Julien Lancelot
7 年之前
+ 31
- 35
server/sonar-server/src/main/java/org/sonar/server/setting/ws/ListDefinitionsAction.java
查看文件
| @@ -27,8 +27,6 @@ import org.sonar.api.config.PropertyFieldDefinition; | |||
| import org.sonar.api.server.ws.Request; | |||
| import org.sonar.api.server.ws.Response; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.api.web.UserRole; | |||
| import org.sonar.core.permission.GlobalPermissions; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| @@ -39,8 +37,9 @@ import org.sonarqube.ws.Settings.ListDefinitionsWsResponse; | |||
| import org.sonarqube.ws.client.setting.ListDefinitionsRequest; | |||
| import static com.google.common.base.Strings.emptyToNull; | |||
| import static org.sonar.api.web.UserRole.USER; | |||
| import static org.sonar.core.util.Protobuf.setNullable; | |||
| import static org.sonar.server.setting.ws.SettingsWsComponentParameter.addComponentParameter; | |||
| import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
| import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.ACTION_LIST_DEFINITIONS; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.PARAM_COMPONENT; | |||
| @@ -51,27 +50,34 @@ public class ListDefinitionsAction implements SettingsWsAction { | |||
| private final ComponentFinder componentFinder; | |||
| private final UserSession userSession; | |||
| private final PropertyDefinitions propertyDefinitions; | |||
| private final SettingsPermissionPredicates settingsPermissionPredicates; | |||
| public ListDefinitionsAction(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession, PropertyDefinitions propertyDefinitions) { | |||
| public ListDefinitionsAction(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession, PropertyDefinitions propertyDefinitions, | |||
| SettingsPermissionPredicates settingsPermissionPredicates) { | |||
| this.dbClient = dbClient; | |||
| this.componentFinder = componentFinder; | |||
| this.userSession = userSession; | |||
| this.propertyDefinitions = propertyDefinitions; | |||
| this.settingsPermissionPredicates = settingsPermissionPredicates; | |||
| } | |||
| @Override | |||
| public void define(WebService.NewController context) { | |||
| WebService.NewAction action = context.createAction(ACTION_LIST_DEFINITIONS) | |||
| .setDescription("List settings definitions.<br>" + | |||
| "Requires one of the following permissions: " + | |||
| "<ul>" + | |||
| "<li>'Administer System'</li>" + | |||
| "<li>'Administer' rights on the specified component</li>" + | |||
| "</ul>") | |||
| "Requires 'Browse' permission when a component is specified<br/>", | |||
| "To access licensed settings, authentication is required<br/>" + | |||
| "To access secured settings, one of the following permissions is required: " + | |||
| "<ul>" + | |||
| "<li>'Administer System'</li>" + | |||
| "<li>'Administer' rights on the specified component</li>" + | |||
| "</ul>") | |||
| .setResponseExample(getClass().getResource("list_definitions-example.json")) | |||
| .setSince("6.1") | |||
| .setSince("6.3") | |||
| .setHandler(this); | |||
| addComponentParameter(action); | |||
| action.createParam(PARAM_COMPONENT) | |||
| .setDescription("Component key") | |||
| .setExampleValue(KEY_PROJECT_EXAMPLE_001); | |||
| } | |||
| @Override | |||
| @@ -81,11 +87,12 @@ public class ListDefinitionsAction implements SettingsWsAction { | |||
| private ListDefinitionsWsResponse doHandle(Request request) { | |||
| ListDefinitionsRequest wsRequest = toWsRequest(request); | |||
| Optional<String> qualifier = getQualifier(wsRequest); | |||
| Optional<ComponentDto> component = loadComponent(wsRequest); | |||
| Optional<String> qualifier = getQualifier(component); | |||
| ListDefinitionsWsResponse.Builder wsResponse = ListDefinitionsWsResponse.newBuilder(); | |||
| propertyDefinitions.getAll().stream() | |||
| .filter(definition -> qualifier.isPresent() ? definition.qualifiers().contains(qualifier.get()) : definition.global()) | |||
| .filter(settingsPermissionPredicates.isDefinitionVisible(component)) | |||
| .forEach(definition -> addDefinition(definition, wsResponse)); | |||
| return wsResponse.build(); | |||
| } | |||
| @@ -96,30 +103,19 @@ public class ListDefinitionsAction implements SettingsWsAction { | |||
| .build(); | |||
| } | |||
| private Optional<String> getQualifier(ListDefinitionsRequest wsRequest) { | |||
| DbSession dbSession = dbClient.openSession(false); | |||
| try { | |||
| Optional<ComponentDto> component = getComponent(dbSession, wsRequest); | |||
| checkAdminPermission(component); | |||
| return component.isPresent() ? Optional.of(component.get().qualifier()) : Optional.empty(); | |||
| } finally { | |||
| dbClient.closeSession(dbSession); | |||
| } | |||
| } | |||
| private Optional<ComponentDto> getComponent(DbSession dbSession, ListDefinitionsRequest wsRequest) { | |||
| String componentKey = wsRequest.getComponent(); | |||
| if (componentKey == null) { | |||
| return Optional.empty(); | |||
| } | |||
| return Optional.of(componentFinder.getByKey(dbSession, componentKey)); | |||
| private static Optional<String> getQualifier(Optional<ComponentDto> component) { | |||
| return component.isPresent() ? Optional.of(component.get().qualifier()) : Optional.empty(); | |||
| } | |||
| private void checkAdminPermission(Optional<ComponentDto> component) { | |||
| if (component.isPresent()) { | |||
| userSession.checkComponentUuidPermission(UserRole.ADMIN, component.get().uuid()); | |||
| } else { | |||
| userSession.checkPermission(GlobalPermissions.SYSTEM_ADMIN); | |||
| private Optional<ComponentDto> loadComponent(ListDefinitionsRequest valuesRequest) { | |||
| try (DbSession dbSession = dbClient.openSession(false)) { | |||
| String componentKey = valuesRequest.getComponent(); | |||
| if (componentKey == null) { | |||
| return Optional.empty(); | |||
| } | |||
| ComponentDto component = componentFinder.getByKey(dbSession, componentKey); | |||
| userSession.checkComponentUuidPermission(USER, component.projectUuid()); | |||
| return Optional.of(component); | |||
| } | |||
| } | |||
+ 4
- 2
server/sonar-server/src/main/java/org/sonar/server/setting/ws/ResetAction.java
查看文件
| @@ -41,7 +41,7 @@ import org.sonar.server.user.UserSession; | |||
| import org.sonarqube.ws.client.setting.ResetRequest; | |||
| import static java.util.Collections.emptyList; | |||
| import static org.sonar.server.setting.ws.SettingsWsComponentParameter.addComponentParameter; | |||
| import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.ACTION_RESET; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.PARAM_COMPONENT; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.PARAM_KEYS; | |||
| @@ -82,7 +82,9 @@ public class ResetAction implements SettingsWsAction { | |||
| .setDescription("Setting keys") | |||
| .setExampleValue("sonar.links.scm,sonar.debt.hoursInDay") | |||
| .setRequired(true); | |||
| addComponentParameter(action); | |||
| action.createParam(PARAM_COMPONENT) | |||
| .setDescription("Component key") | |||
| .setExampleValue(KEY_PROJECT_EXAMPLE_001); | |||
| } | |||
| @Override | |||
+ 4
- 2
server/sonar-server/src/main/java/org/sonar/server/setting/ws/SetAction.java
查看文件
| @@ -58,7 +58,7 @@ import org.sonar.server.setting.ws.SettingValidations.SettingData; | |||
| import org.sonar.server.user.UserSession; | |||
| import org.sonarqube.ws.client.setting.SetRequest; | |||
| import static org.sonar.server.setting.ws.SettingsWsComponentParameter.addComponentParameter; | |||
| import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
| import static org.sonar.server.ws.WsUtils.checkRequest; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.ACTION_SET; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.PARAM_COMPONENT; | |||
| @@ -122,7 +122,9 @@ public class SetAction implements SettingsWsAction { | |||
| .setDescription("Setting field values. To set several values, the parameter must be called once for each value.") | |||
| .setExampleValue(PARAM_FIELD_VALUES + "={\"firstField\":\"first value\", \"secondField\":\"second value\", \"thirdField\":\"third value\"}"); | |||
| addComponentParameter(action); | |||
| action.createParam(PARAM_COMPONENT) | |||
| .setDescription("Component key") | |||
| .setExampleValue(KEY_PROJECT_EXAMPLE_001); | |||
| } | |||
| @Override | |||
+ 64
- 0
server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java
查看文件
| @@ -0,0 +1,64 @@ | |||
| /* | |||
| * SonarQube | |||
| * Copyright (C) 2009-2016 SonarSource SA | |||
| * mailto:contact AT sonarsource DOT com | |||
| * | |||
| * This program is free software; you can redistribute it and/or | |||
| * modify it under the terms of the GNU Lesser General Public | |||
| * License as published by the Free Software Foundation; either | |||
| * version 3 of the License, or (at your option) any later version. | |||
| * | |||
| * This program is distributed in the hope that it will be useful, | |||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
| * Lesser General Public License for more details. | |||
| * | |||
| * You should have received a copy of the GNU Lesser General Public License | |||
| * along with this program; if not, write to the Free Software Foundation, | |||
| * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
| */ | |||
| package org.sonar.server.setting.ws; | |||
| import java.util.Optional; | |||
| import java.util.function.Predicate; | |||
| import org.sonar.api.config.PropertyDefinition; | |||
| import org.sonar.core.permission.GlobalPermissions; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.server.user.UserSession; | |||
| import static org.sonar.api.web.UserRole.ADMIN; | |||
| public class SettingsPermissionPredicates { | |||
| private static final String SECURED_SUFFIX = ".secured"; | |||
| static final String LICENSE_SUFFIX = ".license.secured"; | |||
| static final String LICENSE_HASH_SUFFIX = ".licenseHash.secured"; | |||
| private final UserSession userSession; | |||
| public SettingsPermissionPredicates(UserSession userSession) { | |||
| this.userSession = userSession; | |||
| } | |||
| Predicate<Setting> isSettingVisible(Optional<ComponentDto> component) { | |||
| return setting -> isVisible(setting.getKey(), component); | |||
| } | |||
| Predicate<PropertyDefinition> isDefinitionVisible(Optional<ComponentDto> component) { | |||
| return propertyDefinition -> isVisible(propertyDefinition.key(), component); | |||
| } | |||
| boolean isVisible(String settingKey, Optional<ComponentDto> component) { | |||
| return !settingKey.endsWith(SECURED_SUFFIX) | |||
| || hasAdminPermission(component) | |||
| || (isLicenseRelated(settingKey) && userSession.isLoggedIn()); | |||
| } | |||
| private boolean hasAdminPermission(Optional<ComponentDto> component) { | |||
| return component.isPresent() ? userSession.hasComponentUuidPermission(ADMIN, component.get().uuid()) : userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN); | |||
| } | |||
| private static boolean isLicenseRelated(String settingKey) { | |||
| return settingKey.endsWith(LICENSE_SUFFIX) || settingKey.endsWith(LICENSE_HASH_SUFFIX); | |||
| } | |||
| } | |||
+ 0
- 39
server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsComponentParameter.java
查看文件
| @@ -1,39 +0,0 @@ | |||
| /* | |||
| * SonarQube | |||
| * Copyright (C) 2009-2016 SonarSource SA | |||
| * mailto:contact AT sonarsource DOT com | |||
| * | |||
| * This program is free software; you can redistribute it and/or | |||
| * modify it under the terms of the GNU Lesser General Public | |||
| * License as published by the Free Software Foundation; either | |||
| * version 3 of the License, or (at your option) any later version. | |||
| * | |||
| * This program is distributed in the hope that it will be useful, | |||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
| * Lesser General Public License for more details. | |||
| * | |||
| * You should have received a copy of the GNU Lesser General Public License | |||
| * along with this program; if not, write to the Free Software Foundation, | |||
| * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
| */ | |||
| package org.sonar.server.setting.ws; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.PARAM_COMPONENT; | |||
| class SettingsWsComponentParameter { | |||
| private SettingsWsComponentParameter() { | |||
| // Only static methods | |||
| } | |||
| static void addComponentParameter(WebService.NewAction action) { | |||
| action.createParam(PARAM_COMPONENT) | |||
| .setDescription("Component key") | |||
| .setExampleValue(KEY_PROJECT_EXAMPLE_001); | |||
| } | |||
| } | |||
+ 1
- 1
server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsModule.java
查看文件
| @@ -27,7 +27,7 @@ public class SettingsWsModule extends Module { | |||
| add( | |||
| SettingsWs.class, | |||
| SetAction.class, | |||
| SettingsWsComponentParameter.class, | |||
| SettingsPermissionPredicates.class, | |||
| ListDefinitionsAction.class, | |||
| ValuesAction.class, | |||
| SettingsFinder.class, | |||
+ 12
- 26
server/sonar-server/src/main/java/org/sonar/server/setting/ws/ValuesAction.java
查看文件
| @@ -30,7 +30,6 @@ import java.util.Objects; | |||
| import java.util.Optional; | |||
| import java.util.Set; | |||
| import java.util.function.Function; | |||
| import java.util.function.Predicate; | |||
| import java.util.stream.Collectors; | |||
| import java.util.stream.Stream; | |||
| import org.sonar.api.config.PropertyDefinition; | |||
| @@ -38,7 +37,6 @@ import org.sonar.api.config.PropertyDefinitions; | |||
| import org.sonar.api.server.ws.Request; | |||
| import org.sonar.api.server.ws.Response; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.core.permission.GlobalPermissions; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| @@ -55,9 +53,10 @@ import static org.sonar.api.CoreProperties.PERMANENT_SERVER_ID; | |||
| import static org.sonar.api.CoreProperties.SERVER_STARTTIME; | |||
| import static org.sonar.api.PropertyType.LICENSE; | |||
| import static org.sonar.api.PropertyType.PROPERTY_SET; | |||
| import static org.sonar.api.web.UserRole.ADMIN; | |||
| import static org.sonar.api.web.UserRole.USER; | |||
| import static org.sonar.server.setting.ws.SettingsWsComponentParameter.addComponentParameter; | |||
| import static org.sonar.server.setting.ws.SettingsPermissionPredicates.LICENSE_HASH_SUFFIX; | |||
| import static org.sonar.server.setting.ws.SettingsPermissionPredicates.LICENSE_SUFFIX; | |||
| import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
| import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.ACTION_VALUES; | |||
| import static org.sonarqube.ws.client.setting.SettingsWsParameters.PARAM_COMPONENT; | |||
| @@ -68,10 +67,6 @@ public class ValuesAction implements SettingsWsAction { | |||
| private static final Splitter COMMA_SPLITTER = Splitter.on(","); | |||
| private static final String COMMA_ENCODED_VALUE = "%2C"; | |||
| private static final String SECURED_SUFFIX = ".secured"; | |||
| private static final String LICENSE_SUFFIX = ".license.secured"; | |||
| private static final String LICENSE_HASH_SUFFIX = ".licenseHash.secured"; | |||
| private static final Set<String> ADDITIONAL_KEYS = ImmutableSet.of(PERMANENT_SERVER_ID, SERVER_STARTTIME); | |||
| private final DbClient dbClient; | |||
| @@ -79,13 +74,16 @@ public class ValuesAction implements SettingsWsAction { | |||
| private final UserSession userSession; | |||
| private final PropertyDefinitions propertyDefinitions; | |||
| private final SettingsFinder settingsFinder; | |||
| private final SettingsPermissionPredicates settingsPermissionPredicates; | |||
| public ValuesAction(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession, PropertyDefinitions propertyDefinitions, SettingsFinder settingsFinder) { | |||
| public ValuesAction(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession, PropertyDefinitions propertyDefinitions, SettingsFinder settingsFinder, | |||
| SettingsPermissionPredicates settingsPermissionPredicates) { | |||
| this.dbClient = dbClient; | |||
| this.componentFinder = componentFinder; | |||
| this.userSession = userSession; | |||
| this.propertyDefinitions = propertyDefinitions; | |||
| this.settingsFinder = settingsFinder; | |||
| this.settingsPermissionPredicates = settingsPermissionPredicates; | |||
| } | |||
| @Override | |||
| @@ -101,9 +99,11 @@ public class ValuesAction implements SettingsWsAction { | |||
| "<li>'Administer' rights on the specified component</li>" + | |||
| "</ul>") | |||
| .setResponseExample(getClass().getResource("values-example.json")) | |||
| .setSince("6.1") | |||
| .setSince("6.3") | |||
| .setHandler(this); | |||
| addComponentParameter(action); | |||
| action.createParam(PARAM_COMPONENT) | |||
| .setDescription("Component key") | |||
| .setExampleValue(KEY_PROJECT_EXAMPLE_001); | |||
| action.createParam(PARAM_KEYS) | |||
| .setDescription("List of setting keys") | |||
| .setExampleValue("sonar.technicalDebt.hoursInDay,sonar.dbcleaner.cleanDirectory"); | |||
| @@ -171,24 +171,10 @@ public class ValuesAction implements SettingsWsAction { | |||
| settings.addAll(settingsFinder.loadGlobalSettings(dbSession, keys)); | |||
| component.ifPresent(componentDto -> settings.addAll(settingsFinder.loadComponentSettings(dbSession, keys, componentDto).values())); | |||
| return settings.stream() | |||
| .filter(isVisible(component)) | |||
| .filter(settingsPermissionPredicates.isSettingVisible(component)) | |||
| .collect(Collectors.toList()); | |||
| } | |||
| private Predicate<Setting> isVisible(Optional<ComponentDto> component) { | |||
| return setting -> !setting.getKey().endsWith(SECURED_SUFFIX) | |||
| || hasAdminPermission(component) | |||
| || (isLicenseRelated(setting) && userSession.isLoggedIn()); | |||
| } | |||
| private boolean hasAdminPermission(Optional<ComponentDto> component) { | |||
| return component.isPresent() ? userSession.hasComponentUuidPermission(ADMIN, component.get().uuid()) : userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN); | |||
| } | |||
| private static boolean isLicenseRelated(Setting setting) { | |||
| return setting.getKey().endsWith(LICENSE_SUFFIX) || setting.getKey().endsWith(LICENSE_HASH_SUFFIX); | |||
| } | |||
| private List<Setting> loadDefaultSettings(Set<String> keys) { | |||
| return propertyDefinitions.getAll().stream() | |||
| .filter(definition -> keys.contains(definition.key())) | |||
+ 74
- 22
server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java
查看文件
| @@ -33,7 +33,6 @@ import org.sonar.api.config.PropertyDefinitions; | |||
| import org.sonar.api.config.PropertyFieldDefinition; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.api.utils.System2; | |||
| import org.sonar.core.permission.GlobalPermissions; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbTester; | |||
| import org.sonar.db.component.ComponentDbTester; | |||
| @@ -53,6 +52,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
| import static org.sonar.api.resources.Qualifiers.MODULE; | |||
| import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
| import static org.sonar.api.web.UserRole.ADMIN; | |||
| import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
| import static org.sonar.api.web.UserRole.USER; | |||
| import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
| import static org.sonar.db.component.ComponentTesting.newProjectDto; | |||
| @@ -87,7 +87,8 @@ public class ListDefinitionsActionTest { | |||
| PropertyDefinitions propertyDefinitions = new PropertyDefinitions(); | |||
| WsActionTester ws = new WsActionTester(new ListDefinitionsAction(dbClient, new ComponentFinder(dbClient), userSession, propertyDefinitions)); | |||
| WsActionTester ws = new WsActionTester( | |||
| new ListDefinitionsAction(dbClient, new ComponentFinder(dbClient), userSession, propertyDefinitions, new SettingsPermissionPredicates(userSession))); | |||
| @Before | |||
| public void setUp() throws Exception { | |||
| @@ -96,7 +97,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_settings_definitions() { | |||
| setUserAsSystemAdmin(); | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition | |||
| .builder("foo") | |||
| .name("Foo") | |||
| @@ -124,7 +125,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_settings_definitions_with_minimum_fields() { | |||
| setUserAsSystemAdmin(); | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition | |||
| .builder("foo") | |||
| .build()); | |||
| @@ -147,7 +148,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_settings_definitions_with_deprecated_key() { | |||
| setUserAsSystemAdmin(); | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition | |||
| .builder("foo") | |||
| .name("Foo") | |||
| @@ -165,7 +166,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_default_category() throws Exception { | |||
| setUserAsSystemAdmin(); | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build(), "default"); | |||
| propertyDefinitions.addComponent(PropertyDefinition.builder("foo").category("").build(), "default"); | |||
| @@ -178,7 +179,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_single_select_list_property() throws Exception { | |||
| setUserAsSystemAdmin(); | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition | |||
| .builder("foo") | |||
| .type(PropertyType.SINGLE_SELECT_LIST) | |||
| @@ -195,7 +196,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_property_set() throws Exception { | |||
| setUserAsSystemAdmin(); | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition | |||
| .builder("foo") | |||
| .type(PropertyType.PROPERTY_SET) | |||
| @@ -225,8 +226,8 @@ public class ListDefinitionsActionTest { | |||
| } | |||
| @Test | |||
| public void return_license_type_property_set() throws Exception { | |||
| setUserAsSystemAdmin(); | |||
| public void return_license_type_in_property_set() throws Exception { | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition | |||
| .builder("foo") | |||
| .type(PropertyType.PROPERTY_SET) | |||
| @@ -241,7 +242,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_global_settings_definitions() { | |||
| setUserAsSystemAdmin(); | |||
| setAuthenticatedUser(); | |||
| propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
| ListDefinitionsWsResponse result = executeRequest(); | |||
| @@ -251,7 +252,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_project_settings_def_by_project_key() { | |||
| setUserAsProjectAdmin(); | |||
| setUserWithBrowsePermissionOnProject(); | |||
| propertyDefinitions.addComponent(PropertyDefinition | |||
| .builder("foo") | |||
| .onQualifiers(PROJECT) | |||
| @@ -264,7 +265,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_only_global_properties_when_no_component_parameter() throws Exception { | |||
| setUserAsSystemAdmin(); | |||
| setUserWithBrowsePermissionOnProject(); | |||
| propertyDefinitions.addComponents(asList( | |||
| PropertyDefinition.builder("global").build(), | |||
| PropertyDefinition.builder("global-and-project").onQualifiers(PROJECT).build(), | |||
| @@ -278,7 +279,7 @@ public class ListDefinitionsActionTest { | |||
| @Test | |||
| public void return_only_properties_available_for_component_qualifier() throws Exception { | |||
| setUserAsProjectAdmin(); | |||
| setUserWithBrowsePermissionOnProject(); | |||
| propertyDefinitions.addComponents(asList( | |||
| PropertyDefinition.builder("global").build(), | |||
| PropertyDefinition.builder("global-and-project").onQualifiers(PROJECT).build(), | |||
| @@ -311,18 +312,59 @@ public class ListDefinitionsActionTest { | |||
| } | |||
| @Test | |||
| public void fail_when_not_system_admin() throws Exception { | |||
| userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
| propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
| public void does_not_returned_secured_settings_when_not_authenticated() throws Exception { | |||
| propertyDefinitions.addComponents(asList( | |||
| PropertyDefinition.builder("foo").build(), | |||
| PropertyDefinition.builder("secret.secured").build(), | |||
| PropertyDefinition.builder("plugin.license.secured").type(PropertyType.LICENSE).build())); | |||
| expectedException.expect(ForbiddenException.class); | |||
| ListDefinitionsWsResponse result = executeRequest(); | |||
| assertThat(result.getDefinitionsList()).extracting(Settings.Definition::getKey).containsOnly("foo"); | |||
| } | |||
| @Test | |||
| public void return_license_settings_when_authenticated_but_not_admin() throws Exception { | |||
| setUserWithBrowsePermissionOnProject(); | |||
| propertyDefinitions.addComponents(asList( | |||
| PropertyDefinition.builder("foo").build(), | |||
| PropertyDefinition.builder("secret.secured").build(), | |||
| PropertyDefinition.builder("plugin.license.secured").type(PropertyType.LICENSE).build())); | |||
| ListDefinitionsWsResponse result = executeRequest(); | |||
| executeRequest(); | |||
| assertThat(result.getDefinitionsList()).extracting(Settings.Definition::getKey).containsOnly("foo", "plugin.license.secured"); | |||
| } | |||
| @Test | |||
| public void fail_when_not_project_admin() throws Exception { | |||
| userSession.login("project-admin").addProjectUuidPermissions(USER, project.uuid()); | |||
| public void return_secured_and_license_settings_when_system_admin() throws Exception { | |||
| setUserAsSystemAdmin(); | |||
| propertyDefinitions.addComponents(asList( | |||
| PropertyDefinition.builder("foo").build(), | |||
| PropertyDefinition.builder("secret.secured").build(), | |||
| PropertyDefinition.builder("plugin.license.secured").type(PropertyType.LICENSE).build())); | |||
| ListDefinitionsWsResponse result = executeRequest(); | |||
| assertThat(result.getDefinitionsList()).extracting(Settings.Definition::getKey).containsOnly("foo", "secret.secured", "plugin.license.secured"); | |||
| } | |||
| @Test | |||
| public void return_secured_and_license_settings_when_project_admin() throws Exception { | |||
| setUserAsProjectAdmin(); | |||
| propertyDefinitions.addComponents(asList( | |||
| PropertyDefinition.builder("foo").onQualifiers(PROJECT).build(), | |||
| PropertyDefinition.builder("secret.secured").onQualifiers(PROJECT).build(), | |||
| PropertyDefinition.builder("plugin.license.secured").onQualifiers(PROJECT).type(PropertyType.LICENSE).build())); | |||
| ListDefinitionsWsResponse result = executeRequest(project.key()); | |||
| assertThat(result.getDefinitionsList()).extracting(Settings.Definition::getKey).containsOnly("foo", "secret.secured", "plugin.license.secured"); | |||
| } | |||
| @Test | |||
| public void fail_when_user_has_not_project_browse_permission() throws Exception { | |||
| userSession.login("project-admin").addProjectUuidPermissions(CODEVIEWER, project.uuid()); | |||
| propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
| expectedException.expect(ForbiddenException.class); | |||
| @@ -408,12 +450,22 @@ public class ListDefinitionsActionTest { | |||
| } | |||
| } | |||
| private void setAuthenticatedUser() { | |||
| userSession.login("user"); | |||
| } | |||
| private void setUserWithBrowsePermissionOnProject() { | |||
| userSession.login("user").addProjectUuidPermissions(USER, project.uuid()); | |||
| } | |||
| private void setUserAsSystemAdmin() { | |||
| userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN); | |||
| } | |||
| private void setUserAsProjectAdmin() { | |||
| userSession.login("project-admin").addProjectUuidPermissions(ADMIN, project.uuid()); | |||
| userSession.login("project-admin") | |||
| .addProjectUuidPermissions(ADMIN, project.uuid()) | |||
| .addProjectUuidPermissions(USER, project.uuid()); | |||
| } | |||
| } | |||
+ 2
- 1
server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
查看文件
| @@ -85,7 +85,8 @@ public class ValuesActionTest { | |||
| ComponentDto project; | |||
| WsActionTester ws = new WsActionTester(new ValuesAction(dbClient, new ComponentFinder(dbClient), userSession, definitions, settingsFinder)); | |||
| WsActionTester ws = new WsActionTester( | |||
| new ValuesAction(dbClient, new ComponentFinder(dbClient), userSession, definitions, settingsFinder, new SettingsPermissionPredicates(userSession))); | |||
| @Before | |||
| public void setUp() throws Exception { | |||
Loading…