mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27803 Commits
59 Branches
Tree: db18af0468
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'db18af0468'
${ noResults }
sonarqube/server/sonar-server/src/main/java/org/sonar/server/permission/ws/RequestValidator.java

RequestValidator.java 4.1KB
Raw Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2019 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission.ws;

  21. 

  22. import com.google.common.base.Joiner;

  23. import java.util.Set;

  24. import java.util.regex.Pattern;

  25. import java.util.regex.PatternSyntaxException;

  26. import java.util.stream.Collectors;

  27. import javax.annotation.Nullable;

  28. import org.sonar.api.resources.ResourceType;

  29. import org.sonar.api.resources.ResourceTypes;

  30. import org.sonar.core.permission.GlobalPermissions;

  31. import org.sonar.server.exceptions.BadRequestException;

  32. import org.sonar.server.permission.PermissionService;

  33. import org.sonar.server.usergroups.ws.GroupIdOrAnyone;

  34. import org.sonar.server.ws.WsUtils;

  35. 

  36. import static com.google.common.base.Strings.isNullOrEmpty;

  37. import static java.lang.String.format;

  38. import static org.sonar.server.ws.WsUtils.checkRequest;

  39. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;

  40. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY_PATTERN;

  41. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;

  42. 

  43. public class RequestValidator {

  44.   public static final String MSG_TEMPLATE_WITH_SAME_NAME = "A template with the name '%s' already exists (case insensitive).";

  45.   private final PermissionService permissionService;

  46.   private final String allProjectsPermissionsOnOneLine;

  47. 

  48.   public RequestValidator(PermissionService permissionService) {

  49.     this.permissionService = permissionService;

  50.     allProjectsPermissionsOnOneLine = Joiner.on(", ").join(permissionService.getAllProjectPermissions());

  51.   }

  52. 

  53.   public String validateProjectPermission(String permission) {

  54.     WsUtils.checkRequest(permissionService.getAllProjectPermissions().contains(permission),

  55.       String.format("The '%s' parameter for project permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION,

  56.         allProjectsPermissionsOnOneLine, permission));

  57.     return permission;

  58.   }

  59. 

  60.   public static void validateGlobalPermission(String permission) {

  61.     checkRequest(GlobalPermissions.ALL.contains(permission),

  62.       format("The '%s' parameter for global permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION, GlobalPermissions.ALL_ON_ONE_LINE, permission));

  63.   }

  64. 

  65.   public static void validateNotAnyoneAndAdminPermission(String permission, GroupIdOrAnyone group) {

  66.     checkRequest(!GlobalPermissions.SYSTEM_ADMIN.equals(permission) || !group.isAnyone(),

  67.       format("It is not possible to add the '%s' permission to group 'Anyone'.", permission));

  68.   }

  69. 

  70.   public static void validateQualifier(@Nullable String qualifier, ResourceTypes resourceTypes) {

  71.     if (qualifier == null) {

  72.       return;

  73.     }

  74.     Set<String> rootQualifiers = resourceTypes.getRoots().stream()

  75.       .map(ResourceType::getQualifier)

  76.       .collect(Collectors.toSet());

  77.     checkRequest(rootQualifiers.contains(qualifier),

  78.       format("The '%s' parameter must be one of %s. '%s' was passed.", PARAM_QUALIFIER, rootQualifiers, qualifier));

  79.   }

  80. 

  81.   public static void validateProjectPattern(@Nullable String projectPattern) {

  82.     if (isNullOrEmpty(projectPattern)) {

  83.       return;

  84.     }

  85. 

  86.     try {

  87.       Pattern.compile(projectPattern);

  88.     } catch (PatternSyntaxException e) {

  89.       throw BadRequestException.create(format("The '%s' parameter must be a valid Java regular expression. '%s' was passed", PARAM_PROJECT_KEY_PATTERN, projectPattern));

  90.     }

  91.   }

  92. }