mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34710 Commits
59 Branches
Tree: b0ab2c391e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b0ab2c391e'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/CurrentAction.java

CurrentAction.java 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2023 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.user.ws;

  21. 

  22. import java.util.Collection;

  23. import java.util.List;

  24. import java.util.Optional;

  25. import org.sonar.api.server.ws.Change;

  26. import org.sonar.api.server.ws.Request;

  27. import org.sonar.api.server.ws.Response;

  28. import org.sonar.api.server.ws.WebService.NewController;

  29. import org.sonar.core.platform.EditionProvider;

  30. import org.sonar.core.platform.PlatformEditionProvider;

  31. import org.sonar.db.DbClient;

  32. import org.sonar.db.DbSession;

  33. import org.sonar.db.component.BranchDto;

  34. import org.sonar.db.component.ComponentDto;

  35. import org.sonar.db.permission.GlobalPermission;

  36. import org.sonar.db.project.ProjectDto;

  37. import org.sonar.db.property.PropertyQuery;

  38. import org.sonar.db.user.UserDto;

  39. import org.sonar.server.common.avatar.AvatarResolver;

  40. import org.sonar.server.permission.PermissionService;

  41. import org.sonar.server.user.UserSession;

  42. import org.sonarqube.ws.Users.CurrentWsResponse;

  43. 

  44. import static com.google.common.base.Preconditions.checkState;

  45. import static com.google.common.base.Strings.emptyToNull;

  46. import static java.util.Collections.singletonList;

  47. import static java.util.Optional.empty;

  48. import static java.util.Optional.of;

  49. import static java.util.Optional.ofNullable;

  50. import static org.apache.commons.lang.StringUtils.EMPTY;

  51. import static org.sonar.api.web.UserRole.USER;

  52. import static org.sonar.server.user.ws.DismissNoticeAction.EDUCATION_PRINCIPLES;

  53. import static org.sonar.server.user.ws.DismissNoticeAction.SONARLINT_AD;

  54. import static org.sonar.server.ws.WsUtils.writeProtobuf;

  55. import static org.sonarqube.ws.Users.CurrentWsResponse.HomepageType.APPLICATION;

  56. import static org.sonarqube.ws.Users.CurrentWsResponse.HomepageType.PORTFOLIO;

  57. import static org.sonarqube.ws.Users.CurrentWsResponse.HomepageType.PROJECT;

  58. import static org.sonarqube.ws.Users.CurrentWsResponse.Permissions;

  59. import static org.sonarqube.ws.Users.CurrentWsResponse.newBuilder;

  60. import static org.sonarqube.ws.client.user.UsersWsParameters.ACTION_CURRENT;

  61. 

  62. public class CurrentAction implements UsersWsAction {

  63.   private final UserSession userSession;

  64.   private final DbClient dbClient;

  65.   private final AvatarResolver avatarResolver;

  66.   private final HomepageTypes homepageTypes;

  67.   private final PlatformEditionProvider editionProvider;

  68.   private final PermissionService permissionService;

  69. 

  70.   public CurrentAction(UserSession userSession, DbClient dbClient, AvatarResolver avatarResolver, HomepageTypes homepageTypes,

  71.     PlatformEditionProvider editionProvider, PermissionService permissionService) {

  72.     this.userSession = userSession;

  73.     this.dbClient = dbClient;

  74.     this.avatarResolver = avatarResolver;

  75.     this.homepageTypes = homepageTypes;

  76.     this.editionProvider = editionProvider;

  77.     this.permissionService = permissionService;

  78.   }

  79. 

  80.   @Override

  81.   public void define(NewController context) {

  82.     context.createAction(ACTION_CURRENT)

  83.       .setDescription("Get the details of the current authenticated user.")

  84.       .setSince("5.2")

  85.       .setInternal(true)

  86.       .setHandler(this)

  87.       .setResponseExample(getClass().getResource("current-example.json"))

  88.       .setChangelog(

  89.         new Change("6.5", "showOnboardingTutorial is now returned in the response"),

  90.         new Change("7.1", "'parameter' is replaced by 'component' and 'organization' in the response"),

  91.         new Change("9.2", "boolean 'usingSonarLintConnectedMode' and 'sonarLintAdSeen' fields are now returned in the response"),

  92.         new Change("9.5", "showOnboardingTutorial is not returned anymore in the response"),

  93.         new Change("9.6", "'sonarLintAdSeen' is removed and replaced by a 'dismissedNotices' map that support multiple values")

  94.       );

  95.   }

  96. 

  97.   @Override

  98.   public void handle(Request request, Response response) throws Exception {

  99.     if (userSession.isLoggedIn()) {

  100.       try (DbSession dbSession = dbClient.openSession(false)) {

  101.         writeProtobuf(toWsResponse(dbSession, userSession.getLogin()), request, response);

  102.       }

  103.     } else {

  104.       writeProtobuf(newBuilder()

  105.           .setIsLoggedIn(false)

  106.           .setPermissions(Permissions.newBuilder().addAllGlobal(getGlobalPermissions()).build())

  107.           .build(),

  108.         request, response);

  109.     }

  110.   }

  111. 

  112.   private CurrentWsResponse toWsResponse(DbSession dbSession, String userLogin) {

  113.     UserDto user = dbClient.userDao().selectActiveUserByLogin(dbSession, userLogin);

  114.     checkState(user != null, "User login '%s' cannot be found", userLogin);

  115.     Collection<String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(dbSession, singletonList(userLogin)).get(userLogin);

  116. 

  117.     CurrentWsResponse.Builder builder = newBuilder()

  118.       .setIsLoggedIn(true)

  119.       .setLogin(user.getLogin())

  120.       .setName(user.getName())

  121.       .setLocal(user.isLocal())

  122.       .addAllGroups(groups)

  123.       .addAllScmAccounts(user.getSortedScmAccounts())

  124.       .setPermissions(Permissions.newBuilder().addAllGlobal(getGlobalPermissions()).build())

  125.       .setHomepage(buildHomepage(dbSession, user))

  126.       .setUsingSonarLintConnectedMode(user.getLastSonarlintConnectionDate() != null)

  127.       .putDismissedNotices(EDUCATION_PRINCIPLES, isNoticeDismissed(user, EDUCATION_PRINCIPLES))

  128.       .putDismissedNotices(SONARLINT_AD, isNoticeDismissed(user, SONARLINT_AD));

  129.     ofNullable(emptyToNull(user.getEmail())).ifPresent(builder::setEmail);

  130.     ofNullable(emptyToNull(user.getEmail())).ifPresent(u -> builder.setAvatar(avatarResolver.create(user)));

  131.     ofNullable(user.getExternalLogin()).ifPresent(builder::setExternalIdentity);

  132.     ofNullable(user.getExternalIdentityProvider()).ifPresent(builder::setExternalProvider);

  133.     return builder.build();

  134.   }

  135. 

  136.   private List<String> getGlobalPermissions() {

  137.     return permissionService.getGlobalPermissions().stream()

  138.       .filter(userSession::hasPermission)

  139.       .map(GlobalPermission::getKey)

  140.       .toList();

  141.   }

  142. 

  143.   private boolean isNoticeDismissed(UserDto user, String noticeName) {

  144.     String paramKey = DismissNoticeAction.USER_DISMISS_CONSTANT + noticeName;

  145.     PropertyQuery query = new PropertyQuery.Builder()

  146.       .setUserUuid(user.getUuid())

  147.       .setKey(paramKey)

  148.       .build();

  149. 

  150.     try (DbSession dbSession = dbClient.openSession(false)) {

  151.       return !dbClient.propertiesDao().selectByQuery(query, dbSession).isEmpty();

  152.     }

  153.   }

  154. 

  155.   private CurrentWsResponse.Homepage buildHomepage(DbSession dbSession, UserDto user) {

  156.     if (noHomepageSet(user)) {

  157.       return defaultHomepage();

  158.     }

  159. 

  160.     return doBuildHomepage(dbSession, user).orElse(defaultHomepage());

  161.   }

  162. 

  163.   private Optional<CurrentWsResponse.Homepage> doBuildHomepage(DbSession dbSession, UserDto user) {

  164. 

  165.     if (PROJECT.toString().equals(user.getHomepageType())) {

  166.       return projectHomepage(dbSession, user);

  167.     }

  168. 

  169.     if (APPLICATION.toString().equals(user.getHomepageType()) || PORTFOLIO.toString().equals(user.getHomepageType())) {

  170.       return applicationAndPortfolioHomepage(dbSession, user);

  171.     }

  172. 

  173.     return of(CurrentWsResponse.Homepage.newBuilder()

  174.       .setType(CurrentWsResponse.HomepageType.valueOf(user.getHomepageType()))

  175.       .build());

  176.   }

  177. 

  178.   private Optional<CurrentWsResponse.Homepage> projectHomepage(DbSession dbSession, UserDto user) {

  179.     Optional<BranchDto> branchOptional = ofNullable(user.getHomepageParameter()).flatMap(p -> dbClient.branchDao().selectByUuid(dbSession, p));

  180.     Optional<ProjectDto> projectOptional = branchOptional.flatMap(b -> dbClient.projectDao().selectByUuid(dbSession, b.getProjectUuid()));

  181.     if (shouldCleanProjectHomepage(projectOptional, branchOptional)) {

  182.       cleanUserHomepageInDb(dbSession, user);

  183.       return empty();

  184.     }

  185. 

  186.     CurrentWsResponse.Homepage.Builder homepage = CurrentWsResponse.Homepage.newBuilder()

  187.       .setType(CurrentWsResponse.HomepageType.valueOf(user.getHomepageType()))

  188.       .setComponent(projectOptional.get().getKey());

  189. 

  190.     if (!branchOptional.get().getProjectUuid().equals(branchOptional.get().getUuid())) {

  191.       homepage.setBranch(branchOptional.get().getKey());

  192.     }

  193.     return of(homepage.build());

  194.   }

  195. 

  196.   private boolean shouldCleanProjectHomepage(Optional<ProjectDto> projectOptional, Optional<BranchDto> branchOptional) {

  197.     return !projectOptional.isPresent() || !branchOptional.isPresent() || !userSession.hasEntityPermission(USER, projectOptional.get());

  198.   }

  199. 

  200.   private Optional<CurrentWsResponse.Homepage> applicationAndPortfolioHomepage(DbSession dbSession, UserDto user) {

  201.     Optional<ComponentDto> componentOptional = dbClient.componentDao().selectByUuid(dbSession, of(user.getHomepageParameter()).orElse(EMPTY));

  202.     if (shouldCleanApplicationOrPortfolioHomepage(componentOptional)) {

  203.       cleanUserHomepageInDb(dbSession, user);

  204.       return empty();

  205.     }

  206. 

  207.     return of(CurrentWsResponse.Homepage.newBuilder()

  208.       .setType(CurrentWsResponse.HomepageType.valueOf(user.getHomepageType()))

  209.       .setComponent(componentOptional.get().getKey())

  210.       .build());

  211.   }

  212. 

  213.   private boolean shouldCleanApplicationOrPortfolioHomepage(Optional<ComponentDto> componentOptional) {

  214.     return !componentOptional.isPresent() || !hasValidEdition()

  215.       || !userSession.hasComponentPermission(USER, componentOptional.get());

  216.   }

  217. 

  218.   private boolean hasValidEdition() {

  219.     Optional<EditionProvider.Edition> edition = editionProvider.get();

  220.     if (!edition.isPresent()) {

  221.       return false;

  222.     }

  223.     return switch (edition.get()) {

  224.       case ENTERPRISE, DATACENTER -> true;

  225.       default -> false;

  226.     };

  227.   }

  228. 

  229.   private void cleanUserHomepageInDb(DbSession dbSession, UserDto user) {

  230.     dbClient.userDao().cleanHomepage(dbSession, user);

  231.   }

  232. 

  233.   private CurrentWsResponse.Homepage defaultHomepage() {

  234.     return CurrentWsResponse.Homepage.newBuilder()

  235.       .setType(CurrentWsResponse.HomepageType.valueOf(homepageTypes.getDefaultType().name()))

  236.       .build();

  237.   }

  238. 

  239.   private static boolean noHomepageSet(UserDto user) {

  240.     return user.getHomepageType() == null;

  241.   }

  242. 

  243. }