mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34710 Commits
59 Branches
Tree: b0ab2c391e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b0ab2c391e'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/template/TemplateUsersAction.java

TemplateUsersAction.java 7.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2023 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission.ws.template;

  21. 

  22. import com.google.common.collect.Multimap;

  23. import com.google.common.collect.Ordering;

  24. import com.google.common.collect.TreeMultimap;

  25. import java.util.List;

  26. import org.sonar.api.server.ws.Request;

  27. import org.sonar.api.server.ws.Response;

  28. import org.sonar.api.server.ws.WebService;

  29. import org.sonar.api.server.ws.WebService.Param;

  30. import org.sonar.api.utils.Paging;

  31. import org.sonar.db.DbClient;

  32. import org.sonar.db.DbSession;

  33. import org.sonar.db.permission.PermissionQuery;

  34. import org.sonar.db.permission.template.PermissionTemplateDto;

  35. import org.sonar.db.permission.template.PermissionTemplateUserDto;

  36. import org.sonar.db.user.UserDto;

  37. import org.sonar.server.common.avatar.AvatarResolver;

  38. import org.sonar.server.permission.RequestValidator;

  39. import org.sonar.server.permission.ws.PermissionWsSupport;

  40. import org.sonar.server.permission.ws.PermissionsWsAction;

  41. import org.sonar.server.permission.ws.WsParameters;

  42. import org.sonar.server.user.UserSession;

  43. import org.sonarqube.ws.Permissions;

  44. import org.sonarqube.ws.Permissions.UsersWsResponse;

  45. 

  46. import static com.google.common.base.Strings.emptyToNull;

  47. import static java.util.Optional.ofNullable;

  48. import static org.sonar.api.server.ws.WebService.Param.PAGE;

  49. import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;

  50. import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;

  51. import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;

  52. import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE;

  53. import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH;

  54. import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin;

  55. import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters;

  56. import static org.sonar.server.ws.WsUtils.writeProtobuf;

  57. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;

  58. 

  59. public class TemplateUsersAction implements PermissionsWsAction {

  60. 

  61.   private final DbClient dbClient;

  62.   private final UserSession userSession;

  63.   private final PermissionWsSupport wsSupport;

  64.   private final AvatarResolver avatarResolver;

  65.   private final WsParameters wsParameters;

  66.   private final RequestValidator requestValidator;

  67. 

  68.   public TemplateUsersAction(DbClient dbClient, UserSession userSession, PermissionWsSupport wsSupport, AvatarResolver avatarResolver,

  69.     WsParameters wsParameters, RequestValidator requestValidator) {

  70.     this.dbClient = dbClient;

  71.     this.userSession = userSession;

  72.     this.wsSupport = wsSupport;

  73.     this.avatarResolver = avatarResolver;

  74.     this.wsParameters = wsParameters;

  75.     this.requestValidator = requestValidator;

  76.   }

  77. 

  78.   @Override

  79.   public void define(WebService.NewController context) {

  80.     WebService.NewAction action = context

  81.       .createAction("template_users")

  82.       .setSince("5.2")

  83.       .setDescription("Lists the users with their permission as individual users rather than through group affiliation on the chosen template. <br />" +

  84.         "This service defaults to all users, but can be limited to users with a specific permission by providing the desired permission.<br>" +

  85.         "Requires the following permission: 'Administer System'.")

  86.       .addPagingParams(DEFAULT_PAGE_SIZE, RESULTS_MAX_SIZE)

  87.       .setInternal(true)

  88.       .setResponseExample(getClass().getResource("template_users-example.json"))

  89.       .setHandler(this);

  90. 

  91.     action.createParam(Param.TEXT_QUERY)

  92.       .setMinimumLength(SEARCH_QUERY_MIN_LENGTH)

  93.       .setDescription("Limit search to user names that contain the supplied string. <br/>" +

  94.         "When this parameter is not set, only users having at least one permission are returned.")

  95.       .setExampleValue("eri");

  96.     wsParameters.createProjectPermissionParameter(action).setRequired(false);

  97.     createTemplateParameters(action);

  98.   }

  99. 

  100.   @Override

  101.   public void handle(Request wsRequest, Response wsResponse) throws Exception {

  102.     try (DbSession dbSession = dbClient.openSession(false)) {

  103.       WsTemplateRef templateRef = WsTemplateRef.fromRequest(wsRequest);

  104.       PermissionTemplateDto template = wsSupport.findTemplate(dbSession, templateRef);

  105.       checkGlobalAdmin(userSession);

  106. 

  107.       PermissionQuery query = buildQuery(wsRequest);

  108.       int total = dbClient.permissionTemplateDao().countUserLoginsByQueryAndTemplate(dbSession, query, template.getUuid());

  109.       Paging paging = Paging.forPageIndex(wsRequest.mandatoryParamAsInt(PAGE)).withPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE)).andTotal(total);

  110.       List<UserDto> users = findUsers(dbSession, query, template);

  111.       List<PermissionTemplateUserDto> permissionTemplateUsers = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateIdAndUserLogins(dbSession, template.getUuid(),

  112.         users.stream().map(UserDto::getLogin).toList());

  113.       Permissions.UsersWsResponse templateUsersResponse = buildResponse(users, permissionTemplateUsers, paging);

  114.       writeProtobuf(templateUsersResponse, wsRequest, wsResponse);

  115.     }

  116.   }

  117. 

  118.   private PermissionQuery buildQuery(Request wsRequest) {

  119.     String textQuery = wsRequest.param(TEXT_QUERY);

  120.     String permission = wsRequest.param(PARAM_PERMISSION);

  121.     PermissionQuery.Builder query = PermissionQuery.builder()

  122.       .setPermission(permission != null ? requestValidator.validateProjectPermission(permission) : null)

  123.       .setPageIndex(wsRequest.mandatoryParamAsInt(PAGE))

  124.       .setPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE))

  125.       .setSearchQuery(textQuery);

  126.     return query.build();

  127.   }

  128. 

  129.   private Permissions.UsersWsResponse buildResponse(List<UserDto> users, List<PermissionTemplateUserDto> permissionTemplateUsers, Paging paging) {

  130.     Multimap<String, String> permissionsByUserUuid = TreeMultimap.create();

  131.     permissionTemplateUsers.forEach(userPermission -> permissionsByUserUuid.put(userPermission.getUserUuid(), userPermission.getPermission()));

  132. 

  133.     UsersWsResponse.Builder responseBuilder = UsersWsResponse.newBuilder();

  134.     users.forEach(user -> {

  135.       Permissions.User.Builder userResponse = responseBuilder.addUsersBuilder()

  136.         .setLogin(user.getLogin())

  137.         .addAllPermissions(permissionsByUserUuid.get(user.getUuid()));

  138.       ofNullable(user.getEmail()).ifPresent(userResponse::setEmail);

  139.       ofNullable(user.getName()).ifPresent(userResponse::setName);

  140.       ofNullable(emptyToNull(user.getEmail())).ifPresent(u -> userResponse.setAvatar(avatarResolver.create(user)));

  141.     });

  142.     responseBuilder.getPagingBuilder()

  143.       .setPageIndex(paging.pageIndex())

  144.       .setPageSize(paging.pageSize())

  145.       .setTotal(paging.total())

  146.       .build();

  147.     return responseBuilder.build();

  148.   }

  149. 

  150.   private List<UserDto> findUsers(DbSession dbSession, PermissionQuery query, PermissionTemplateDto template) {

  151.     List<String> orderedLogins = dbClient.permissionTemplateDao().selectUserLoginsByQueryAndTemplate(dbSession, query, template.getUuid());

  152.     return Ordering.explicit(orderedLogins).onResultOf(UserDto::getLogin).immutableSortedCopy(dbClient.userDao().selectByLogins(dbSession, orderedLogins));

  153.   }

  154. 

  155. }