SONAR-10088 Prevent updating built-in quality gate in rename ws

3 files changed, 22 insertions, 2 deletions

diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QGateWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QGateWsSupport.java
index 854e9e0939d..f15b1fbc559 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QGateWsSupport.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/QGateWsSupport.java
@@ -31,6 +31,7 @@ import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.user.UserSession;
 import org.sonarqube.ws.Qualitygates;
 
+import static com.google.common.base.Preconditions.checkArgument;
 import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
 import static org.sonar.server.qualitygate.QualityGates.SONAR_QUALITYGATE_PROPERTY;
 
@@ -82,8 +83,13 @@ public class QGateWsSupport {
     return Long.valueOf(defaultQgate.getValue());
   }
 
-  void checkCanEdit() {
+  void checkCanEdit(QualityGateDto qualityGate) {
+    checkNotBuiltInt(qualityGate);
     userSession.checkPermission(ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid());
   }
 
+  private static void checkNotBuiltInt(QualityGateDto qualityGate) {
+    checkArgument(!qualityGate.isBuiltIn(), "Operation forbidden for built-in Quality Gate '%s'", qualityGate.getName());
+  }
+
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java
index c438e00e7fd..e65a5ee037e 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java
@@ -71,7 +71,6 @@ public class RenameAction implements QualityGatesWsAction {
 
   @Override
   public void handle(Request request, Response response) {
-    wsSupport.checkCanEdit();
     long id = QualityGatesWs.parseId(request, PARAM_ID);
     QualityGateDto qualityGate = rename(id, request.mandatoryParam(PARAM_NAME));
     writeProtobuf(QualityGate.newBuilder()
@@ -83,6 +82,7 @@ public class RenameAction implements QualityGatesWsAction {
   private QualityGateDto rename(long id, String name) {
     try (DbSession dbSession = dbClient.openSession(false)) {
       QualityGateDto qualityGate = qualityGateFinder.getById(dbSession, id);
+      wsSupport.checkCanEdit(qualityGate);
       checkArgument(!isNullOrEmpty(name), CANT_BE_EMPTY_MESSAGE, "Name");
       checkNotAlreadyExists(dbSession, qualityGate, name);
       qualityGate.setName(name);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/RenameActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/RenameActionTest.java
index 546ddfc86c8..6f561a91c79 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/RenameActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/RenameActionTest.java
@@ -108,6 +108,20 @@ public class RenameActionTest {
   }
 
   @Test
+  public void fail_on_built_in_quality_gate() {
+    logAsQualityGateAdminister();
+    QualityGateDto qualityGate = db.qualityGates().insertQualityGate(qg -> qg.setBuiltIn(true));
+
+    expectedException.expect(IllegalArgumentException.class);
+    expectedException.expectMessage(format("Operation forbidden for built-in Quality Gate '%s'", qualityGate.getName()));
+
+    ws.newRequest()
+      .setParam("id", qualityGate.getId().toString())
+      .setParam("name", "name")
+      .execute();
+  }
+
+  @Test
   public void fail_on_empty_name() {
     logAsQualityGateAdminister();
     QualityGateDto qualityGate = db.qualityGates().insertQualityGate();