mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
35953 Commits
59 Branches
Tree: 29994d2a4f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '29994d2a4f'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/SetAction.java

SetAction.java 17KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.setting.ws;

  21. 

  22. import com.google.common.collect.ArrayListMultimap;

  23. import com.google.common.collect.ListMultimap;

  24. import com.google.gson.Gson;

  25. import com.google.gson.JsonSyntaxException;

  26. import com.google.gson.reflect.TypeToken;

  27. import java.util.Collections;

  28. import java.util.List;

  29. import java.util.Map;

  30. import java.util.Optional;

  31. import java.util.Set;

  32. import java.util.stream.Collector;

  33. import java.util.stream.Collectors;

  34. import java.util.stream.IntStream;

  35. import javax.annotation.CheckForNull;

  36. import javax.annotation.Nullable;

  37. import org.apache.commons.lang.StringUtils;

  38. import org.sonar.api.PropertyType;

  39. import org.sonar.api.config.PropertyDefinition;

  40. import org.sonar.api.config.PropertyDefinitions;

  41. import org.sonar.api.config.PropertyFieldDefinition;

  42. import org.sonar.api.server.ws.Change;

  43. import org.sonar.api.server.ws.Request;

  44. import org.sonar.api.server.ws.Response;

  45. import org.sonar.api.server.ws.WebService;

  46. import org.sonar.api.web.UserRole;

  47. import org.sonar.db.DbClient;

  48. import org.sonar.db.DbSession;

  49. import org.sonar.db.entity.EntityDto;

  50. import org.sonar.db.property.PropertyDto;

  51. import org.sonar.scanner.protocol.GsonHelper;

  52. import org.sonar.server.exceptions.BadRequestException;

  53. import org.sonar.server.exceptions.NotFoundException;

  54. import org.sonar.server.setting.SettingsChangeNotifier;

  55. import org.sonar.server.setting.ws.SettingValidations.SettingData;

  56. import org.sonar.server.user.UserSession;

  57. 

  58. import static com.google.common.base.Preconditions.checkArgument;

  59. import static java.lang.String.format;

  60. import static org.sonar.server.exceptions.BadRequestException.checkRequest;

  61. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_COMPONENT;

  62. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_FIELD_VALUES;

  63. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_KEY;

  64. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_VALUE;

  65. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_VALUES;

  66. import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;

  67. 

  68. public class SetAction implements SettingsWsAction {

  69.   private static final Collector<CharSequence, ?, String> COMMA_JOINER = Collectors.joining(",");

  70.   private static final String MSG_NO_EMPTY_VALUE = "A non empty value must be provided";

  71.   private static final int VALUE_MAXIMUM_LENGTH = 4000;

  72.   private static final TypeToken<Map<String, String>> MAP_TYPE_TOKEN = new TypeToken<>() {

  73.   };

  74. 

  75.   private final PropertyDefinitions propertyDefinitions;

  76.   private final DbClient dbClient;

  77.   private final UserSession userSession;

  78.   private final SettingsUpdater settingsUpdater;

  79.   private final SettingsChangeNotifier settingsChangeNotifier;

  80.   private final SettingValidations validations;

  81. 

  82.   public SetAction(PropertyDefinitions propertyDefinitions, DbClient dbClient, UserSession userSession,

  83.     SettingsUpdater settingsUpdater, SettingsChangeNotifier settingsChangeNotifier, SettingValidations validations) {

  84.     this.propertyDefinitions = propertyDefinitions;

  85.     this.dbClient = dbClient;

  86.     this.userSession = userSession;

  87.     this.settingsUpdater = settingsUpdater;

  88.     this.settingsChangeNotifier = settingsChangeNotifier;

  89.     this.validations = validations;

  90.   }

  91. 

  92.   @Override

  93.   public void define(WebService.NewController context) {

  94.     WebService.NewAction action = context.createAction("set")

  95.       .setDescription("Update a setting value.<br>" +

  96.           "Either '%s' or '%s' must be provided.<br> " +

  97.           "The settings defined in conf/sonar.properties are read-only and can't be changed.<br/>" +

  98.           "Requires one of the following permissions: " +

  99.           "<ul>" +

  100.           "<li>'Administer System'</li>" +

  101.           "<li>'Administer' rights on the specified component</li>" +

  102.           "</ul>",

  103.         PARAM_VALUE, PARAM_VALUES)

  104.       .setSince("6.1")

  105.       .setChangelog(

  106.         new Change("10.1", "Param 'component' now only accept keys for projects, applications, portfolios or subportfolios"),

  107.         new Change("10.1", format("The use of module keys in parameter '%s' is removed", PARAM_COMPONENT)),

  108.         new Change("8.8", "Deprecated parameter 'componentKey' has been removed"),

  109.         new Change("7.6", format("The use of module keys in parameter '%s' is deprecated", PARAM_COMPONENT)),

  110.         new Change("7.1", "The settings defined in conf/sonar.properties are read-only and can't be changed"))

  111.       .setPost(true)

  112.       .setHandler(this);

  113. 

  114.     action.createParam(PARAM_KEY)

  115.       .setDescription("Setting key")

  116.       .setExampleValue("sonar.core.serverBaseURL")

  117.       .setRequired(true);

  118. 

  119.     action.createParam(PARAM_VALUE)

  120.       .setMaximumLength(VALUE_MAXIMUM_LENGTH)

  121.       .setDescription("Setting value. To reset a value, please use the reset web service.")

  122.       .setExampleValue("http://my-sonarqube-instance.com");

  123. 

  124.     action.createParam(PARAM_VALUES)

  125.       .setDescription("Setting multi value. To set several values, the parameter must be called once for each value.")

  126.       .setExampleValue("values=firstValue&values=secondValue&values=thirdValue");

  127. 

  128.     action.createParam(PARAM_FIELD_VALUES)

  129.       .setDescription("Setting field values. To set several values, the parameter must be called once for each value.")

  130.       .setExampleValue(PARAM_FIELD_VALUES + "={\"firstField\":\"first value\", \"secondField\":\"second value\", \"thirdField\":\"third value\"}");

  131. 

  132.     action.createParam(PARAM_COMPONENT)

  133.       .setDescription("Component key. Only keys for projects, applications, portfolios or subportfolios are accepted.")

  134.       .setExampleValue(KEY_PROJECT_EXAMPLE_001);

  135.   }

  136. 

  137.   @Override

  138.   public void handle(Request request, Response response) throws Exception {

  139.     try (DbSession dbSession = dbClient.openSession(false)) {

  140.       SetRequest wsRequest = toWsRequest(request);

  141.       SettingsWsSupport.validateKey(wsRequest.getKey());

  142.       doHandle(dbSession, wsRequest);

  143.     }

  144.     response.noContent();

  145.   }

  146. 

  147.   private void doHandle(DbSession dbSession, SetRequest request) {

  148.     Optional<EntityDto> component = searchEntity(dbSession, request);

  149.     String projectKey = component.map(EntityDto::getKey).orElse(null);

  150.     String projectName = component.map(EntityDto::getName).orElse(null);

  151.     String qualifier = component.map(EntityDto::getQualifier).orElse(null);

  152.     checkPermissions(component);

  153. 

  154.     PropertyDefinition definition = propertyDefinitions.get(request.getKey());

  155. 

  156.     String value;

  157. 

  158.     commonChecks(request, component);

  159. 

  160.     if (!request.getFieldValues().isEmpty()) {

  161.       value = doHandlePropertySet(dbSession, request, definition, component);

  162.     } else {

  163.       validate(request);

  164.       PropertyDto property = toProperty(request, component);

  165.       value = property.getValue();

  166.       dbClient.propertiesDao().saveProperty(dbSession, property, null, projectKey, projectName, qualifier);

  167.     }

  168. 

  169.     dbSession.commit();

  170. 

  171.     if (!component.isPresent()) {

  172.       settingsChangeNotifier.onGlobalPropertyChange(persistedKey(request), value);

  173.     }

  174.   }

  175. 

  176.   private String doHandlePropertySet(DbSession dbSession, SetRequest request, @Nullable PropertyDefinition definition, Optional<EntityDto> component) {

  177.     validatePropertySet(request, definition);

  178. 

  179.     int[] fieldIds = IntStream.rangeClosed(1, request.getFieldValues().size()).toArray();

  180.     String inlinedFieldKeys = IntStream.of(fieldIds).mapToObj(String::valueOf).collect(COMMA_JOINER);

  181.     String key = persistedKey(request);

  182.     String componentUuid = component.isPresent() ? component.get().getUuid() : null;

  183.     String componentKey = component.isPresent() ? component.get().getKey() : null;

  184.     String componentName = component.isPresent() ? component.get().getName() : null;

  185.     String qualifier = component.isPresent() ? component.get().getQualifier() : null;

  186. 

  187.     deleteSettings(dbSession, component, key);

  188.     dbClient.propertiesDao().saveProperty(dbSession, new PropertyDto().setKey(key).setValue(inlinedFieldKeys)

  189.       .setEntityUuid(componentUuid), null, componentKey, componentName, qualifier);

  190. 

  191.     List<String> fieldValues = request.getFieldValues();

  192.     IntStream.of(fieldIds).boxed()

  193.       .flatMap(i -> readOneFieldValues(fieldValues.get(i - 1), request.getKey()).entrySet().stream()

  194.         .map(entry -> new KeyValue(key + "." + i + "." + entry.getKey(), entry.getValue())))

  195.       .forEach(keyValue -> dbClient.propertiesDao().saveProperty(dbSession, toFieldProperty(keyValue, componentUuid),

  196.         null, componentKey, componentName, qualifier));

  197. 

  198.     return inlinedFieldKeys;

  199.   }

  200. 

  201.   private void deleteSettings(DbSession dbSession, Optional<EntityDto> component, String key) {

  202.     if (component.isPresent()) {

  203.       settingsUpdater.deleteComponentSettings(dbSession, component.get(), key);

  204.     } else {

  205.       settingsUpdater.deleteGlobalSettings(dbSession, key);

  206.     }

  207.   }

  208. 

  209.   private void commonChecks(SetRequest request, Optional<EntityDto> entity) {

  210.     checkValueIsSet(request);

  211.     String settingKey = request.getKey();

  212.     SettingData settingData = new SettingData(settingKey, valuesFromRequest(request), entity.orElse(null));

  213.     List.of(validations.scope(), validations.qualifier(), validations.valueType())

  214.       .forEach(validation -> validation.accept(settingData));

  215.   }

  216. 

  217.   private static void validatePropertySet(SetRequest request, @Nullable PropertyDefinition definition) {

  218.     checkRequest(definition != null, "Setting '%s' is undefined", request.getKey());

  219.     checkRequest(PropertyType.PROPERTY_SET.equals(definition.type()), "Parameter '%s' is used for setting of property set type only", PARAM_FIELD_VALUES);

  220. 

  221.     Set<String> fieldKeys = definition.fields().stream().map(PropertyFieldDefinition::key).collect(Collectors.toSet());

  222.     ListMultimap<String, String> valuesByFieldKeys = ArrayListMultimap.create(fieldKeys.size(), request.getFieldValues().size() * fieldKeys.size());

  223. 

  224.     List<Map<String, String>> maps = request.getFieldValues().stream()

  225.       .map(oneFieldValues -> readOneFieldValues(oneFieldValues, request.getKey()))

  226.       .toList();

  227. 

  228.     for (Map<String, String> map : maps) {

  229.       checkRequest(map.values().stream().anyMatch(StringUtils::isNotBlank), MSG_NO_EMPTY_VALUE);

  230.     }

  231.     List<Map.Entry<String, String>> entries = maps.stream().flatMap(map -> map.entrySet().stream()).toList();

  232.     entries.forEach(entry -> valuesByFieldKeys.put(entry.getKey(), entry.getValue()));

  233.     entries.forEach(entry -> checkRequest(fieldKeys.contains(entry.getKey()), "Unknown field key '%s' for setting '%s'", entry.getKey(), request.getKey()));

  234.     checkFieldType(request, definition, valuesByFieldKeys);

  235.   }

  236. 

  237.   private void validate(SetRequest request) {

  238.     PropertyDefinition definition = propertyDefinitions.get(request.getKey());

  239.     if (definition == null) {

  240.       return;

  241.     }

  242. 

  243.     checkSingleOrMultiValue(request, definition);

  244.   }

  245. 

  246.   private static void checkFieldType(SetRequest request, PropertyDefinition definition, ListMultimap<String, String> valuesByFieldKeys) {

  247.     for (PropertyFieldDefinition fieldDefinition : definition.fields()) {

  248.       for (String value : valuesByFieldKeys.get(fieldDefinition.key())) {

  249.         PropertyDefinition.Result result = fieldDefinition.validate(value);

  250.         checkRequest(result.isValid(),

  251.           "Error when validating setting with key '%s'. Field '%s' has incorrect value '%s'.",

  252.           request.getKey(), fieldDefinition.key(), value);

  253.       }

  254.     }

  255.   }

  256. 

  257.   private static void checkSingleOrMultiValue(SetRequest request, PropertyDefinition definition) {

  258.     checkRequest(definition.multiValues() ^ request.getValue() != null,

  259.       "Parameter '%s' must be used for single value setting. Parameter '%s' must be used for multi value setting.", PARAM_VALUE, PARAM_VALUES);

  260.   }

  261. 

  262.   private static void checkValueIsSet(SetRequest request) {

  263.     checkRequest(

  264.       request.getValue() != null

  265.         ^ !request.getValues().isEmpty()

  266.         ^ !request.getFieldValues().isEmpty(),

  267.       "Either '%s', '%s' or '%s' must be provided", PARAM_VALUE, PARAM_VALUES, PARAM_FIELD_VALUES);

  268.     checkRequest(request.getValues().stream().allMatch(StringUtils::isNotBlank), MSG_NO_EMPTY_VALUE);

  269.     checkRequest(request.getValue() == null || StringUtils.isNotBlank(request.getValue()), MSG_NO_EMPTY_VALUE);

  270.   }

  271. 

  272.   private static List<String> valuesFromRequest(SetRequest request) {

  273.     return request.getValue() == null ? request.getValues() : Collections.singletonList(request.getValue());

  274.   }

  275. 

  276.   private String persistedKey(SetRequest request) {

  277.     PropertyDefinition definition = propertyDefinitions.get(request.getKey());

  278.     // handles deprecated key but persist the new key

  279.     return definition == null ? request.getKey() : definition.key();

  280.   }

  281. 

  282.   private static String persistedValue(SetRequest request) {

  283.     return request.getValue() == null

  284.       ? request.getValues().stream().map(value -> value.replace(",", "%2C")).collect(COMMA_JOINER)

  285.       : request.getValue();

  286.   }

  287. 

  288.   private void checkPermissions(Optional<EntityDto> entity) {

  289.     if (entity.isPresent()) {

  290.       userSession.checkEntityPermission(UserRole.ADMIN, entity.get());

  291.     } else {

  292.       userSession.checkIsSystemAdministrator();

  293.     }

  294.   }

  295. 

  296.   private static SetRequest toWsRequest(Request request) {

  297.     SetRequest set = new SetRequest()

  298.       .setKey(request.mandatoryParam(PARAM_KEY))

  299.       .setValue(request.param(PARAM_VALUE))

  300.       .setValues(request.multiParam(PARAM_VALUES))

  301.       .setFieldValues(request.multiParam(PARAM_FIELD_VALUES))

  302.       .setEntity(request.param(PARAM_COMPONENT));

  303.     checkArgument(set.getValues() != null, "Setting values must not be null");

  304.     checkArgument(set.getFieldValues() != null, "Setting fields values must not be null");

  305.     return set;

  306.   }

  307. 

  308.   private static Map<String, String> readOneFieldValues(String json, String key) {

  309.     Gson gson = GsonHelper.create();

  310.     try {

  311.       return gson.fromJson(json, MAP_TYPE_TOKEN);

  312.     } catch (JsonSyntaxException e) {

  313.       throw BadRequestException.create(format("JSON '%s' does not respect expected format for setting '%s'. Ex: {\"field1\":\"value1\", \"field2\":\"value2\"}", json, key));

  314.     }

  315.   }

  316. 

  317.   private Optional<EntityDto> searchEntity(DbSession dbSession, SetRequest request) {

  318.     String entityKey = request.getEntity();

  319.     if (entityKey == null) {

  320.       return Optional.empty();

  321.     }

  322.     return Optional.of(dbClient.entityDao().selectByKey(dbSession, entityKey)

  323.       .orElseThrow(() -> new NotFoundException(format("Component key '%s' not found", entityKey))));

  324.   }

  325. 

  326.   private PropertyDto toProperty(SetRequest request, Optional<EntityDto> entity) {

  327.     String key = persistedKey(request);

  328.     String value = persistedValue(request);

  329. 

  330.     PropertyDto property = new PropertyDto()

  331.       .setKey(key)

  332.       .setValue(value);

  333. 

  334.     if (entity.isPresent()) {

  335.       property.setEntityUuid(entity.get().getUuid());

  336.     }

  337. 

  338.     return property;

  339.   }

  340. 

  341.   private static PropertyDto toFieldProperty(KeyValue keyValue, @Nullable String componentUuid) {

  342.     return new PropertyDto().setKey(keyValue.key).setValue(keyValue.value).setEntityUuid(componentUuid);

  343.   }

  344. 

  345.   private static class KeyValue {

  346.     private final String key;

  347.     private final String value;

  348. 

  349.     private KeyValue(String key, String value) {

  350.       this.key = key;

  351.       this.value = value;

  352.     }

  353.   }

  354. 

  355.   private static class SetRequest {

  356. 

  357.     private String entity;

  358.     private List<String> fieldValues;

  359.     private String key;

  360.     private String value;

  361.     private List<String> values;

  362. 

  363.     public SetRequest setEntity(@Nullable String entity) {

  364.       this.entity = entity;

  365.       return this;

  366.     }

  367. 

  368.     @CheckForNull

  369.     public String getEntity() {

  370.       return entity;

  371.     }

  372. 

  373.     public SetRequest setFieldValues(List<String> fieldValues) {

  374.       this.fieldValues = fieldValues;

  375.       return this;

  376.     }

  377. 

  378.     public List<String> getFieldValues() {

  379.       return fieldValues;

  380.     }

  381. 

  382.     public SetRequest setKey(String key) {

  383.       this.key = key;

  384.       return this;

  385.     }

  386. 

  387.     public String getKey() {

  388.       return key;

  389.     }

  390. 

  391.     public SetRequest setValue(@Nullable String value) {

  392.       this.value = value;

  393.       return this;

  394.     }

  395. 

  396.     @CheckForNull

  397.     public String getValue() {

  398.       return value;

  399.     }

  400. 

  401.     public SetRequest setValues(@Nullable List<String> values) {

  402.       this.values = values;

  403.       return this;

  404.     }

  405. 

  406.     public List<String> getValues() {

  407.       return values;

  408.     }

  409.   }

  410. }