponentDto returned = underTest.create(db.getSession(), creationParameters).mainBranchComponent();
     ComponentDto loaded = db.getDbClient().componentDao().selectOrFailByUuid(db.getSession(), returned.uuid());
@@ -200,7 +200,7 @@ public class ComponentUpdaterIT {
 
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(view)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ComponentDto returned = underTest.create(db.getSession(), creationParameters).mainBranchComponent();
 
@@ -222,7 +222,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(application)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ComponentCreationData returned = underTest.create(db.getSession(), creationParameters);
 
@@ -246,7 +246,7 @@ public class ComponentUpdaterIT {
       .newComponent(DEFAULT_COMPONENT)
       .userLogin(DEFAULT_USER_LOGIN)
       .userUuid(DEFAULT_USER_UUID)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     ProjectDto dto = underTest.create(db.getSession(), componentCreationParameters).projectDto();
@@ -261,7 +261,7 @@ public class ComponentUpdaterIT {
       .newComponent(DEFAULT_COMPONENT)
       .userLogin(userDto.getLogin())
       .userUuid(userDto.getUuid())
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class)))
@@ -280,7 +280,7 @@ public class ComponentUpdaterIT {
       .newComponent(DEFAULT_COMPONENT)
       .userLogin(user.getLogin())
       .userUuid(user.getUuid())
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(eq(db.getSession()), any(ProjectDto.class)))
@@ -295,7 +295,7 @@ public class ComponentUpdaterIT {
   public void does_not_add_project_to_favorite_when_anonymously_created() {
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(DEFAULT_COMPONENT)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ProjectDto projectDto = underTest.create(db.getSession(), creationParameters).projectDto();
 
@@ -313,7 +313,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(project)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     assertThatThrownBy(() -> underTest.create(session, creationParameters))
@@ -330,7 +330,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(project)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     assertThatThrownBy(() -> underTest.create(session, creationParameters))
@@ -347,7 +347,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(project)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     assertThatThrownBy(() -> underTest.create(session, creationParameters))
@@ -382,7 +382,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(project)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     DbSession dbSession = db.getSession();
@@ -405,7 +405,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(project)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     DbSession dbSession = db.getSession();
@@ -428,7 +428,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(project)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     DbSession dbSession = db.getSession();
@@ -447,7 +447,7 @@ public class ComponentUpdaterIT {
       .build();
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(app)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
 
     ComponentDto appDto = underTest.create(db.getSession(), creationParameters).mainBranchComponent();
@@ -466,7 +466,7 @@ public class ComponentUpdaterIT {
       .userUuid(userDto.getUuid())
       .mainBranchName(null)
       .isManaged(true)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     underTest.createWithoutCommit(db.getSession(), componentCreationParameters);
 
@@ -476,6 +476,11 @@ public class ComponentUpdaterIT {
   @Test
   public void createWithoutCommit_whenProjectIsManagedAndPrivate_applyPublicPermissionsToCreator() {
     UserDto userDto = db.users().insertUser();
+    NewComponent newComponent = NewComponent.newComponentBuilder()
+      .setKey(DEFAULT_PROJECT_KEY)
+      .setName(DEFAULT_PROJECT_NAME)
+      .setPrivate(true)
+      .build();
 
     DbSession session = db.getSession();
 
@@ -485,7 +490,7 @@ public class ComponentUpdaterIT {
       .userUuid(userDto.getUuid())
       .mainBranchName(null)
       .isManaged(true)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ComponentCreationData componentCreationData = underTest.createWithoutCommit(session, componentCreationParameters);
 
@@ -495,22 +500,22 @@ public class ComponentUpdaterIT {
   }
 
   @Test
-  public void create_whenCreationMethodIsLocal_persistsIt() {
+  public void create_whenCreationMethodIsLocalApi_persistsIt() {
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(DEFAULT_COMPONENT)
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(CreationMethod.LOCAL_API)
       .build();
     ProjectDto projectDto = underTest.create(db.getSession(), creationParameters).projectDto();
-    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.LOCAL);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.LOCAL_API);
   }
 
   @Test
-  public void create_whenCreationMethodIsAlmImportUi_persistsIt() {
+  public void create_whenCreationMethodIsAlmImportBrowser_persistsIt() {
     ComponentCreationParameters creationParameters = ComponentCreationParameters.builder()
       .newComponent(DEFAULT_COMPONENT)
-      .creationMethod(CreationMethod.ALM_IMPORT_UI)
+      .creationMethod(CreationMethod.ALM_IMPORT_BROWSER)
       .build();
     ProjectDto projectDto = underTest.create(db.getSession(), creationParameters).projectDto();
-    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_UI);
+    assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.ALM_IMPORT_BROWSER);
   }
 }

server/sonar-webserver-webapi/src/it/java/org/sonar/server/project/ws/CreateActionIT.java

@@ -135,7 +135,7 @@ public class CreateActionIT {
     ProjectDto projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), DEFAULT_PROJECT_KEY).orElseThrow();
     assertThat(projectDto)
       .extracting(ProjectDto::getKey, ProjectDto::getName, ProjectDto::getQualifier, ProjectDto::isPrivate, ProjectDto::getCreationMethod)
-      .containsOnly(DEFAULT_PROJECT_KEY, DEFAULT_PROJECT_NAME, "TRK", false, CreationMethod.LOCAL);
+      .containsOnly(DEFAULT_PROJECT_KEY, DEFAULT_PROJECT_NAME, "TRK", false, CreationMethod.LOCAL_API);
 
     ComponentDto component = db.getDbClient().componentDao().selectByKey(db.getSession(), DEFAULT_PROJECT_KEY).orElseThrow();
     BranchDto branch = db.getDbClient().branchDao().selectByUuid(db.getSession(), component.branchUuid()).orElseThrow();
@@ -158,6 +158,20 @@ public class CreateActionIT {
     assertThat(result.getProject().getVisibility()).isEqualTo("public");
   }
 
+  @Test
+  public void createProject_whenCalIsFromGui_setCreationMethodEqualsUi() {
+    userSession.logIn().addPermission(PROVISION_PROJECTS).flagSessionAsGui();
+
+    ws.newRequest()
+      .setParam("project", DEFAULT_PROJECT_KEY)
+      .setParam("name", DEFAULT_PROJECT_NAME)
+      .setParam("visibility", "public")
+      .executeProtobuf(CreateWsResponse.class);
+
+    ProjectDto project = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), DEFAULT_PROJECT_KEY).get();
+    assertThat(project.getCreationMethod()).isEqualTo(CreationMethod.LOCAL_BROWSER);
+  }
+
   @Test
   public void apply_project_visibility_private() {
     userSession.addPermission(PROVISION_PROJECTS);

server/sonar-webserver-webapi/src/main/java/org/sonar/server/almintegration/ws/azure/ImportAzureProjectAction.java

@@ -38,10 +38,9 @@ import org.sonar.server.almintegration.ws.AlmIntegrationsWsAction;
 import org.sonar.server.almintegration.ws.ImportHelper;
 import org.sonar.server.almintegration.ws.ProjectKeyGenerator;
 import org.sonar.server.component.ComponentCreationData;
+import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.component.ComponentUpdater;
-import org.sonar.db.project.CreationMethod;
 import org.sonar.server.component.NewComponent;
-import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.newcodeperiod.NewCodeDefinitionResolver;
 import org.sonar.server.project.DefaultBranchNameResolver;
 import org.sonar.server.project.ProjectDefaultVisibility;
@@ -50,6 +49,8 @@ import org.sonarqube.ws.Projects.CreateWsResponse;
 
 import static java.util.Objects.requireNonNull;
 import static org.sonar.api.resources.Qualifiers.PROJECT;
+import static org.sonar.db.project.CreationMethod.Category.ALM_IMPORT;
+import static org.sonar.db.project.CreationMethod.getCreationMethod;
 import static org.sonar.server.almintegration.ws.ImportHelper.PARAM_ALM_SETTING;
 import static org.sonar.server.almintegration.ws.ImportHelper.toCreateResponse;
 import static org.sonar.server.component.NewComponent.newComponentBuilder;
@@ -95,8 +96,8 @@ public class ImportAzureProjectAction implements AlmIntegrationsWsAction {
   public void define(WebService.NewController context) {
     WebService.NewAction action = context.createAction("import_azure_project")
       .setDescription("Create a SonarQube project with the information from the provided Azure DevOps project.<br/>" +
-                      "Autoconfigure pull request decoration mechanism.<br/>" +
-                      "Requires the 'Create Projects' permission")
+        "Autoconfigure pull request decoration mechanism.<br/>" +
+        "Requires the 'Create Projects' permission")
       .setPost(true)
       .setSince("8.6")
       .setHandler(this)
@@ -190,7 +191,7 @@ public class ImportAzureProjectAction implements AlmIntegrationsWsAction {
       .userUuid(userSession.getUuid())
       .userLogin(userSession.getLogin())
       .mainBranchName(repo.getDefaultBranchName())
-      .creationMethod(CreationMethod.ALM_IMPORT_API)
+      .creationMethod(getCreationMethod(ALM_IMPORT, userSession.isAuthenticatedBrowserSession()))
       .build();
     return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
   }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/almintegration/ws/bitbucketcloud/ImportBitbucketCloudRepoAction.java

@@ -39,10 +39,9 @@ import org.sonar.server.almintegration.ws.AlmIntegrationsWsAction;
 import org.sonar.server.almintegration.ws.ImportHelper;
 import org.sonar.server.almintegration.ws.ProjectKeyGenerator;
 import org.sonar.server.component.ComponentCreationData;
+import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.component.ComponentUpdater;
-import org.sonar.db.project.CreationMethod;
 import org.sonar.server.component.NewComponent;
-import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.newcodeperiod.NewCodeDefinitionResolver;
 import org.sonar.server.project.DefaultBranchNameResolver;
 import org.sonar.server.project.ProjectDefaultVisibility;
@@ -51,6 +50,8 @@ import org.sonarqube.ws.Projects;
 
 import static java.util.Optional.ofNullable;
 import static org.sonar.api.resources.Qualifiers.PROJECT;
+import static org.sonar.db.project.CreationMethod.Category.ALM_IMPORT;
+import static org.sonar.db.project.CreationMethod.getCreationMethod;
 import static org.sonar.server.almintegration.ws.ImportHelper.PARAM_ALM_SETTING;
 import static org.sonar.server.almintegration.ws.ImportHelper.toCreateResponse;
 import static org.sonar.server.component.NewComponent.newComponentBuilder;
@@ -95,8 +96,8 @@ public class ImportBitbucketCloudRepoAction implements AlmIntegrationsWsAction {
   public void define(WebService.NewController context) {
     WebService.NewAction action = context.createAction("import_bitbucketcloud_repo")
       .setDescription("Create a SonarQube project with the information from the provided Bitbucket Cloud repository.<br/>" +
-                      "Autoconfigure pull request decoration mechanism.<br/>" +
-                      "Requires the 'Create Projects' permission")
+        "Autoconfigure pull request decoration mechanism.<br/>" +
+        "Requires the 'Create Projects' permission")
       .setPost(true)
       .setSince("9.0")
       .setHandler(this)
@@ -188,7 +189,7 @@ public class ImportBitbucketCloudRepoAction implements AlmIntegrationsWsAction {
       .userUuid(userSession.getUuid())
       .userLogin(userSession.getLogin())
       .mainBranchName(defaultBranchName)
-      .creationMethod(CreationMethod.ALM_IMPORT_API)
+      .creationMethod(getCreationMethod(ALM_IMPORT, userSession.isAuthenticatedBrowserSession()))
       .build();
     return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
   }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/almintegration/ws/bitbucketserver/ImportBitbucketServerProjectAction.java

@@ -41,10 +41,9 @@ import org.sonar.server.almintegration.ws.AlmIntegrationsWsAction;
 import org.sonar.server.almintegration.ws.ImportHelper;
 import org.sonar.server.almintegration.ws.ProjectKeyGenerator;
 import org.sonar.server.component.ComponentCreationData;
+import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.component.ComponentUpdater;
-import org.sonar.db.project.CreationMethod;
 import org.sonar.server.component.NewComponent;
-import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.newcodeperiod.NewCodeDefinitionResolver;
 import org.sonar.server.project.DefaultBranchNameResolver;
 import org.sonar.server.project.ProjectDefaultVisibility;
@@ -53,6 +52,8 @@ import org.sonarqube.ws.Projects;
 
 import static java.util.Objects.requireNonNull;
 import static org.sonar.api.resources.Qualifiers.PROJECT;
+import static org.sonar.db.project.CreationMethod.Category.ALM_IMPORT;
+import static org.sonar.db.project.CreationMethod.getCreationMethod;
 import static org.sonar.server.almintegration.ws.ImportHelper.PARAM_ALM_SETTING;
 import static org.sonar.server.almintegration.ws.ImportHelper.toCreateResponse;
 import static org.sonar.server.component.NewComponent.newComponentBuilder;
@@ -206,7 +207,7 @@ public class ImportBitbucketServerProjectAction implements AlmIntegrationsWsActi
       .userUuid(userSession.getUuid())
       .userLogin(userSession.getLogin())
       .mainBranchName(defaultBranchName)
-      .creationMethod(CreationMethod.ALM_IMPORT_API)
+      .creationMethod(getCreationMethod(ALM_IMPORT, userSession.isAuthenticatedBrowserSession()))
       .build();
     return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
   }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/almintegration/ws/github/ImportGithubProjectAction.java

@@ -43,9 +43,9 @@ import org.sonar.server.almintegration.ws.AlmIntegrationsWsAction;
 import org.sonar.server.almintegration.ws.ImportHelper;
 import org.sonar.server.almintegration.ws.ProjectKeyGenerator;
 import org.sonar.server.component.ComponentCreationData;
+import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.component.ComponentUpdater;
 import org.sonar.server.component.NewComponent;
-import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.exceptions.NotFoundException;
 import org.sonar.server.management.ManagedProjectService;
 import org.sonar.server.newcodeperiod.NewCodeDefinitionResolver;
@@ -56,10 +56,11 @@ import org.sonarqube.ws.Projects;
 
 import static java.util.Objects.requireNonNull;
 import static org.sonar.api.resources.Qualifiers.PROJECT;
+import static org.sonar.db.project.CreationMethod.Category.ALM_IMPORT;
+import static org.sonar.db.project.CreationMethod.getCreationMethod;
 import static org.sonar.server.almintegration.ws.ImportHelper.PARAM_ALM_SETTING;
 import static org.sonar.server.almintegration.ws.ImportHelper.toCreateResponse;
 import static org.sonar.server.component.NewComponent.newComponentBuilder;
-import static org.sonar.db.project.CreationMethod.ALM_IMPORT_API;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.NEW_CODE_PERIOD_TYPE_DESCRIPTION_PROJECT_CREATION;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.NEW_CODE_PERIOD_VALUE_DESCRIPTION_PROJECT_CREATION;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.checkNewCodeDefinitionParam;
@@ -211,7 +212,7 @@ public class ImportGithubProjectAction implements AlmIntegrationsWsAction {
       .userUuid(userSession.getUuid())
       .mainBranchName(mainBranchName)
       .isManaged(gitHubSettings.isProvisioningEnabled())
-      .creationMethod(ALM_IMPORT_API)
+      .creationMethod(getCreationMethod(ALM_IMPORT, userSession.isAuthenticatedBrowserSession()))
       .build();
     return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
   }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/almintegration/ws/gitlab/ImportGitLabProjectAction.java

@@ -39,9 +39,9 @@ import org.sonar.server.almintegration.ws.AlmIntegrationsWsAction;
 import org.sonar.server.almintegration.ws.ImportHelper;
 import org.sonar.server.almintegration.ws.ProjectKeyGenerator;
 import org.sonar.server.component.ComponentCreationData;
+import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.component.ComponentUpdater;
 import org.sonar.server.component.NewComponent;
-import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.newcodeperiod.NewCodeDefinitionResolver;
 import org.sonar.server.project.DefaultBranchNameResolver;
 import org.sonar.server.project.ProjectDefaultVisibility;
@@ -50,8 +50,9 @@ import org.sonarqube.ws.Projects.CreateWsResponse;
 
 import static java.util.Objects.requireNonNull;
 import static org.sonar.api.resources.Qualifiers.PROJECT;
+import static org.sonar.db.project.CreationMethod.Category.ALM_IMPORT;
+import static org.sonar.db.project.CreationMethod.getCreationMethod;
 import static org.sonar.server.component.NewComponent.newComponentBuilder;
-import static org.sonar.db.project.CreationMethod.ALM_IMPORT_API;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.NEW_CODE_PERIOD_TYPE_DESCRIPTION_PROJECT_CREATION;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.NEW_CODE_PERIOD_VALUE_DESCRIPTION_PROJECT_CREATION;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.checkNewCodeDefinitionParam;
@@ -192,7 +193,7 @@ public class ImportGitLabProjectAction implements AlmIntegrationsWsAction {
       .userUuid(userSession.getUuid())
       .userLogin(userSession.getLogin())
       .mainBranchName(mainBranchName)
-      .creationMethod(ALM_IMPORT_API)
+      .creationMethod(getCreationMethod(ALM_IMPORT, userSession.isAuthenticatedBrowserSession()))
       .build();
     return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
   }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/authentication/ws/LoginAction.java

@@ -94,7 +94,7 @@ public class LoginAction extends HttpFilter implements AuthenticationWsAction {
     try {
       UserDto userDto = authenticate(request);
       jwtHttpHandler.generateToken(userDto, request, response);
-      threadLocalUserSession.set(userSessionFactory.create(userDto));
+      threadLocalUserSession.set(userSessionFactory.create(userDto, true));
     } catch (AuthenticationException e) {
       authenticationEvent.loginFailure(request, e);
       response.setStatus(HTTP_UNAUTHORIZED);

server/sonar-webserver-webapi/src/main/java/org/sonar/server/ce/queue/ReportSubmitter.java

@@ -39,9 +39,9 @@ import org.sonar.db.component.BranchDto;
 import org.sonar.db.component.ComponentDto;
 import org.sonar.db.permission.GlobalPermission;
 import org.sonar.server.component.ComponentCreationData;
+import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.component.ComponentUpdater;
 import org.sonar.server.component.NewComponent;
-import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.exceptions.BadRequestException;
 import org.sonar.server.permission.PermissionTemplateService;
 import org.sonar.server.project.ProjectDefaultVisibility;
@@ -50,8 +50,8 @@ import org.sonar.server.user.UserSession;
 
 import static java.lang.String.format;
 import static org.apache.commons.lang.StringUtils.defaultIfBlank;
+import static org.sonar.db.project.CreationMethod.SCANNER_API;
 import static org.sonar.server.component.NewComponent.newComponentBuilder;
-import static org.sonar.db.project.CreationMethod.SCANNER;
 import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
 
 @ServerSide
@@ -174,7 +174,7 @@ public class ReportSubmitter {
       .newComponent(newProject)
       .userLogin(userName)
       .userUuid(userUuid)
-      .creationMethod(SCANNER)
+      .creationMethod(SCANNER_API)
       .build();
     return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
   }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/CreateAction.java

@@ -32,10 +32,9 @@ import org.sonar.db.component.BranchDto;
 import org.sonar.db.entity.EntityDto;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.server.component.ComponentCreationData;
+import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.component.ComponentUpdater;
-import org.sonar.db.project.CreationMethod;
 import org.sonar.server.component.NewComponent;
-import org.sonar.server.component.ComponentCreationParameters;
 import org.sonar.server.newcodeperiod.NewCodeDefinitionResolver;
 import org.sonar.server.project.DefaultBranchNameResolver;
 import org.sonar.server.project.ProjectDefaultVisibility;
@@ -49,6 +48,8 @@ import static org.sonar.api.resources.Qualifiers.PROJECT;
 import static org.sonar.core.component.ComponentKeys.MAX_COMPONENT_KEY_LENGTH;
 import static org.sonar.db.component.ComponentValidator.MAX_COMPONENT_NAME_LENGTH;
 import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS;
+import static org.sonar.db.project.CreationMethod.Category.LOCAL;
+import static org.sonar.db.project.CreationMethod.getCreationMethod;
 import static org.sonar.server.component.NewComponent.newComponentBuilder;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.NEW_CODE_PERIOD_TYPE_DESCRIPTION_PROJECT_CREATION;
 import static org.sonar.server.newcodeperiod.NewCodeDefinitionResolver.NEW_CODE_PERIOD_VALUE_DESCRIPTION_PROJECT_CREATION;
@@ -169,10 +170,9 @@ public class CreateAction implements ProjectsWsAction {
       .userUuid(userSession.getUuid())
       .userLogin(userSession.getLogin())
       .mainBranchName(request.getMainBranchKey())
-      .creationMethod(CreationMethod.LOCAL)
+      .creationMethod(getCreationMethod(LOCAL, userSession.isAuthenticatedBrowserSession()))
       .build();
     return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
-
   }
 
   private static CreateRequest toCreateRequest(Request request) {

server/sonar-webserver/src/it/java/org/sonar/server/platform/web/SonarLintConnectionFilterIT.java

@@ -123,7 +123,7 @@ public class SonarLintConnectionFilterIT {
   private void runFilter(String loggedInUser, @Nullable String agent) throws IOException {
     UserDto user = dbTester.getDbClient().userDao().selectByLogin(dbTester.getSession(), loggedInUser);
     ThreadLocalUserSession session = new ThreadLocalUserSession();
-    session.set(new ServerUserSession(dbTester.getDbClient(), user));
+    session.set(new ServerUserSession(dbTester.getDbClient(), user, false));
     SonarLintConnectionFilter underTest = new SonarLintConnectionFilter(dbTester.getDbClient(), session, system2);
     HttpServletRequest httpRequest = mock(HttpServletRequest.class);
     when(httpRequest.getHeader("User-Agent")).thenReturn(agent);