mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36262 Commits
59 Branches
Tree: 412f42cb11
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '412f42cb11'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/AddUserAction.java

AddUserAction.java 4.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission.ws;

  21. 

  22. import org.sonar.api.config.Configuration;

  23. import org.sonar.api.server.ws.Request;

  24. import org.sonar.api.server.ws.Response;

  25. import org.sonar.api.server.ws.WebService;

  26. import org.sonar.db.DbClient;

  27. import org.sonar.db.DbSession;

  28. import org.sonar.db.entity.EntityDto;

  29. import org.sonar.db.user.UserId;

  30. import org.sonar.server.common.management.ManagedInstanceChecker;

  31. import org.sonar.server.common.permission.Operation;

  32. import org.sonar.server.permission.PermissionService;

  33. import org.sonar.server.common.permission.PermissionUpdater;

  34. import org.sonar.server.common.permission.UserPermissionChange;

  35. import org.sonar.server.user.UserSession;

  36. 

  37. import static java.util.Collections.singletonList;

  38. import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;

  39. import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;

  40. import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter;

  41. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;

  42. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;

  43. 

  44. public class AddUserAction implements PermissionsWsAction {

  45. 

  46.   public static final String ACTION = "add_user";

  47. 

  48.   private final DbClient dbClient;

  49.   private final UserSession userSession;

  50.   private final PermissionUpdater<UserPermissionChange> permissionUpdater;

  51.   private final PermissionWsSupport wsSupport;

  52.   private final WsParameters wsParameters;

  53.   private final PermissionService permissionService;

  54.   private final Configuration configuration;

  55.   private final ManagedInstanceChecker managedInstanceChecker;

  56. 

  57.   public AddUserAction(DbClient dbClient, UserSession userSession, PermissionUpdater<UserPermissionChange> permissionUpdater, PermissionWsSupport wsSupport,

  58.     WsParameters wsParameters, PermissionService permissionService, Configuration configuration, ManagedInstanceChecker managedInstanceChecker) {

  59.     this.dbClient = dbClient;

  60.     this.userSession = userSession;

  61.     this.permissionUpdater = permissionUpdater;

  62.     this.wsSupport = wsSupport;

  63.     this.wsParameters = wsParameters;

  64.     this.permissionService = permissionService;

  65.     this.configuration = configuration;

  66.     this.managedInstanceChecker = managedInstanceChecker;

  67.   }

  68. 

  69.   @Override

  70.   public void define(WebService.NewController context) {

  71.     WebService.NewAction action = context.createAction(ACTION)

  72.       .setDescription("Add permission to a user.<br /> " +

  73.         "This service defaults to global permissions, but can be limited to project permissions by providing project id or project key.<br />" +

  74.         "Requires one of the following permissions:" +

  75.         "<ul>" +

  76.         "<li>'Administer System'</li>" +

  77.         "<li>'Administer' rights on the specified project</li>" +

  78.         "</ul>")

  79.       .setSince("5.2")

  80.       .setPost(true)

  81.       .setHandler(this);

  82. 

  83.     wsParameters.createPermissionParameter(action, "The permission you would like to grant to the user");

  84.     createUserLoginParameter(action);

  85.     createProjectParameters(action);

  86.   }

  87. 

  88.   @Override

  89.   public void handle(Request request, Response response) throws Exception {

  90.     try (DbSession dbSession = dbClient.openSession(false)) {

  91.       String userLogin = request.mandatoryParam(PARAM_USER_LOGIN);

  92.       EntityDto entityDto = wsSupport.findEntity(dbSession, request);

  93.       checkProjectAdmin(userSession, configuration, entityDto);

  94.       if (!userSession.isSystemAdministrator() && entityDto != null && entityDto.isProject()) {

  95.         managedInstanceChecker.throwIfProjectIsManaged(dbSession, entityDto.getUuid());

  96.       }

  97.       UserId user = wsSupport.findUser(dbSession, userLogin);

  98. 

  99.       UserPermissionChange change = new UserPermissionChange(

  100.         Operation.ADD,

  101.         request.mandatoryParam(PARAM_PERMISSION),

  102.         entityDto,

  103.         user,

  104.         permissionService);

  105.       permissionUpdater.apply(dbSession, singletonList(change));

  106.     }

  107.     response.noContent();

  108.   }

  109. }