@@ -22,11 +22,12 @@ package org.sonar.core.permission; | |||
import com.google.common.base.Joiner; | |||
import com.google.common.collect.ImmutableList; | |||
import java.util.List; | |||
import org.sonar.db.permission.GlobalPermission; | |||
/** | |||
* Holds the constants representing the various global permissions that can be assigned to users & groups | |||
* | |||
* @deprecated replaced by enum {@link org.sonar.db.permission.OrganizationPermission} | |||
* @deprecated replaced by enum {@link GlobalPermission} | |||
*/ | |||
@Deprecated | |||
public final class GlobalPermissions { |
@@ -23,11 +23,11 @@ import java.util.List; | |||
import java.util.stream.Collectors; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
public class OrganizationHelper { | |||
private static final String ADMIN_PERMISSION = OrganizationPermission.ADMINISTER.getKey(); | |||
private static final String ADMIN_PERMISSION = GlobalPermission.ADMINISTER.getKey(); | |||
private final DbClient dbClient; | |||
@@ -29,8 +29,8 @@ import org.sonar.db.EmailSubscriberDto; | |||
import static org.sonar.db.DatabaseUtils.executeLargeInputs; | |||
import static org.sonar.db.DatabaseUtils.executeLargeInputsIntoSet; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
/** | |||
* The SQL requests used to verify authorization (the permissions |
@@ -19,7 +19,7 @@ | |||
*/ | |||
package org.sonar.db.permission; | |||
public enum OrganizationPermission { | |||
public enum GlobalPermission { | |||
ADMINISTER("admin"), | |||
ADMINISTER_QUALITY_GATES("gateadmin"), | |||
@@ -35,7 +35,7 @@ public enum OrganizationPermission { | |||
private final String key; | |||
OrganizationPermission(String key) { | |||
GlobalPermission(String key) { | |||
this.key = key; | |||
} | |||
@@ -48,8 +48,8 @@ public enum OrganizationPermission { | |||
return key; | |||
} | |||
public static OrganizationPermission fromKey(String key) { | |||
for (OrganizationPermission p : values()) { | |||
public static GlobalPermission fromKey(String key) { | |||
for (GlobalPermission p : values()) { | |||
if (p.getKey().equals(key)) { | |||
return p; | |||
} |
@@ -46,9 +46,9 @@ import static com.google.common.collect.Sets.newHashSet; | |||
import static java.util.Collections.singleton; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
public class AuthorizationDaoTest { | |||
@@ -23,12 +23,12 @@ import org.junit.Test; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
public class OrganizationPermissionTest { | |||
public class GlobalPermissionTest { | |||
@Test | |||
public void fromKey_returns_enum_with_specified_key() { | |||
for (OrganizationPermission p : OrganizationPermission.values()) { | |||
assertThat(OrganizationPermission.fromKey(p.getKey())).isEqualTo(p); | |||
for (GlobalPermission p : GlobalPermission.values()) { | |||
assertThat(GlobalPermission.fromKey(p.getKey())).isEqualTo(p); | |||
} | |||
} | |||
} |
@@ -46,9 +46,9 @@ import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
public class GroupPermissionDaoTest { |
@@ -50,10 +50,10 @@ import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
public class UserPermissionDaoTest { | |||
@@ -654,9 +654,9 @@ public class UserPermissionDaoTest { | |||
assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where component_uuid='" + project.uuid() + "'")).isEqualTo(0); | |||
} | |||
private void assertGlobalPermissionsOfUser(UserDto user, OrganizationPermission... permissions) { | |||
private void assertGlobalPermissionsOfUser(UserDto user, GlobalPermission... permissions) { | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid()).stream() | |||
.map(OrganizationPermission::fromKey)) | |||
.map(GlobalPermission::fromKey)) | |||
.containsOnly(permissions); | |||
} | |||
@@ -48,7 +48,7 @@ import org.sonar.db.metric.MetricDto; | |||
import org.sonar.db.newcodeperiod.NewCodePeriodType; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.organization.OrganizationTesting; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.rule.RuleDefinitionDto; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -654,7 +654,7 @@ public class PurgeCommandsTest { | |||
UserDto user = dbTester.users().insertUser(); | |||
dbTester.users().insertProjectPermissionOnUser(user, "doh", root); | |||
dbTester.users().insertPermissionOnUser(user, OrganizationPermission.SCAN); | |||
dbTester.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
assertThat(dbTester.countRowsOfTable("group_roles")).isEqualTo(root.isPrivate() ? 2 : 4); | |||
assertThat(dbTester.countRowsOfTable("user_roles")).isEqualTo(2); |
@@ -32,7 +32,7 @@ import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
public class RoleDaoTest { | |||
@@ -27,7 +27,7 @@ import org.sonar.core.permission.GlobalPermissions; | |||
public class PermissionsTestHelper { | |||
public static final Set<String> ALL_PERMISSIONS = ImmutableSet.of(UserRole.ADMIN, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, | |||
GlobalPermissions.SCAN_EXECUTION, UserRole.USER, OrganizationPermission.APPLICATION_CREATOR.getKey(), OrganizationPermission.PORTFOLIO_CREATOR.getKey()); | |||
GlobalPermissions.SCAN_EXECUTION, UserRole.USER, GlobalPermission.APPLICATION_CREATOR.getKey(), GlobalPermission.PORTFOLIO_CREATOR.getKey()); | |||
private PermissionsTestHelper() { | |||
} |
@@ -35,15 +35,15 @@ import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.ce.CeTaskMessageType; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.UserPermissionDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static java.util.Arrays.stream; | |||
import static org.apache.commons.lang.math.RandomUtils.nextLong; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.user.GroupTesting.newGroupDto; | |||
public class UserDbTester { | |||
@@ -205,7 +205,7 @@ public class UserDbTester { | |||
return dto; | |||
} | |||
public GroupPermissionDto insertPermissionOnAnyone(OrganizationPermission permission) { | |||
public GroupPermissionDto insertPermissionOnAnyone(GlobalPermission permission) { | |||
return insertPermissionOnAnyone(permission.getKey()); | |||
} | |||
@@ -219,7 +219,7 @@ public class UserDbTester { | |||
return dto; | |||
} | |||
public GroupPermissionDto insertPermissionOnGroup(GroupDto group, OrganizationPermission permission) { | |||
public GroupPermissionDto insertPermissionOnGroup(GroupDto group, GlobalPermission permission) { | |||
return insertPermissionOnGroup(group, permission.getKey()); | |||
} | |||
@@ -281,13 +281,13 @@ public class UserDbTester { | |||
/** | |||
* Grant permission | |||
*/ | |||
public UserPermissionDto insertPermissionOnUser(UserDto user, OrganizationPermission permission) { | |||
public UserPermissionDto insertPermissionOnUser(UserDto user, GlobalPermission permission) { | |||
return insertPermissionOnUser(user, permission.getKey()); | |||
} | |||
/** | |||
* Grant global permission | |||
* @deprecated use {@link #insertPermissionOnUser(UserDto, OrganizationPermission)} | |||
* @deprecated use {@link #insertPermissionOnUser(UserDto, GlobalPermission)} | |||
*/ | |||
@Deprecated | |||
public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) { | |||
@@ -297,7 +297,7 @@ public class UserDbTester { | |||
return dto; | |||
} | |||
public void deletePermissionFromUser(UserDto user, OrganizationPermission permission) { | |||
public void deletePermissionFromUser(UserDto user, GlobalPermission permission) { | |||
db.getDbClient().userPermissionDao().deleteGlobalPermission(db.getSession(), user.getUuid(), permission.getKey()); | |||
db.commit(); | |||
} | |||
@@ -320,7 +320,7 @@ public class UserDbTester { | |||
return dto; | |||
} | |||
public List<OrganizationPermission> selectPermissionsOfUser(UserDto user) { | |||
public List<GlobalPermission> selectPermissionsOfUser(UserDto user) { | |||
return toListOfOrganizationPermissions(db.getDbClient().userPermissionDao() | |||
.selectGlobalPermissionsOfUser(db.getSession(), user.getUuid())); | |||
} | |||
@@ -329,10 +329,10 @@ public class UserDbTester { | |||
return db.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(db.getSession(), user.getUuid(), project.uuid()); | |||
} | |||
private static List<OrganizationPermission> toListOfOrganizationPermissions(List<String> keys) { | |||
private static List<GlobalPermission> toListOfOrganizationPermissions(List<String> keys) { | |||
return keys | |||
.stream() | |||
.map(OrganizationPermission::fromKey) | |||
.map(GlobalPermission::fromKey) | |||
.collect(MoreCollectors.toList()); | |||
} | |||
@@ -24,7 +24,7 @@ import java.util.Collections; | |||
import java.util.Optional; | |||
import javax.annotation.CheckForNull; | |||
import javax.annotation.concurrent.Immutable; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.user.AbstractUserSession; | |||
@@ -32,7 +32,7 @@ import org.sonar.server.user.AbstractUserSession; | |||
public class SafeModeUserSession extends AbstractUserSession { | |||
@Override | |||
protected boolean hasPermissionImpl(OrganizationPermission permission) { | |||
protected boolean hasPermissionImpl(GlobalPermission permission) { | |||
return false; | |||
} | |||
@@ -42,7 +42,7 @@ import static java.util.stream.Collectors.toSet; | |||
import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE; | |||
import static org.sonar.core.util.stream.MoreCollectors.toList; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
public class MemberUpdater { | |||
@@ -33,8 +33,8 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.organization.DefaultTemplates; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.organization.OrganizationMemberDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.qualitygate.QualityGateDto; | |||
import org.sonar.db.qualityprofile.DefaultQProfileDto; | |||
@@ -59,7 +59,7 @@ import static org.sonar.api.web.UserRole.SECURITYHOTSPOT_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.organization.OrganizationDto.Subscription.FREE; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class OrganizationUpdaterImpl implements OrganizationUpdater { | |||
@@ -224,7 +224,7 @@ public class OrganizationUpdaterImpl implements OrganizationUpdater { | |||
return group; | |||
} | |||
private void addPermissionToGroup(DbSession dbSession, GroupDto group, OrganizationPermission permission) { | |||
private void addPermissionToGroup(DbSession dbSession, GroupDto group, GlobalPermission permission) { | |||
dbClient.groupPermissionDao().insert( | |||
dbSession, | |||
new GroupPermissionDto() |
@@ -20,11 +20,11 @@ | |||
package org.sonar.server.permission; | |||
import java.util.List; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
public interface PermissionService { | |||
List<OrganizationPermission> getGlobalPermissions(); | |||
List<GlobalPermission> getGlobalPermissions(); | |||
List<String> getAllProjectPermissions(); | |||
} |
@@ -25,7 +25,7 @@ import javax.annotation.concurrent.Immutable; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import static java.util.stream.Collectors.toList; | |||
@@ -35,19 +35,19 @@ public class PermissionServiceImpl implements PermissionService { | |||
private static final List<String> ALL_PROJECT_PERMISSIONS = ImmutableList.of( | |||
UserRole.ADMIN, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, UserRole.SCAN, UserRole.USER); | |||
private static final List<OrganizationPermission> ALL_GLOBAL_PERMISSIONS = ImmutableList.copyOf(OrganizationPermission.values()); | |||
private static final List<GlobalPermission> ALL_GLOBAL_PERMISSIONS = ImmutableList.copyOf(GlobalPermission.values()); | |||
private final List<OrganizationPermission> globalPermissions; | |||
private final List<GlobalPermission> globalPermissions; | |||
private final List<String> projectPermissions; | |||
public PermissionServiceImpl(ResourceTypes resourceTypes) { | |||
globalPermissions = ImmutableList.copyOf(ALL_GLOBAL_PERMISSIONS.stream() | |||
.filter(s -> !s.equals(OrganizationPermission.APPLICATION_CREATOR) || resourceTypes.isQualifierPresent(Qualifiers.APP)) | |||
.filter(s -> !s.equals(OrganizationPermission.PORTFOLIO_CREATOR) || resourceTypes.isQualifierPresent(Qualifiers.VIEW)) | |||
.filter(s -> !s.equals(GlobalPermission.APPLICATION_CREATOR) || resourceTypes.isQualifierPresent(Qualifiers.APP)) | |||
.filter(s -> !s.equals(GlobalPermission.PORTFOLIO_CREATOR) || resourceTypes.isQualifierPresent(Qualifiers.VIEW)) | |||
.collect(toList())); | |||
projectPermissions = ImmutableList.copyOf(ALL_PROJECT_PERMISSIONS.stream() | |||
.filter(s -> !s.equals(OrganizationPermission.APPLICATION_CREATOR.getKey()) || resourceTypes.isQualifierPresent(Qualifiers.APP)) | |||
.filter(s -> !s.equals(OrganizationPermission.PORTFOLIO_CREATOR.getKey()) || resourceTypes.isQualifierPresent(Qualifiers.VIEW)) | |||
.filter(s -> !s.equals(GlobalPermission.APPLICATION_CREATOR.getKey()) || resourceTypes.isQualifierPresent(Qualifiers.APP)) | |||
.filter(s -> !s.equals(GlobalPermission.PORTFOLIO_CREATOR.getKey()) || resourceTypes.isQualifierPresent(Qualifiers.VIEW)) | |||
.collect(toList())); | |||
} | |||
@@ -55,7 +55,7 @@ public class PermissionServiceImpl implements PermissionService { | |||
* Return an immutable Set of all organization permissions | |||
*/ | |||
@Override | |||
public List<OrganizationPermission> getGlobalPermissions() { | |||
public List<GlobalPermission> getGlobalPermissions() { | |||
return globalPermissions; | |||
} | |||
@@ -30,7 +30,7 @@ import javax.annotation.Nullable; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.stream.MoreCollectors; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -76,11 +76,11 @@ public abstract class AbstractUserSession implements UserSession { | |||
} | |||
@Override | |||
public final boolean hasPermission(OrganizationPermission permission) { | |||
public final boolean hasPermission(GlobalPermission permission) { | |||
return isRoot() || hasPermissionImpl(permission); | |||
} | |||
protected abstract boolean hasPermissionImpl(OrganizationPermission permission); | |||
protected abstract boolean hasPermissionImpl(GlobalPermission permission); | |||
@Override | |||
public final boolean hasComponentPermission(String permission, ComponentDto component) { | |||
@@ -167,7 +167,7 @@ public abstract class AbstractUserSession implements UserSession { | |||
} | |||
@Override | |||
public final UserSession checkPermission(OrganizationPermission permission) { | |||
public final UserSession checkPermission(GlobalPermission permission) { | |||
if (!hasPermission(permission)) { | |||
throw new ForbiddenException(INSUFFICIENT_PRIVILEGES_MESSAGE); | |||
} |
@@ -22,11 +22,11 @@ package org.sonar.server.user; | |||
import java.util.Collection; | |||
import java.util.Collections; | |||
import java.util.Optional; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
/** | |||
* Allow code to be executed with the highest privileges possible, as if executed by a {@link OrganizationPermission#ADMINISTER} account. | |||
* Allow code to be executed with the highest privileges possible, as if executed by a {@link GlobalPermission#ADMINISTER} account. | |||
* @since 4.3 | |||
*/ | |||
public final class DoPrivileged { | |||
@@ -107,7 +107,7 @@ public final class DoPrivileged { | |||
} | |||
@Override | |||
protected boolean hasPermissionImpl(OrganizationPermission permission) { | |||
protected boolean hasPermissionImpl(GlobalPermission permission) { | |||
return true; | |||
} | |||
@@ -33,7 +33,7 @@ import org.sonar.core.util.stream.MoreCollectors; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -52,7 +52,7 @@ public class ServerUserSession extends AbstractUserSession { | |||
private final Map<String, String> projectUuidByComponentUuid = new HashMap<>(); | |||
private Collection<GroupDto> groups; | |||
private Boolean isSystemAdministrator; | |||
private Set<OrganizationPermission> permissions; | |||
private Set<GlobalPermission> permissions; | |||
private Map<String, Set<String>> permissionsByProjectUuid; | |||
ServerUserSession(DbClient dbClient, @Nullable UserDto userDto) { | |||
@@ -116,7 +116,7 @@ public class ServerUserSession extends AbstractUserSession { | |||
} | |||
@Override | |||
protected boolean hasPermissionImpl(OrganizationPermission permission) { | |||
protected boolean hasPermissionImpl(GlobalPermission permission) { | |||
if (permissions == null) { | |||
permissions = loadGlobalPermissions(); | |||
} | |||
@@ -170,7 +170,7 @@ public class ServerUserSession extends AbstractUserSession { | |||
} | |||
} | |||
private Set<OrganizationPermission> loadGlobalPermissions() { | |||
private Set<GlobalPermission> loadGlobalPermissions() { | |||
Set<String> permissionKeys; | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
if (userDto != null && userDto.getUuid() != null) { | |||
@@ -180,7 +180,7 @@ public class ServerUserSession extends AbstractUserSession { | |||
} | |||
} | |||
return permissionKeys.stream() | |||
.map(OrganizationPermission::fromKey) | |||
.map(GlobalPermission::fromKey) | |||
.collect(MoreCollectors.toSet(permissionKeys.size())); | |||
} | |||
@@ -217,6 +217,6 @@ public class ServerUserSession extends AbstractUserSession { | |||
if (isRoot()) { | |||
return true; | |||
} | |||
return hasPermission(OrganizationPermission.ADMINISTER); | |||
return hasPermission(GlobalPermission.ADMINISTER); | |||
} | |||
} |
@@ -24,7 +24,7 @@ import java.util.List; | |||
import java.util.Optional; | |||
import javax.annotation.CheckForNull; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.UnauthorizedException; | |||
@@ -111,12 +111,12 @@ public class ThreadLocalUserSession implements UserSession { | |||
} | |||
@Override | |||
public boolean hasPermission(OrganizationPermission permission) { | |||
public boolean hasPermission(GlobalPermission permission) { | |||
return get().hasPermission(permission); | |||
} | |||
@Override | |||
public UserSession checkPermission(OrganizationPermission permission) { | |||
public UserSession checkPermission(GlobalPermission permission) { | |||
get().checkPermission(permission); | |||
return this; | |||
} |
@@ -27,7 +27,7 @@ import java.util.Optional; | |||
import javax.annotation.CheckForNull; | |||
import javax.annotation.concurrent.Immutable; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -169,13 +169,13 @@ public interface UserSession { | |||
* Always returns {@code true} if {@link #isRoot()} is {@code true}, even if | |||
* organization does not exist. | |||
*/ | |||
boolean hasPermission(OrganizationPermission permission); | |||
boolean hasPermission(GlobalPermission permission); | |||
/** | |||
* Ensures that {@link #hasPermission(OrganizationPermission)} is {@code true}, | |||
* Ensures that {@link #hasPermission(GlobalPermission)} is {@code true}, | |||
* otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}. | |||
*/ | |||
UserSession checkPermission(OrganizationPermission permission); | |||
UserSession checkPermission(GlobalPermission permission); | |||
/** | |||
* Returns {@code true} if the permission is granted to user on the component, |
@@ -21,7 +21,7 @@ package org.sonar.server.authentication; | |||
import org.junit.Test; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
@@ -42,7 +42,7 @@ public class SafeModeUserSessionTest { | |||
public void session_has_no_permissions() { | |||
assertThat(underTest.isRoot()).isFalse(); | |||
assertThat(underTest.isSystemAdministrator()).isFalse(); | |||
assertThat(underTest.hasPermissionImpl(OrganizationPermission.ADMINISTER)).isFalse(); | |||
assertThat(underTest.hasPermissionImpl(GlobalPermission.ADMINISTER)).isFalse(); | |||
assertThat(underTest.hasProjectUuidPermission(UserRole.USER, "foo")).isFalse(); | |||
} | |||
} |
@@ -21,7 +21,7 @@ package org.sonar.server.permission; | |||
import org.junit.Test; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
@@ -33,7 +33,7 @@ public class PermissionServiceImplTest { | |||
@Test | |||
public void organizationPermissions_must_be_ordered() { | |||
assertThat(underTest.getGlobalPermissions()) | |||
.extracting(OrganizationPermission::getKey) | |||
.extracting(GlobalPermission::getKey) | |||
.containsExactly("admin", "gateadmin", "profileadmin", "provisioning", "scan", "applicationcreator", "portfoliocreator"); | |||
} | |||
@@ -40,9 +40,9 @@ import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newChildComponent; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class ServerUserSessionTest { | |||
@@ -29,7 +29,7 @@ import java.util.Optional; | |||
import java.util.Set; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.server.user.AbstractUserSession; | |||
@@ -40,7 +40,7 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession> | |||
private final Class<T> clazz; | |||
private HashMultimap<String, String> projectUuidByPermission = HashMultimap.create(); | |||
private final Set<OrganizationPermission> permissions = new HashSet<>(); | |||
private final Set<GlobalPermission> permissions = new HashSet<>(); | |||
private Map<String, String> projectUuidByComponentUuid = new HashMap<>(); | |||
private Set<String> projectPermissions = new HashSet<>(); | |||
private boolean systemAdministrator = false; | |||
@@ -49,13 +49,13 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession> | |||
this.clazz = clazz; | |||
} | |||
public T addPermission(OrganizationPermission permission) { | |||
public T addPermission(GlobalPermission permission) { | |||
permissions.add(permission); | |||
return clazz.cast(this); | |||
} | |||
@Override | |||
protected boolean hasPermissionImpl(OrganizationPermission permission) { | |||
protected boolean hasPermissionImpl(GlobalPermission permission) { | |||
return permissions.contains(permission); | |||
} | |||
@@ -29,7 +29,7 @@ import org.junit.rules.TestRule; | |||
import org.junit.runner.Description; | |||
import org.junit.runners.model.Statement; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -197,7 +197,7 @@ public class UserSessionRule implements TestRule, UserSession { | |||
return this; | |||
} | |||
public UserSessionRule addPermission(OrganizationPermission permission) { | |||
public UserSessionRule addPermission(GlobalPermission permission) { | |||
ensureAbstractMockUserSession().addPermission(permission); | |||
return this; | |||
} | |||
@@ -310,12 +310,12 @@ public class UserSessionRule implements TestRule, UserSession { | |||
} | |||
@Override | |||
public boolean hasPermission(OrganizationPermission permission) { | |||
public boolean hasPermission(GlobalPermission permission) { | |||
return currentUserSession.hasPermission(permission); | |||
} | |||
@Override | |||
public UserSession checkPermission(OrganizationPermission permission) { | |||
public UserSession checkPermission(GlobalPermission permission) { | |||
currentUserSession.checkPermission(permission); | |||
return this; | |||
} |
@@ -22,7 +22,7 @@ package org.sonar.server.user; | |||
import java.util.Collection; | |||
import java.util.Optional; | |||
import javax.annotation.Nullable; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -102,7 +102,7 @@ public class TestUserSessionFactory implements UserSessionFactory { | |||
} | |||
@Override | |||
protected boolean hasPermissionImpl(OrganizationPermission permission) { | |||
protected boolean hasPermissionImpl(GlobalPermission permission) { | |||
throw notImplemented(); | |||
} | |||
@@ -31,7 +31,7 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.UuidFactory; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.usergroups.DefaultGroupFinder; | |||
@@ -98,8 +98,8 @@ public class RegisterPermissionTemplates implements Startable { | |||
Optional<GroupDto> admins = dbClient.groupDao().selectByName(dbSession, DefaultGroups.ADMINISTRATORS); | |||
if (admins.isPresent()) { | |||
insertGroupPermission(dbSession, template, UserRole.ADMIN, admins.get()); | |||
insertGroupPermission(dbSession, template, OrganizationPermission.APPLICATION_CREATOR.getKey(), admins.get()); | |||
insertGroupPermission(dbSession, template, OrganizationPermission.PORTFOLIO_CREATOR.getKey(), admins.get()); | |||
insertGroupPermission(dbSession, template, GlobalPermission.APPLICATION_CREATOR.getKey(), admins.get()); | |||
insertGroupPermission(dbSession, template, GlobalPermission.PORTFOLIO_CREATOR.getKey(), admins.get()); | |||
} else { | |||
LOG.error("Cannot setup default permission for group: " + DefaultGroups.ADMINISTRATORS); | |||
} |
@@ -32,7 +32,7 @@ import org.sonar.api.utils.log.LoggerLevel; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.UuidFactoryFast; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.permission.template.PermissionTemplateGroupDto; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -66,8 +66,8 @@ public class RegisterPermissionTemplatesTest { | |||
List<PermissionTemplateGroupDto> groupPermissions = selectGroupPermissions(defaultTemplate); | |||
assertThat(groupPermissions).hasSize(7); | |||
expectGroupPermission(groupPermissions, UserRole.ADMIN, DefaultGroups.ADMINISTRATORS); | |||
expectGroupPermission(groupPermissions, OrganizationPermission.APPLICATION_CREATOR.getKey(), DefaultGroups.ADMINISTRATORS); | |||
expectGroupPermission(groupPermissions, OrganizationPermission.PORTFOLIO_CREATOR.getKey(), DefaultGroups.ADMINISTRATORS); | |||
expectGroupPermission(groupPermissions, GlobalPermission.APPLICATION_CREATOR.getKey(), DefaultGroups.ADMINISTRATORS); | |||
expectGroupPermission(groupPermissions, GlobalPermission.PORTFOLIO_CREATOR.getKey(), DefaultGroups.ADMINISTRATORS); | |||
expectGroupPermission(groupPermissions, UserRole.CODEVIEWER, defaultGroup.getName()); | |||
expectGroupPermission(groupPermissions, UserRole.USER, defaultGroup.getName()); | |||
expectGroupPermission(groupPermissions, UserRole.ISSUE_ADMIN, defaultGroup.getName()); |
@@ -30,7 +30,7 @@ import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.FilePathWithHashDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.scanner.protocol.input.FileData; | |||
import org.sonar.scanner.protocol.input.MultiModuleProjectRepository; | |||
import org.sonar.scanner.protocol.input.ProjectRepositories; | |||
@@ -62,7 +62,7 @@ public class ProjectDataLoader { | |||
ComponentDto project = componentFinder.getByKey(session, projectKey); | |||
checkRequest(project.isRootProject(), "Key '%s' belongs to a component which is not a Project", projectKey); | |||
boolean hasScanPerm = userSession.hasComponentPermission(UserRole.SCAN, project) || | |||
userSession.hasPermission(OrganizationPermission.SCAN); | |||
userSession.hasPermission(GlobalPermission.SCAN); | |||
checkPermission(hasScanPerm); | |||
ComponentDto branchOrMainModule = (branch == null && pullRequest == null) ? project | |||
: componentFinder.getByKeyAndOptionalBranchOrPullRequest(session, projectKey, branch, pullRequest); |
@@ -36,7 +36,7 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.component.BranchDto; | |||
import org.sonar.db.component.SnapshotDto; | |||
import org.sonar.db.measure.LiveMeasureDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.protobuf.DbProjectBranches; | |||
import org.sonar.server.component.ComponentFinder; | |||
@@ -127,7 +127,7 @@ public class ListAction implements PullRequestWsAction { | |||
private void checkPermission(ProjectDto project) { | |||
if (userSession.hasProjectPermission(USER, project) || | |||
userSession.hasProjectPermission(UserRole.SCAN, project) || | |||
userSession.hasPermission(OrganizationPermission.SCAN)) { | |||
userSession.hasPermission(GlobalPermission.SCAN)) { | |||
return; | |||
} | |||
throw insufficientPrivilegesException(); |
@@ -49,7 +49,7 @@ import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.util.stream.MoreCollectors.toList; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.component.BranchType.BRANCH; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.server.branch.ws.BranchesWs.addProjectParam; | |||
import static org.sonar.server.branch.ws.ProjectBranchesParameters.ACTION_LIST; | |||
import static org.sonar.server.branch.ws.ProjectBranchesParameters.PARAM_PROJECT; |
@@ -38,7 +38,7 @@ import org.sonar.db.ce.CeTaskTypes; | |||
import org.sonar.db.component.BranchDto; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.component.ComponentUpdater; | |||
import org.sonar.server.component.NewComponent; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
@@ -129,7 +129,7 @@ public class ReportSubmitter { | |||
// they don't have the direct permission on the project. | |||
// That means that dropping the permission on the project does not have any effects | |||
// if user has still the permission on the organization | |||
if (!userSession.hasComponentPermission(UserRole.SCAN, project) && !userSession.hasPermission(OrganizationPermission.SCAN)) { | |||
if (!userSession.hasComponentPermission(UserRole.SCAN, project) && !userSession.hasPermission(GlobalPermission.SCAN)) { | |||
throw insufficientPrivilegesException(); | |||
} | |||
} | |||
@@ -164,7 +164,7 @@ public class ReportSubmitter { | |||
} | |||
private ComponentDto createProject(DbSession dbSession, OrganizationDto organization, BranchSupport.ComponentKey componentKey, @Nullable String projectName) { | |||
userSession.checkPermission(OrganizationPermission.PROVISION_PROJECTS); | |||
userSession.checkPermission(GlobalPermission.PROVISION_PROJECTS); | |||
String userUuid = userSession.getUuid(); | |||
boolean wouldCurrentUserHaveScanPermission = permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate( |
@@ -41,7 +41,7 @@ import org.sonar.db.ce.CeActivityDto; | |||
import org.sonar.db.ce.CeQueueDto; | |||
import org.sonar.db.ce.CeTaskMessageDto; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.user.UserSession; | |||
import org.sonarqube.ws.Ce; | |||
@@ -126,8 +126,8 @@ public class TaskAction implements CeWsAction { | |||
private void checkPermission(Optional<ComponentDto> component) { | |||
if (component.isPresent()) { | |||
String orgUuid = component.get().getOrganizationUuid(); | |||
if (!userSession.hasPermission(OrganizationPermission.ADMINISTER) && | |||
!userSession.hasPermission(OrganizationPermission.SCAN) && | |||
if (!userSession.hasPermission(GlobalPermission.ADMINISTER) && | |||
!userSession.hasPermission(GlobalPermission.SCAN) && | |||
!userSession.hasComponentPermission(UserRole.SCAN, component.get())) { | |||
throw insufficientPrivilegesException(); | |||
} |
@@ -38,7 +38,7 @@ import org.sonar.server.user.UserSession; | |||
import org.sonarqube.ws.NewCodePeriods; | |||
import static java.lang.String.format; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.NewCodePeriods.ShowWSResponse; |
@@ -26,7 +26,7 @@ import org.sonar.api.server.ws.WebService.NewController; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupMembershipQuery; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.issue.AvatarResolver; | |||
@@ -38,11 +38,11 @@ import org.sonarqube.ws.Organizations.User; | |||
import static com.google.common.base.Strings.emptyToNull; | |||
import static java.util.Optional.ofNullable; | |||
import static org.sonar.db.user.GroupMembershipQuery.IN; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_LOGIN; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION; | |||
import static org.sonar.server.ws.KeyExamples.KEY_ORG_EXAMPLE_001; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
public class AddMemberAction implements OrganizationsWsAction { | |||
@@ -93,7 +93,7 @@ public class AddMemberAction implements OrganizationsWsAction { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
OrganizationDto organization = checkFoundWithOptional(dbClient.organizationDao().selectByKey(dbSession, organizationKey), "Organization '%s' is not found", | |||
organizationKey); | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
wsSupport.checkMemberSyncIsDisabled(dbSession, organization); | |||
UserDto user = checkFound(dbClient.userDao().selectByLogin(dbSession, login), "User '%s' is not found", login); | |||
memberUpdater.addMember(dbSession, organization, user); |
@@ -31,11 +31,11 @@ import org.sonar.server.organization.OrganizationFlags; | |||
import org.sonar.server.user.UserSession; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION; | |||
import static org.sonar.server.ws.KeyExamples.KEY_ORG_EXAMPLE_002; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
public class DeleteAction implements OrganizationsWsAction { | |||
private static final String ACTION = "delete"; |
@@ -23,7 +23,7 @@ import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.Response; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.organization.DefaultOrganizationProvider; | |||
import org.sonar.server.organization.OrganisationSupport; | |||
import org.sonar.server.user.UserSession; | |||
@@ -65,7 +65,7 @@ public class EnableSupportAction implements OrganizationsWsAction { | |||
} | |||
private void verifySystemAdministrator() { | |||
userSession.checkLoggedIn().checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkLoggedIn().checkPermission(GlobalPermission.ADMINISTER); | |||
} | |||
} |
@@ -30,12 +30,12 @@ import org.sonar.db.user.UserDto; | |||
import org.sonar.server.organization.MemberUpdater; | |||
import org.sonar.server.user.UserSession; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_LOGIN; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION; | |||
import static org.sonar.server.ws.KeyExamples.KEY_ORG_EXAMPLE_001; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
public class RemoveMemberAction implements OrganizationsWsAction { | |||
private final DbClient dbClient; |
@@ -46,8 +46,8 @@ import static java.util.Optional.ofNullable; | |||
import static org.sonar.core.util.stream.MoreCollectors.toSet; | |||
import static org.sonar.db.Pagination.forPage; | |||
import static org.sonar.db.organization.OrganizationQuery.newOrganizationQueryBuilder; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.Common.Paging; | |||
@@ -51,7 +51,7 @@ import static com.google.common.base.Preconditions.checkArgument; | |||
import static com.google.common.base.Strings.emptyToNull; | |||
import static java.util.Optional.ofNullable; | |||
import static org.sonar.api.server.ws.WebService.SelectionMode.SELECTED; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.es.SearchOptions.MAX_PAGE_SIZE; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION; |
@@ -35,7 +35,7 @@ import org.sonar.server.user.UserSession; | |||
import org.sonarqube.ws.Organizations; | |||
import static java.lang.String.format; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_AVATAR_URL; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_DESCRIPTION; | |||
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY; |
@@ -21,7 +21,7 @@ package org.sonar.server.permission; | |||
import javax.annotation.CheckForNull; | |||
import javax.annotation.Nullable; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import static java.util.Objects.requireNonNull; | |||
import static org.sonar.core.util.stream.MoreCollectors.toList; | |||
@@ -46,7 +46,7 @@ public abstract class PermissionChange { | |||
if (projectUuid == null) { | |||
checkRequest(permissionService.getGlobalPermissions().stream().anyMatch(p -> p.getKey().equals(permission)), | |||
"Invalid global permission '%s'. Valid values are %s", permission, | |||
permissionService.getGlobalPermissions().stream().map(OrganizationPermission::getKey).collect(toList())); | |||
permissionService.getGlobalPermissions().stream().map(GlobalPermission::getKey).collect(toList())); | |||
} else { | |||
checkRequest(permissionService.getAllProjectPermissions().contains(permission), "Invalid project permission '%s'. Valid values are %s", permission, | |||
permissionService.getAllProjectPermissions()); |
@@ -21,7 +21,7 @@ package org.sonar.server.permission; | |||
import java.util.Optional; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.user.UserSession; | |||
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; | |||
@@ -34,7 +34,7 @@ public class PermissionPrivilegeChecker { | |||
public static void checkGlobalAdmin(UserSession userSession) { | |||
userSession | |||
.checkLoggedIn() | |||
.checkPermission(OrganizationPermission.ADMINISTER); | |||
.checkPermission(GlobalPermission.ADMINISTER); | |||
} | |||
/** | |||
@@ -44,7 +44,7 @@ public class PermissionPrivilegeChecker { | |||
public static void checkProjectAdmin(UserSession userSession, Optional<ProjectUuid> projectUuid) { | |||
userSession.checkLoggedIn(); | |||
if (userSession.hasPermission(OrganizationPermission.ADMINISTER)) { | |||
if (userSession.hasPermission(GlobalPermission.ADMINISTER)) { | |||
return; | |||
} | |||
@@ -53,7 +53,7 @@ import static java.lang.String.format; | |||
import static java.util.Collections.singletonList; | |||
import static org.sonar.api.security.DefaultGroups.isAnyone; | |||
import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
@ServerSide | |||
public class PermissionTemplateService { |
@@ -26,7 +26,7 @@ import org.sonar.api.server.ws.WebService; | |||
import org.sonar.core.i18n.I18n; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.server.permission.PermissionService; | |||
import org.sonar.server.user.UserSession; | |||
@@ -81,7 +81,7 @@ public class SearchGlobalPermissionsAction implements PermissionsWsAction { | |||
Permission.Builder permission = newBuilder(); | |||
permissionService.getGlobalPermissions().stream() | |||
.map(OrganizationPermission::getKey) | |||
.map(GlobalPermission::getKey) | |||
.forEach(permissionKey -> { | |||
PermissionQuery query = permissionQuery(permissionKey); | |||
response.addPermissions( |
@@ -36,7 +36,7 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentQuery; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.component.ComponentCleanerService; | |||
import org.sonar.server.project.Project; | |||
import org.sonar.server.project.ProjectLifeCycleListeners; | |||
@@ -140,7 +140,7 @@ public class BulkDeleteAction implements ProjectsWsAction { | |||
userSession.checkLoggedIn(); | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
OrganizationDto organization = support.getOrganization(dbSession, searchRequest.getOrganization()); | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
checkAtLeastOneParameterIsPresent(searchRequest); | |||
ComponentQuery query = buildDbQuery(searchRequest); |
@@ -39,7 +39,7 @@ import static org.apache.commons.lang.StringUtils.abbreviate; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.core.component.ComponentKeys.MAX_COMPONENT_KEY_LENGTH; | |||
import static org.sonar.db.component.ComponentValidator.MAX_COMPONENT_NAME_LENGTH; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.server.component.NewComponent.newComponentBuilder; | |||
import static org.sonar.server.project.ws.ProjectsWsSupport.PARAM_ORGANIZATION; | |||
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; |
@@ -25,7 +25,7 @@ import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.server.component.ComponentCleanerService; | |||
import org.sonar.server.component.ComponentFinder; | |||
@@ -90,7 +90,7 @@ public class DeleteAction implements ProjectsWsAction { | |||
private void checkPermission(ProjectDto project) { | |||
if (!userSession.hasProjectPermission(UserRole.ADMIN, project)) { | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
} | |||
} | |||
} |
@@ -37,7 +37,7 @@ import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentQuery; | |||
import org.sonar.db.component.SnapshotDto; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.project.Visibility; | |||
import org.sonar.server.user.UserSession; | |||
import org.sonarqube.ws.Projects.SearchWsResponse; | |||
@@ -156,7 +156,7 @@ public class SearchAction implements ProjectsWsAction { | |||
private SearchWsResponse doHandle(SearchRequest request) { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
OrganizationDto organization = support.getOrganization(dbSession, request.getOrganization()); | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
ComponentQuery query = buildDbQuery(request); | |||
Paging paging = buildPaging(dbSession, request, organization, query); |
@@ -32,7 +32,7 @@ import org.sonar.server.user.UserSession; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.server.qualitygate.ws.CreateAction.NAME_MAXIMUM_LENGTH; | |||
import static org.sonar.server.qualitygate.ws.QualityGatesWsParameters.PARAM_ID; | |||
import static org.sonar.server.qualitygate.ws.QualityGatesWsParameters.PARAM_NAME; |
@@ -26,7 +26,7 @@ import org.sonar.api.server.ws.WebService; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.qualitygate.QualityGateDto; | |||
import org.sonar.server.qualitygate.QualityGateUpdater; | |||
import org.sonar.server.user.UserSession; | |||
@@ -79,7 +79,7 @@ public class CreateAction implements QualityGatesWsAction { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
OrganizationDto organizationDto = wsSupport.getOrganization(dbSession, request); | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
String name = request.mandatoryParam(PARAM_NAME); | |||
@@ -41,7 +41,7 @@ import org.sonarqube.ws.Qualitygates; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static java.lang.String.format; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.qualitygate.ws.QualityGatesWsParameters.PARAM_ORGANIZATION; |
@@ -31,7 +31,7 @@ import org.sonar.server.user.UserSession; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.server.qualitygate.ws.CreateAction.NAME_MAXIMUM_LENGTH; | |||
import static org.sonar.server.qualitygate.ws.QualityGatesWsParameters.PARAM_ID; | |||
import static org.sonar.server.qualitygate.ws.QualityGatesWsParameters.PARAM_NAME; |
@@ -34,7 +34,7 @@ import org.sonarqube.ws.Qualityprofiles.CopyWsResponse; | |||
import static java.util.Optional.ofNullable; | |||
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.ACTION_COPY; | |||
@@ -39,7 +39,7 @@ import org.sonar.server.user.UserSession; | |||
import org.sonarqube.ws.Qualityprofiles.CreateWsResponse; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.server.language.LanguageParamUtils.getOrderedLanguageKeys; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.ACTION_CREATE; |
@@ -25,7 +25,7 @@ import org.sonar.api.server.ServerSide; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.qualityprofile.QProfileDto; | |||
import org.sonar.db.rule.RuleDefinitionDto; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -103,14 +103,14 @@ public class QProfileWsSupport { | |||
} | |||
public void checkPermission(DbSession dbSession) { | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES); | |||
} | |||
boolean canEdit(DbSession dbSession, QProfileDto profile) { | |||
if (profile.isBuiltIn() || !userSession.isLoggedIn()) { | |||
return false; | |||
} | |||
if (userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES)) { | |||
if (userSession.hasPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES)) { | |||
return true; | |||
} | |||
@@ -38,7 +38,7 @@ import org.sonar.server.user.UserSession; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static java.nio.charset.StandardCharsets.UTF_8; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.RestoreActionParameters.PARAM_BACKUP; | |||
public class RestoreAction implements QProfileWsAction { |
@@ -59,7 +59,7 @@ import static java.util.function.Function.identity; | |||
import static org.sonar.api.rule.RuleStatus.DEPRECATED; | |||
import static org.sonar.api.utils.DateUtils.formatDateTime; | |||
import static org.sonar.core.util.stream.MoreCollectors.toList; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.ACTION_SEARCH; |
@@ -30,7 +30,7 @@ import org.sonar.db.qualityprofile.DefaultQProfileDto; | |||
import org.sonar.db.qualityprofile.QProfileDto; | |||
import org.sonar.server.user.UserSession; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.ACTION_SET_DEFAULT; | |||
public class SetDefaultAction implements QProfileWsAction { |
@@ -27,7 +27,7 @@ import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.text.JsonWriter; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.user.UserSession; | |||
public class AppAction implements RulesWsAction { | |||
@@ -65,7 +65,7 @@ public class AppAction implements RulesWsAction { | |||
} | |||
private void addPermissions(JsonWriter json) { | |||
boolean canWrite = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES); | |||
boolean canWrite = userSession.hasPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES); | |||
json.prop("canWrite", canWrite); | |||
} | |||
@@ -48,7 +48,7 @@ import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; | |||
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_02; | |||
import static org.sonar.core.util.stream.MoreCollectors.toSet; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_ACTIVATION; | |||
import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_ACTIVE_SEVERITIES; | |||
import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_AVAILABLE_SINCE; |
@@ -23,7 +23,7 @@ import java.util.Optional; | |||
import org.sonar.api.server.ServerSide; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.process.ProcessProperties; | |||
import org.sonar.server.organization.DefaultOrganizationProvider; | |||
import org.sonar.server.user.UserSession; | |||
@@ -54,7 +54,7 @@ public class SettingsWsSupport { | |||
} | |||
boolean isVisible(String key, Optional<ComponentDto> component) { | |||
return hasPermission(OrganizationPermission.SCAN, UserRole.SCAN, component) || verifySecuredSetting(key, component); | |||
return hasPermission(GlobalPermission.SCAN, UserRole.SCAN, component) || verifySecuredSetting(key, component); | |||
} | |||
static boolean isSecured(String key) { | |||
@@ -62,10 +62,10 @@ public class SettingsWsSupport { | |||
} | |||
private boolean verifySecuredSetting(String key, Optional<ComponentDto> component) { | |||
return (!isSecured(key) || hasPermission(OrganizationPermission.ADMINISTER, ADMIN, component)); | |||
return (!isSecured(key) || hasPermission(GlobalPermission.ADMINISTER, ADMIN, component)); | |||
} | |||
private boolean hasPermission(OrganizationPermission orgPermission, String projectPermission, Optional<ComponentDto> component) { | |||
private boolean hasPermission(GlobalPermission orgPermission, String projectPermission, Optional<ComponentDto> component) { | |||
if (userSession.isSystemAdministrator()) { | |||
return true; | |||
} |
@@ -47,7 +47,7 @@ import org.sonar.core.util.stream.MoreCollectors; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.property.PropertyDto; | |||
import org.sonar.server.component.ComponentFinder; | |||
import org.sonar.server.user.UserSession; | |||
@@ -158,7 +158,7 @@ public class ValuesAction implements SettingsWsAction { | |||
ComponentDto component = componentFinder.getByKey(dbSession, componentKey); | |||
if (!userSession.hasComponentPermission(USER, component) && | |||
!userSession.hasComponentPermission(UserRole.SCAN, component) && | |||
!userSession.hasPermission(OrganizationPermission.SCAN)) { | |||
!userSession.hasPermission(GlobalPermission.SCAN)) { | |||
throw insufficientPrivilegesException(); | |||
} | |||
return Optional.of(component); |
@@ -46,7 +46,7 @@ import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.SnapshotDto; | |||
import org.sonar.db.measure.LiveMeasureDto; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.property.PropertyDto; | |||
import org.sonar.db.property.PropertyQuery; | |||
import org.sonar.db.qualitygate.QualityGateDto; | |||
@@ -70,8 +70,8 @@ import static org.sonar.api.utils.DateUtils.formatDateTime; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException; | |||
import static org.sonar.server.ws.KeyExamples.KEY_BRANCH_EXAMPLE_001; | |||
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
@@ -293,9 +293,9 @@ public class ComponentAction implements NavigationWsAction { | |||
boolean isProject = Qualifiers.PROJECT.equals(component.qualifier()); | |||
boolean showManualMeasures = isProjectAdmin && !Qualifiers.DIRECTORY.equals(component.qualifier()); | |||
boolean showBackgroundTasks = isProjectAdmin && (isProject || Qualifiers.VIEW.equals(component.qualifier()) || Qualifiers.APP.equals(component.qualifier())); | |||
boolean isQualityProfileAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES); | |||
boolean isQualityGateAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES); | |||
boolean isOrganizationAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER); | |||
boolean isQualityProfileAdmin = userSession.hasPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES); | |||
boolean isQualityGateAdmin = userSession.hasPermission(GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
boolean isOrganizationAdmin = userSession.hasPermission(GlobalPermission.ADMINISTER); | |||
boolean canBrowseProject = userSession.hasComponentPermission(USER, component); | |||
json.prop("showSettings", isProjectAdmin && componentTypeHasProperty(component, PROPERTY_CONFIGURABLE)); |
@@ -41,7 +41,7 @@ import org.sonar.server.project.Visibility; | |||
import org.sonar.server.ui.PageRepository; | |||
import org.sonar.server.user.UserSession; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.ws.KeyExamples.KEY_ORG_EXAMPLE_001; | |||
@@ -33,7 +33,7 @@ import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.BranchDto; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.issue.AvatarResolver; | |||
@@ -135,7 +135,7 @@ public class CurrentAction implements UsersWsAction { | |||
String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid(); | |||
return permissionService.getGlobalPermissions().stream() | |||
.filter(permission -> userSession.hasPermission(permission)) | |||
.map(OrganizationPermission::getKey) | |||
.map(GlobalPermission::getKey) | |||
.collect(toList()); | |||
} | |||
@@ -35,7 +35,7 @@ import org.sonar.server.user.index.UserIndexer; | |||
import static java.util.Collections.singletonList; | |||
import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.BadRequestException.checkRequest; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
@@ -31,7 +31,7 @@ import org.sonar.api.server.ws.WebService.SelectionMode; | |||
import org.sonar.api.utils.Paging; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.GroupMembershipDto; | |||
import org.sonar.db.user.GroupMembershipQuery; | |||
@@ -96,7 +96,7 @@ public class GroupsAction implements UsersWsAction { | |||
private GroupsWsResponse doHandle(GroupsRequest request) { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
String login = request.getLogin(); | |||
GroupMembershipQuery query = GroupMembershipQuery.builder() |
@@ -32,7 +32,7 @@ import org.sonar.db.user.UserGroupDto; | |||
import org.sonar.server.user.UserSession; | |||
import static java.lang.String.format; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID; | |||
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME; |
@@ -34,7 +34,7 @@ import org.sonarqube.ws.UserGroups; | |||
import static java.lang.String.format; | |||
import static org.sonar.api.user.UserGroupValidation.GROUP_NAME_MAX_LENGTH; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.usergroups.ws.GroupWsSupport.DESCRIPTION_MAX_LENGTH; | |||
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_DESCRIPTION; | |||
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME; |
@@ -26,7 +26,7 @@ import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.server.ws.WebService.NewController; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.user.UserSession; | |||
@@ -68,7 +68,7 @@ public class DeleteAction implements UserGroupsWsAction { | |||
public void handle(Request request, Response response) throws Exception { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
GroupDto group = support.findGroupDto(dbSession, request); | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
support.checkGroupIsNotDefault(dbSession, group); | |||
checkNotTryingToDeleteLastAdminGroup(dbSession, group); | |||
@@ -85,7 +85,7 @@ public class DeleteAction implements UserGroupsWsAction { | |||
private void checkNotTryingToDeleteLastAdminGroup(DbSession dbSession, GroupDto group) { | |||
int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, | |||
OrganizationPermission.ADMINISTER.getKey(), group.getUuid()); | |||
GlobalPermission.ADMINISTER.getKey(), group.getUuid()); | |||
checkArgument(remaining > 0, "The last system admin group cannot be deleted"); | |||
} |
@@ -26,7 +26,7 @@ import org.sonar.api.server.ws.WebService.NewAction; | |||
import org.sonar.api.server.ws.WebService.NewController; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.user.UserSession; | |||
@@ -75,7 +75,7 @@ public class RemoveUserAction implements UserGroupsWsAction { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
GroupDto group = support.findGroupDto(dbSession, request); | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
support.checkGroupIsNotDefault(dbSession, group); | |||
String login = request.mandatoryParam(PARAM_LOGIN); | |||
@@ -95,7 +95,7 @@ public class RemoveUserAction implements UserGroupsWsAction { | |||
*/ | |||
private void ensureLastAdminIsNotRemoved(DbSession dbSession, GroupDto group, UserDto user) { | |||
int remainingAdmins = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroupMember(dbSession, | |||
OrganizationPermission.ADMINISTER.getKey(), group.getUuid(), user.getUuid()); | |||
GlobalPermission.ADMINISTER.getKey(), group.getUuid(), user.getUuid()); | |||
checkRequest(remainingAdmins > 0, "The last administrator user cannot be removed"); | |||
} | |||
@@ -41,7 +41,7 @@ import org.sonar.server.usergroups.DefaultGroupFinder; | |||
import static java.util.Optional.ofNullable; | |||
import static org.apache.commons.lang.StringUtils.defaultIfBlank; | |||
import static org.sonar.api.utils.Paging.forPageIndex; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.es.SearchOptions.MAX_PAGE_SIZE; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.UserGroups.Group; |
@@ -35,7 +35,7 @@ import org.sonarqube.ws.UserGroups; | |||
import static java.lang.String.format; | |||
import static org.sonar.api.user.UserGroupValidation.GROUP_NAME_MAX_LENGTH; | |||
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonar.server.qualitygate.ws.QualityGatesWsParameters.PARAM_CURRENT_NAME; | |||
import static org.sonar.server.usergroups.ws.GroupWsSupport.DESCRIPTION_MAX_LENGTH; |
@@ -31,7 +31,7 @@ import org.sonar.api.utils.Paging; | |||
import org.sonar.api.utils.text.JsonWriter; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.UserMembershipDto; | |||
import org.sonar.db.user.UserMembershipQuery; | |||
import org.sonar.server.permission.GroupUuid; | |||
@@ -82,7 +82,7 @@ public class UsersAction implements UserGroupsWsAction { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
GroupUuid group = support.findGroup(dbSession, request); | |||
userSession.checkPermission(OrganizationPermission.ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
UserMembershipQuery query = UserMembershipQuery.builder() | |||
.groupUuid(group.getUuid()) |
@@ -30,7 +30,7 @@ import org.sonar.server.user.UserSession; | |||
import static java.lang.String.format; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.process.ProcessProperties.Property.SONAR_VALIDATE_WEBHOOKS; | |||
public class WebhookSupport { |
@@ -36,7 +36,7 @@ import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.metric.MetricDto; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.protobuf.DbProjectBranches; | |||
import org.sonar.db.rule.RuleDefinitionDto; | |||
import org.sonar.server.component.ComponentFinder; | |||
@@ -387,7 +387,7 @@ public class ListActionTest { | |||
@Test | |||
public void does_not_fail_when_only_scan_permission_on_organization() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
userSession.logIn().addPermission(OrganizationPermission.SCAN); | |||
userSession.logIn().addPermission(GlobalPermission.SCAN); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
db.components().insertProjectBranch(project, | |||
b -> b.setKey("123") |
@@ -74,8 +74,8 @@ import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.component.ComponentTesting.newBranchDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
/** | |||
* Tests of {@link ReportSubmitter} when branch support is installed. |
@@ -40,7 +40,7 @@ import org.sonar.db.ce.CeTaskTypes; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.component.ComponentUpdater; | |||
import org.sonar.server.es.TestProjectIndexers; | |||
@@ -68,8 +68,8 @@ import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class ReportSubmitterTest { | |||
@@ -106,7 +106,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void submit_with_characteristics_fails_with_ISE_when_no_branch_support_delegate() { | |||
userSession | |||
.addPermission(OrganizationPermission.SCAN) | |||
.addPermission(GlobalPermission.SCAN) | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(), any(), eq(PROJECT_KEY))) | |||
@@ -125,7 +125,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void submit_stores_report() { | |||
userSession | |||
.addPermission(OrganizationPermission.SCAN) | |||
.addPermission(GlobalPermission.SCAN) | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(), any(), eq(PROJECT_KEY))) | |||
@@ -157,7 +157,7 @@ public class ReportSubmitterTest { | |||
public void provision_project_if_does_not_exist() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
userSession | |||
.addPermission(OrganizationPermission.SCAN) | |||
.addPermission(GlobalPermission.SCAN) | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
@@ -178,7 +178,7 @@ public class ReportSubmitterTest { | |||
OrganizationDto organization = db.organizations().insert(); | |||
userSession | |||
.logIn(user) | |||
.addPermission(OrganizationPermission.SCAN) | |||
.addPermission(GlobalPermission.SCAN) | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
@@ -193,7 +193,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void do_no_add_favorite_when_no_project_creator_permission_on_permission_template() { | |||
userSession | |||
.addPermission(OrganizationPermission.SCAN) | |||
.addPermission(GlobalPermission.SCAN) | |||
.addPermission(PROVISION_PROJECTS); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))) | |||
.thenReturn(true); | |||
@@ -213,7 +213,7 @@ public class ReportSubmitterTest { | |||
OrganizationDto organization = db.organizations().insert(); | |||
userSession | |||
.logIn(user) | |||
.addPermission(OrganizationPermission.SCAN) | |||
.addPermission(GlobalPermission.SCAN) | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
@@ -228,7 +228,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void submit_a_report_on_new_project_with_scan_permission_on_organization() { | |||
userSession | |||
.addPermission(OrganizationPermission.SCAN) | |||
.addPermission(GlobalPermission.SCAN) | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))) |
@@ -42,7 +42,7 @@ import org.sonar.db.ce.CeTaskMessageType; | |||
import org.sonar.db.ce.CeTaskTypes; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.exceptions.NotFoundException; | |||
@@ -57,7 +57,7 @@ import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.ce.CeTaskCharacteristicDto.BRANCH_KEY; | |||
import static org.sonar.db.ce.CeTaskCharacteristicDto.BRANCH_TYPE_KEY; | |||
import static org.sonar.db.component.BranchType.BRANCH; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class TaskActionTest { | |||
@@ -469,7 +469,7 @@ public class TaskActionTest { | |||
@Test | |||
public void get_warnings_on_private_project_archived_task_if_scan_on_organization() { | |||
userSession.logIn().addPermission(OrganizationPermission.SCAN); | |||
userSession.logIn().addPermission(GlobalPermission.SCAN); | |||
getWarningsImpl(createAndPersistArchivedTask(privateProject)); | |||
} |
@@ -34,17 +34,17 @@ import org.sonar.core.util.Uuids; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.fail; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
public class GroupPermissionChangerTest { | |||
@@ -316,7 +316,7 @@ public class GroupPermissionChangerTest { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
permissionService.getGlobalPermissions().stream() | |||
.map(OrganizationPermission::getKey) | |||
.map(GlobalPermission::getKey) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) | |||
.forEach(perm -> { | |||
try { | |||
@@ -334,7 +334,7 @@ public class GroupPermissionChangerTest { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
permissionService.getGlobalPermissions().stream() | |||
.map(OrganizationPermission::getKey) | |||
.map(GlobalPermission::getKey) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) | |||
.forEach(perm -> { | |||
try { | |||
@@ -353,7 +353,7 @@ public class GroupPermissionChangerTest { | |||
permissionService.getAllProjectPermissions() | |||
.stream() | |||
.filter(perm -> !GlobalPermissions.SCAN_EXECUTION.equals(perm) && !OrganizationPermission.ADMINISTER.getKey().equals(perm)) | |||
.filter(perm -> !GlobalPermissions.SCAN_EXECUTION.equals(perm) && !GlobalPermission.ADMINISTER.getKey().equals(perm)) | |||
.forEach(permission -> { | |||
try { | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, null, groupUuid, permissionService)); |
@@ -43,9 +43,9 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.api.resources.Qualifiers.APP; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.resources.Qualifiers.VIEW; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class PermissionTemplateServiceTest { | |||
@@ -31,7 +31,7 @@ import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
@@ -44,9 +44,9 @@ import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.server.permission.PermissionChange.Operation.ADD; | |||
import static org.sonar.server.permission.PermissionChange.Operation.REMOVE; | |||
@@ -88,11 +88,11 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void apply_removes_any_organization_permission_to_user() { | |||
// give ADMIN perm to user2 so that user1 is not the only one with this permission and it can be removed from user1 | |||
db.users().insertPermissionOnUser(user2, OrganizationPermission.ADMINISTER); | |||
db.users().insertPermissionOnUser(user2, GlobalPermission.ADMINISTER); | |||
permissionService.getGlobalPermissions().stream() | |||
.forEach(perm -> db.users().insertPermissionOnUser(user1, perm)); | |||
assertThat(db.users().selectPermissionsOfUser(user1)) | |||
.containsOnly(permissionService.getGlobalPermissions().toArray(new OrganizationPermission[0])); | |||
.containsOnly(permissionService.getGlobalPermissions().toArray(new GlobalPermission[0])); | |||
permissionService.getGlobalPermissions().stream() | |||
.forEach(perm -> { |
@@ -50,7 +50,7 @@ import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubView; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; |
@@ -45,7 +45,7 @@ import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubView; | |||
import static org.sonar.db.component.ComponentTesting.newView; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; |
@@ -43,7 +43,7 @@ import org.sonar.server.usergroups.ws.GroupWsSupport; | |||
import org.sonar.server.ws.TestRequest; | |||
import org.sonar.server.ws.WsActionTester; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; | |||
public abstract class BasePermissionWsTest<A extends PermissionsWsAction> { |
@@ -47,8 +47,8 @@ import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newView; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; |
@@ -50,8 +50,8 @@ import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubView; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; |
@@ -47,9 +47,9 @@ import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubView; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; |
@@ -35,7 +35,7 @@ import org.sonarqube.ws.Permissions; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class SearchGlobalPermissionsActionTest extends BasePermissionWsTest<SearchGlobalPermissionsAction> { | |||
@@ -47,7 +47,7 @@ import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newProjectCopy; | |||
import static org.sonar.db.component.ComponentTesting.newView; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; |
@@ -45,11 +45,11 @@ import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; | |||
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.user.UserTesting.newUserDto; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; |
@@ -42,7 +42,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.mockito.Mockito.spy; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; |
@@ -42,7 +42,7 @@ import org.sonar.server.ws.TestRequest; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; |
@@ -47,7 +47,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.api.resources.Qualifiers.APP; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.resources.Qualifiers.VIEW; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; |
@@ -31,7 +31,7 @@ import org.sonar.server.ws.TestRequest; | |||
import org.sonar.server.ws.TestResponse; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME; |
@@ -53,7 +53,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.api.resources.Qualifiers.APP; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.resources.Qualifiers.VIEW; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||