mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36211 Commits
59 Branches
Tree: 720d6dd5c4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '720d6dd5c4'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/SetAction.java

SetAction.java 17KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.setting.ws;

  21. 

  22. import com.google.common.collect.ArrayListMultimap;

  23. import com.google.common.collect.ListMultimap;

  24. import com.google.gson.Gson;

  25. import com.google.gson.JsonSyntaxException;

  26. import com.google.gson.reflect.TypeToken;

  27. import java.util.Collections;

  28. import java.util.List;

  29. import java.util.Map;

  30. import java.util.Optional;

  31. import java.util.Set;

  32. import java.util.stream.Collector;

  33. import java.util.stream.Collectors;

  34. import java.util.stream.IntStream;

  35. import javax.annotation.CheckForNull;

  36. import javax.annotation.Nullable;

  37. import org.apache.commons.lang3.StringUtils;

  38. import org.sonar.api.PropertyType;

  39. import org.sonar.api.config.PropertyDefinition;

  40. import org.sonar.api.config.PropertyDefinitions;

  41. import org.sonar.api.config.PropertyFieldDefinition;

  42. import org.sonar.api.server.ws.Change;

  43. import org.sonar.api.server.ws.Request;

  44. import org.sonar.api.server.ws.Response;

  45. import org.sonar.api.server.ws.WebService;

  46. import org.sonar.api.web.UserRole;

  47. import org.sonar.db.DbClient;

  48. import org.sonar.db.DbSession;

  49. import org.sonar.db.entity.EntityDto;

  50. import org.sonar.db.property.PropertyDto;

  51. import org.sonar.scanner.protocol.GsonHelper;

  52. import org.sonar.server.exceptions.BadRequestException;

  53. import org.sonar.server.exceptions.NotFoundException;

  54. import org.sonar.server.setting.SettingsChangeNotifier;

  55. import org.sonar.server.setting.ws.SettingValidations.SettingData;

  56. import org.sonar.server.user.UserSession;

  57. 

  58. import static com.google.common.base.Preconditions.checkArgument;

  59. import static java.lang.String.format;

  60. import static org.sonar.server.exceptions.BadRequestException.checkRequest;

  61. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_COMPONENT;

  62. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_FIELD_VALUES;

  63. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_KEY;

  64. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_VALUE;

  65. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_VALUES;

  66. import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;

  67. 

  68. public class SetAction implements SettingsWsAction {

  69.   private static final Collector<CharSequence, ?, String> COMMA_JOINER = Collectors.joining(",");

  70.   private static final String MSG_NO_EMPTY_VALUE = "A non empty value must be provided";

  71.   private static final int VALUE_MAXIMUM_LENGTH = 4000;

  72.   private static final TypeToken<Map<String, String>> MAP_TYPE_TOKEN = new TypeToken<>() {

  73.   };

  74. 

  75.   private final PropertyDefinitions propertyDefinitions;

  76.   private final DbClient dbClient;

  77.   private final UserSession userSession;

  78.   private final SettingsUpdater settingsUpdater;

  79.   private final SettingsChangeNotifier settingsChangeNotifier;

  80.   private final SettingValidations validations;

  81. 

  82.   public SetAction(PropertyDefinitions propertyDefinitions, DbClient dbClient, UserSession userSession,

  83.     SettingsUpdater settingsUpdater, SettingsChangeNotifier settingsChangeNotifier, SettingValidations validations) {

  84.     this.propertyDefinitions = propertyDefinitions;

  85.     this.dbClient = dbClient;

  86.     this.userSession = userSession;

  87.     this.settingsUpdater = settingsUpdater;

  88.     this.settingsChangeNotifier = settingsChangeNotifier;

  89.     this.validations = validations;

  90.   }

  91. 

  92.   @Override

  93.   public void define(WebService.NewController context) {

  94.     WebService.NewAction action = context.createAction("set")

  95.       .setDescription("Update a setting value.<br>" +

  96.           "Either '%s' or '%s' must be provided.<br> " +

  97.           "The settings defined in conf/sonar.properties are read-only and can't be changed.<br/>" +

  98.           "Requires one of the following permissions: " +

  99.           "<ul>" +

  100.           "<li>'Administer System'</li>" +

  101.           "<li>'Administer' rights on the specified component</li>" +

  102.           "</ul>",

  103.         PARAM_VALUE, PARAM_VALUES)

  104.       .setSince("6.1")

  105.       .setChangelog(

  106.         new Change("10.1", "Param 'component' now only accept keys for projects, applications, portfolios or subportfolios"),

  107.         new Change("10.1", format("The use of module keys in parameter '%s' is removed", PARAM_COMPONENT)),

  108.         new Change("8.8", "Deprecated parameter 'componentKey' has been removed"),

  109.         new Change("7.6", format("The use of module keys in parameter '%s' is deprecated", PARAM_COMPONENT)),

  110.         new Change("7.1", "The settings defined in conf/sonar.properties are read-only and can't be changed"))

  111.       .setPost(true)

  112.       .setHandler(this);

  113. 

  114.     action.createParam(PARAM_KEY)

  115.       .setDescription("Setting key")

  116.       .setExampleValue("sonar.core.serverBaseURL")

  117.       .setRequired(true);

  118. 

  119.     action.createParam(PARAM_VALUE)

  120.       .setMaximumLength(VALUE_MAXIMUM_LENGTH)

  121.       .setDescription("Setting value. To reset a value, please use the reset web service.")

  122.       .setExampleValue("http://my-sonarqube-instance.com");

  123. 

  124.     action.createParam(PARAM_VALUES)

  125.       .setDescription("Setting multi value. To set several values, the parameter must be called once for each value.")

  126.       .setExampleValue("values=firstValue&values=secondValue&values=thirdValue");

  127. 

  128.     action.createParam(PARAM_FIELD_VALUES)

  129.       .setDescription("Setting field values. To set several values, the parameter must be called once for each value.")

  130.       .setExampleValue(PARAM_FIELD_VALUES + "={\"firstField\":\"first value\", \"secondField\":\"second value\", \"thirdField\":\"third value\"}");

  131. 

  132.     action.createParam(PARAM_COMPONENT)

  133.       .setDescription("Component key. Only keys for projects, applications, portfolios or subportfolios are accepted.")

  134.       .setExampleValue(KEY_PROJECT_EXAMPLE_001);

  135.   }

  136. 

  137.   @Override

  138.   public void handle(Request request, Response response) throws Exception {

  139.     try (DbSession dbSession = dbClient.openSession(false)) {

  140.       SetRequest wsRequest = toWsRequest(request);

  141.       SettingsWsSupport.validateKey(wsRequest.getKey());

  142.       doHandle(dbSession, wsRequest);

  143.     }

  144.     response.noContent();

  145.   }

  146. 

  147.   private void doHandle(DbSession dbSession, SetRequest request) {

  148.     Optional<EntityDto> component = searchEntity(dbSession, request);

  149.     String projectKey = component.map(EntityDto::getKey).orElse(null);

  150.     String projectName = component.map(EntityDto::getName).orElse(null);

  151.     String qualifier = component.map(EntityDto::getQualifier).orElse(null);

  152.     checkPermissions(component);

  153. 

  154.     PropertyDefinition definition = propertyDefinitions.get(request.getKey());

  155. 

  156.     String value;

  157. 

  158.     commonChecks(request, component);

  159. 

  160.     if (!request.getFieldValues().isEmpty()) {

  161.       value = doHandlePropertySet(dbSession, request, definition, component);

  162.     } else {

  163.       validate(request);

  164.       PropertyDto property = toProperty(request, component);

  165.       value = property.getValue();

  166.       dbClient.propertiesDao().saveProperty(dbSession, property, null, projectKey, projectName, qualifier);

  167.     }

  168. 

  169.     dbSession.commit();

  170. 

  171.     if (!component.isPresent()) {

  172.       settingsChangeNotifier.onGlobalPropertyChange(persistedKey(request), value);

  173.     }

  174.   }

  175. 

  176.   private String doHandlePropertySet(DbSession dbSession, SetRequest request, @Nullable PropertyDefinition definition, Optional<EntityDto> component) {

  177.     validatePropertySet(request, definition);

  178. 

  179.     int[] fieldIds = IntStream.rangeClosed(1, request.getFieldValues().size()).toArray();

  180.     String inlinedFieldKeys = IntStream.of(fieldIds).mapToObj(String::valueOf).collect(COMMA_JOINER);

  181.     String key = persistedKey(request);

  182.     String componentUuid = component.isPresent() ? component.get().getUuid() : null;

  183.     String componentKey = component.isPresent() ? component.get().getKey() : null;

  184.     String componentName = component.isPresent() ? component.get().getName() : null;

  185.     String qualifier = component.isPresent() ? component.get().getQualifier() : null;

  186. 

  187.     deleteSettings(dbSession, component, key);

  188.     dbClient.propertiesDao().saveProperty(dbSession, new PropertyDto().setKey(key).setValue(inlinedFieldKeys)

  189.       .setEntityUuid(componentUuid), null, componentKey, componentName, qualifier);

  190. 

  191.     List<String> fieldValues = request.getFieldValues();

  192.     IntStream.of(fieldIds).boxed()

  193.       .flatMap(i -> readOneFieldValues(fieldValues.get(i - 1), request.getKey()).entrySet().stream()

  194.         .map(entry -> new KeyValue(key + "." + i + "." + entry.getKey(), entry.getValue())))

  195.       .forEach(keyValue -> dbClient.propertiesDao().saveProperty(dbSession, toFieldProperty(keyValue, componentUuid),

  196.         null, componentKey, componentName, qualifier));

  197. 

  198.     return inlinedFieldKeys;

  199.   }

  200. 

  201.   private void deleteSettings(DbSession dbSession, Optional<EntityDto> component, String key) {

  202.     if (component.isPresent()) {

  203.       settingsUpdater.deleteComponentSettings(dbSession, component.get(), key);

  204.     } else {

  205.       settingsUpdater.deleteGlobalSettings(dbSession, key);

  206.     }

  207.   }

  208. 

  209.   private void commonChecks(SetRequest request, Optional<EntityDto> entity) {

  210.     checkValueIsSet(request);

  211.     String settingKey = request.getKey();

  212.     SettingData settingData = new SettingData(settingKey, valuesFromRequest(request), entity.orElse(null));

  213.     validations.validateScope(settingData);

  214.     validations.validateQualifier(settingData);

  215.     validations.validateValueType(settingData);

  216.   }

  217. 

  218.   private static void validatePropertySet(SetRequest request, @Nullable PropertyDefinition definition) {

  219.     checkRequest(definition != null, "Setting '%s' is undefined", request.getKey());

  220.     checkRequest(PropertyType.PROPERTY_SET.equals(definition.type()), "Parameter '%s' is used for setting of property set type only", PARAM_FIELD_VALUES);

  221. 

  222.     Set<String> fieldKeys = definition.fields().stream().map(PropertyFieldDefinition::key).collect(Collectors.toSet());

  223.     ListMultimap<String, String> valuesByFieldKeys = ArrayListMultimap.create(fieldKeys.size(), request.getFieldValues().size() * fieldKeys.size());

  224. 

  225.     List<Map<String, String>> maps = request.getFieldValues().stream()

  226.       .map(oneFieldValues -> readOneFieldValues(oneFieldValues, request.getKey()))

  227.       .toList();

  228. 

  229.     for (Map<String, String> map : maps) {

  230.       checkRequest(map.values().stream().anyMatch(StringUtils::isNotBlank), MSG_NO_EMPTY_VALUE);

  231.     }

  232.     List<Map.Entry<String, String>> entries = maps.stream().flatMap(map -> map.entrySet().stream()).toList();

  233.     entries.forEach(entry -> valuesByFieldKeys.put(entry.getKey(), entry.getValue()));

  234.     entries.forEach(entry -> checkRequest(fieldKeys.contains(entry.getKey()), "Unknown field key '%s' for setting '%s'", entry.getKey(), request.getKey()));

  235.     checkFieldType(request, definition, valuesByFieldKeys);

  236.   }

  237. 

  238.   private void validate(SetRequest request) {

  239.     PropertyDefinition definition = propertyDefinitions.get(request.getKey());

  240.     if (definition == null) {

  241.       return;

  242.     }

  243. 

  244.     checkSingleOrMultiValue(request, definition);

  245.   }

  246. 

  247.   private static void checkFieldType(SetRequest request, PropertyDefinition definition, ListMultimap<String, String> valuesByFieldKeys) {

  248.     for (PropertyFieldDefinition fieldDefinition : definition.fields()) {

  249.       for (String value : valuesByFieldKeys.get(fieldDefinition.key())) {

  250.         PropertyDefinition.Result result = fieldDefinition.validate(value);

  251.         checkRequest(result.isValid(),

  252.           "Error when validating setting with key '%s'. Field '%s' has incorrect value '%s'.",

  253.           request.getKey(), fieldDefinition.key(), value);

  254.       }

  255.     }

  256.   }

  257. 

  258.   private static void checkSingleOrMultiValue(SetRequest request, PropertyDefinition definition) {

  259.     checkRequest(definition.multiValues() ^ request.getValue() != null,

  260.       "Parameter '%s' must be used for single value setting. Parameter '%s' must be used for multi value setting.", PARAM_VALUE, PARAM_VALUES);

  261.   }

  262. 

  263.   private static void checkValueIsSet(SetRequest request) {

  264.     checkRequest(

  265.       request.getValue() != null

  266.         ^ !request.getValues().isEmpty()

  267.         ^ !request.getFieldValues().isEmpty(),

  268.       "Either '%s', '%s' or '%s' must be provided", PARAM_VALUE, PARAM_VALUES, PARAM_FIELD_VALUES);

  269.     checkRequest(request.getValues().stream().allMatch(StringUtils::isNotBlank), MSG_NO_EMPTY_VALUE);

  270.     checkRequest(request.getValue() == null || StringUtils.isNotBlank(request.getValue()), MSG_NO_EMPTY_VALUE);

  271.   }

  272. 

  273.   private static List<String> valuesFromRequest(SetRequest request) {

  274.     return request.getValue() == null ? request.getValues() : Collections.singletonList(request.getValue());

  275.   }

  276. 

  277.   private String persistedKey(SetRequest request) {

  278.     PropertyDefinition definition = propertyDefinitions.get(request.getKey());

  279.     // handles deprecated key but persist the new key

  280.     return definition == null ? request.getKey() : definition.key();

  281.   }

  282. 

  283.   private static String persistedValue(SetRequest request) {

  284.     return request.getValue() == null

  285.       ? request.getValues().stream().map(value -> value.replace(",", "%2C")).collect(COMMA_JOINER)

  286.       : request.getValue();

  287.   }

  288. 

  289.   private void checkPermissions(Optional<EntityDto> entity) {

  290.     if (entity.isPresent()) {

  291.       userSession.checkEntityPermission(UserRole.ADMIN, entity.get());

  292.     } else {

  293.       userSession.checkIsSystemAdministrator();

  294.     }

  295.   }

  296. 

  297.   private static SetRequest toWsRequest(Request request) {

  298.     SetRequest set = new SetRequest()

  299.       .setKey(request.mandatoryParam(PARAM_KEY))

  300.       .setValue(request.param(PARAM_VALUE))

  301.       .setValues(request.multiParam(PARAM_VALUES))

  302.       .setFieldValues(request.multiParam(PARAM_FIELD_VALUES))

  303.       .setEntity(request.param(PARAM_COMPONENT));

  304.     checkArgument(set.getValues() != null, "Setting values must not be null");

  305.     checkArgument(set.getFieldValues() != null, "Setting fields values must not be null");

  306.     return set;

  307.   }

  308. 

  309.   private static Map<String, String> readOneFieldValues(String json, String key) {

  310.     Gson gson = GsonHelper.create();

  311.     try {

  312.       return gson.fromJson(json, MAP_TYPE_TOKEN);

  313.     } catch (JsonSyntaxException e) {

  314.       throw BadRequestException.create(format("JSON '%s' does not respect expected format for setting '%s'. Ex: {\"field1\":\"value1\", \"field2\":\"value2\"}", json, key));

  315.     }

  316.   }

  317. 

  318.   private Optional<EntityDto> searchEntity(DbSession dbSession, SetRequest request) {

  319.     String entityKey = request.getEntity();

  320.     if (entityKey == null) {

  321.       return Optional.empty();

  322.     }

  323.     return Optional.of(dbClient.entityDao().selectByKey(dbSession, entityKey)

  324.       .orElseThrow(() -> new NotFoundException(format("Component key '%s' not found", entityKey))));

  325.   }

  326. 

  327.   private PropertyDto toProperty(SetRequest request, Optional<EntityDto> entity) {

  328.     String key = persistedKey(request);

  329.     String value = persistedValue(request);

  330. 

  331.     PropertyDto property = new PropertyDto()

  332.       .setKey(key)

  333.       .setValue(value);

  334. 

  335.     if (entity.isPresent()) {

  336.       property.setEntityUuid(entity.get().getUuid());

  337.     }

  338. 

  339.     return property;

  340.   }

  341. 

  342.   private static PropertyDto toFieldProperty(KeyValue keyValue, @Nullable String componentUuid) {

  343.     return new PropertyDto().setKey(keyValue.key).setValue(keyValue.value).setEntityUuid(componentUuid);

  344.   }

  345. 

  346.   private static class KeyValue {

  347.     private final String key;

  348.     private final String value;

  349. 

  350.     private KeyValue(String key, String value) {

  351.       this.key = key;

  352.       this.value = value;

  353.     }

  354.   }

  355. 

  356.   private static class SetRequest {

  357. 

  358.     private String entity;

  359.     private List<String> fieldValues;

  360.     private String key;

  361.     private String value;

  362.     private List<String> values;

  363. 

  364.     public SetRequest setEntity(@Nullable String entity) {

  365.       this.entity = entity;

  366.       return this;

  367.     }

  368. 

  369.     @CheckForNull

  370.     public String getEntity() {

  371.       return entity;

  372.     }

  373. 

  374.     public SetRequest setFieldValues(List<String> fieldValues) {

  375.       this.fieldValues = fieldValues;

  376.       return this;

  377.     }

  378. 

  379.     public List<String> getFieldValues() {

  380.       return fieldValues;

  381.     }

  382. 

  383.     public SetRequest setKey(String key) {

  384.       this.key = key;

  385.       return this;

  386.     }

  387. 

  388.     public String getKey() {

  389.       return key;

  390.     }

  391. 

  392.     public SetRequest setValue(@Nullable String value) {

  393.       this.value = value;

  394.       return this;

  395.     }

  396. 

  397.     @CheckForNull

  398.     public String getValue() {

  399.       return value;

  400.     }

  401. 

  402.     public SetRequest setValues(@Nullable List<String> values) {

  403.       this.values = values;

  404.       return this;

  405.     }

  406. 

  407.     public List<String> getValues() {

  408.       return values;

  409.     }

  410.   }

  411. }