diff options
| author | Julien Lancelot <julien.lancelot@gmail.com> | 2013-06-04 12:29:23 +0200 |
|---|---|---|
| committer | Julien Lancelot <julien.lancelot@gmail.com> | 2013-06-04 12:29:23 +0200 |
| commit | ea08bd15fb9a1267264bb7f00b1e924f44889f5a (patch) | |
| tree | de2068bd49145b8840506d59aa66680208dcae1c | |
| parent | d223b2da0748ccc99862c0b39676edca07579725 (diff) | |
| download | sonarqube-ea08bd15fb9a1267264bb7f00b1e924f44889f5a.tar.gz sonarqube-ea08bd15fb9a1267264bb7f00b1e924f44889f5a.zip | |
SONAR-3755 Add security on action plan
23 files changed, 248 insertions, 155 deletions
diff --git a/sonar-batch/src/main/java/org/sonar/batch/issue/ScanIssueStorage.java b/sonar-batch/src/main/java/org/sonar/batch/issue/ScanIssueStorage.java index bd67db25566..72adc7c24b2 100644 --- a/sonar-batch/src/main/java/org/sonar/batch/issue/ScanIssueStorage.java +++ b/sonar-batch/src/main/java/org/sonar/batch/issue/ScanIssueStorage.java @@ -42,7 +42,7 @@ public class ScanIssueStorage extends IssueStorage implements BatchComponent { } @Override - protected int componentId(DefaultIssue issue) { + protected long componentId(DefaultIssue issue) { Snapshot snapshot = getSnapshot(issue); if (snapshot != null) { return snapshot.getResourceId(); @@ -53,11 +53,11 @@ public class ScanIssueStorage extends IssueStorage implements BatchComponent { if (resourceDto == null) { throw new IllegalStateException("Unknown component: " + issue.componentKey()); } - return resourceDto.getId().intValue(); + return resourceDto.getId(); } @Override - protected int projectId(DefaultIssue issue) { + protected long projectId(DefaultIssue issue) { Snapshot snapshot = getSnapshot(issue); if (snapshot != null) { return snapshot.getRootProjectId(); diff --git a/sonar-batch/src/test/java/org/sonar/batch/issue/ScanIssueStorageTest.java b/sonar-batch/src/test/java/org/sonar/batch/issue/ScanIssueStorageTest.java index 9f99ac5206c..485fd846e57 100644 --- a/sonar-batch/src/test/java/org/sonar/batch/issue/ScanIssueStorageTest.java +++ b/sonar-batch/src/test/java/org/sonar/batch/issue/ScanIssueStorageTest.java @@ -44,7 +44,7 @@ public class ScanIssueStorageTest extends AbstractDaoTestCase { when(snapshotCache.get("struts:Action.java")).thenReturn(new Snapshot().setResourceId(123)); ScanIssueStorage storage = new ScanIssueStorage(getMyBatis(), new FakeRuleFinder(), snapshotCache, new ResourceDao(getMyBatis())); - int componentId = storage.componentId(new DefaultIssue().setComponentKey("struts:Action.java")); + long componentId = storage.componentId(new DefaultIssue().setComponentKey("struts:Action.java")); assertThat(componentId).isEqualTo(123); } @@ -56,7 +56,7 @@ public class ScanIssueStorageTest extends AbstractDaoTestCase { when(snapshotCache.get("struts:Action.java")).thenReturn(null); ScanIssueStorage storage = new ScanIssueStorage(getMyBatis(), new FakeRuleFinder(), snapshotCache, new ResourceDao(getMyBatis())); - int componentId = storage.componentId(new DefaultIssue().setComponentKey("struts:Action.java")); + long componentId = storage.componentId(new DefaultIssue().setComponentKey("struts:Action.java")); assertThat(componentId).isEqualTo(123); } @@ -82,7 +82,7 @@ public class ScanIssueStorageTest extends AbstractDaoTestCase { when(snapshotCache.get("struts:Action.java")).thenReturn(new Snapshot().setResourceId(123).setRootProjectId(100)); ScanIssueStorage storage = new ScanIssueStorage(getMyBatis(), new FakeRuleFinder(), snapshotCache, new ResourceDao(getMyBatis())); - int projectId = storage.projectId(new DefaultIssue().setComponentKey("struts:Action.java")); + long projectId = storage.projectId(new DefaultIssue().setComponentKey("struts:Action.java")); assertThat(projectId).isEqualTo(100); } diff --git a/sonar-core/src/main/java/org/sonar/core/issue/db/IssueDto.java b/sonar-core/src/main/java/org/sonar/core/issue/db/IssueDto.java index 859711389cc..412d4deb26f 100644 --- a/sonar-core/src/main/java/org/sonar/core/issue/db/IssueDto.java +++ b/sonar-core/src/main/java/org/sonar/core/issue/db/IssueDto.java @@ -40,8 +40,8 @@ public final class IssueDto implements Serializable { private Long id; private String kee; - private Integer componentId; - private Integer rootComponentId; + private Long componentId; + private Long rootComponentId; private Integer ruleId; private String severity; private boolean manualSeverity; @@ -90,20 +90,20 @@ public final class IssueDto implements Serializable { return this; } - public Integer getComponentId() { + public Long getComponentId() { return componentId; } - public IssueDto setComponentId(Integer componentId) { + public IssueDto setComponentId(Long componentId) { this.componentId = componentId; return this; } - public Integer getRootComponentId() { + public Long getRootComponentId() { return rootComponentId; } - public IssueDto setRootComponentId(Integer rootComponentId) { + public IssueDto setRootComponentId(Long rootComponentId) { this.rootComponentId = rootComponentId; return this; } @@ -335,7 +335,7 @@ public final class IssueDto implements Serializable { return ToStringBuilder.reflectionToString(this, ToStringStyle.SHORT_PREFIX_STYLE); } - public static IssueDto toDtoForInsert(DefaultIssue issue, Integer componentId, Integer rootComponentId, Integer ruleId, Date now) { + public static IssueDto toDtoForInsert(DefaultIssue issue, Long componentId, Long rootComponentId, Integer ruleId, Date now) { return new IssueDto() .setKee(issue.key()) .setLine(issue.line()) diff --git a/sonar-core/src/main/java/org/sonar/core/issue/db/IssueStorage.java b/sonar-core/src/main/java/org/sonar/core/issue/db/IssueStorage.java index 288fc02aa6a..eddc19c23f7 100644 --- a/sonar-core/src/main/java/org/sonar/core/issue/db/IssueStorage.java +++ b/sonar-core/src/main/java/org/sonar/core/issue/db/IssueStorage.java @@ -57,8 +57,8 @@ public abstract class IssueStorage { List<DefaultIssue> conflicts = Lists.newArrayList(); for (DefaultIssue issue : issues) { if (issue.isNew()) { - int componentId = componentId(issue); - int projectId = projectId(issue); + long componentId = componentId(issue); + long projectId = projectId(issue); int ruleId = ruleId(issue); IssueDto dto = IssueDto.toDtoForInsert(issue, componentId, projectId, ruleId, now); issueMapper.insert(dto); @@ -95,9 +95,9 @@ public abstract class IssueStorage { } } - protected abstract int componentId(DefaultIssue issue); + protected abstract long componentId(DefaultIssue issue); - protected abstract int projectId(DefaultIssue issue); + protected abstract long projectId(DefaultIssue issue); private int ruleId(Issue issue) { Rule rule = ruleFinder.findByKey(issue.ruleKey()); diff --git a/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java b/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java index e893f2970f8..d87ee7c7014 100644 --- a/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java +++ b/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java @@ -136,13 +136,13 @@ public class ResourceDao { return this; } - public Collection<Component> findByIds(Collection<Integer> ids) { + public Collection<Component> findByIds(Collection<Long> ids) { if (ids.isEmpty()) { return Collections.emptyList(); } SqlSession session = mybatis.openSession(); try { - List <List<Integer>> idsPartition = Lists.partition(newArrayList(ids), 1000); + List <List<Long>> idsPartition = Lists.partition(newArrayList(ids), 1000); Collection<ResourceDto> resources = session.getMapper(ResourceMapper.class).selectResourcesById(idsPartition); Collection<Component> components = newArrayList(); for (ResourceDto resourceDto : resources) { diff --git a/sonar-core/src/main/java/org/sonar/core/resource/ResourceMapper.java b/sonar-core/src/main/java/org/sonar/core/resource/ResourceMapper.java index 2d1c7429d21..05b68a913ee 100644 --- a/sonar-core/src/main/java/org/sonar/core/resource/ResourceMapper.java +++ b/sonar-core/src/main/java/org/sonar/core/resource/ResourceMapper.java @@ -54,7 +54,7 @@ public interface ResourceMapper { /** * @since3.6 */ - List<ResourceDto> selectResourcesById(@Param("ids") List <List<Integer>> ids); + List<ResourceDto> selectResourcesById(@Param("ids") List <List<Long>> ids); /** * @since 3.6 diff --git a/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java b/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java index 9581646c74e..19be037eedd 100644 --- a/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java +++ b/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java @@ -41,7 +41,7 @@ public class AuthorizationDao implements ServerComponent { this.mybatis = mybatis; } - public Set<Integer> keepAuthorizedComponentIds(Set<Integer> componentIds, @Nullable Integer userId, String role) { + public Set<Long> keepAuthorizedComponentIds(Set<Long> componentIds, @Nullable Integer userId, String role) { SqlSession session = mybatis.openSession(); try { return keepAuthorizedComponentIds(componentIds, userId, role, session); @@ -51,13 +51,13 @@ public class AuthorizationDao implements ServerComponent { } } - public Set<Integer> keepAuthorizedComponentIds(Set<Integer> componentIds, @Nullable Integer userId, String role, SqlSession session) { + public Set<Long> keepAuthorizedComponentIds(Set<Long> componentIds, @Nullable Integer userId, String role, SqlSession session) { if (componentIds.isEmpty()) { return Collections.emptySet(); } String sql; Map<String, Object> params; - List<List<Integer>> componentIdsPartition = Lists.partition(newArrayList(componentIds), 1000); + List<List<Long>> componentIdsPartition = Lists.partition(newArrayList(componentIds), 1000); if (userId == null) { sql = "keepAuthorizedComponentIdsForAnonymous"; params = ImmutableMap.of("role", role, "componentIds", componentIdsPartition); @@ -66,14 +66,14 @@ public class AuthorizationDao implements ServerComponent { params = ImmutableMap.of("userId", userId, "role", role, "componentIds", componentIdsPartition); } - return Sets.newHashSet(session.<Integer>selectList(sql, params)); + return Sets.newHashSet(session.<Long>selectList(sql, params)); } - public boolean isAuthorizedComponentId(int componentId, @Nullable Integer userId, String role) { + public boolean isAuthorizedComponentId(long componentId, @Nullable Integer userId, String role) { return keepAuthorizedComponentIds(Sets.newHashSet(componentId), userId, role).size() == 1; } - public Collection<Integer> selectAuthorizedRootProjectsIds(@Nullable Integer userId, String role) { + public Collection<Long> selectAuthorizedRootProjectsIds(@Nullable Integer userId, String role) { SqlSession session = mybatis.openSession(); try { return selectAuthorizedRootProjectsIds(userId, role, session); @@ -83,7 +83,7 @@ public class AuthorizationDao implements ServerComponent { } } - public Collection<Integer> selectAuthorizedRootProjectsIds(@Nullable Integer userId, String role, SqlSession session) { + public Collection<Long> selectAuthorizedRootProjectsIds(@Nullable Integer userId, String role, SqlSession session) { String sql; Map<String, Object> params = newHashMap(); sql = "selectAuthorizedRootProjectsIds"; diff --git a/sonar-core/src/main/resources/org/sonar/core/user/AuthorizationMapper.xml b/sonar-core/src/main/resources/org/sonar/core/user/AuthorizationMapper.xml index 3cb464c72ca..2dfbded21f3 100644 --- a/sonar-core/src/main/resources/org/sonar/core/user/AuthorizationMapper.xml +++ b/sonar-core/src/main/resources/org/sonar/core/user/AuthorizationMapper.xml @@ -3,7 +3,7 @@ <mapper namespace="org.sonar.core.user.AuthorizationMapper"> - <select id="keepAuthorizedComponentIdsForUser" parameterType="map" resultType="int"> + <select id="keepAuthorizedComponentIdsForUser" parameterType="map" resultType="long"> SELECT s.project_id FROM group_roles gr, snapshots s WHERE @@ -31,7 +31,7 @@ and s.islast = ${_true} </select> - <select id="keepAuthorizedComponentIdsForAnonymous" parameterType="map" resultType="int"> + <select id="keepAuthorizedComponentIdsForAnonymous" parameterType="map" resultType="long"> SELECT s.project_id FROM group_roles gr, snapshots s WHERE @@ -45,7 +45,7 @@ </foreach> </select> - <select id="selectAuthorizedRootProjectsIds" parameterType="map" resultType="int"> + <select id="selectAuthorizedRootProjectsIds" parameterType="map" resultType="long"> <include refid="selectAuthorizedRootProjectsIdsQuery" /> </select> diff --git a/sonar-core/src/test/java/org/sonar/core/issue/db/IssueDtoTest.java b/sonar-core/src/test/java/org/sonar/core/issue/db/IssueDtoTest.java index 9ddca6043fa..1e6a16b2529 100644 --- a/sonar-core/src/test/java/org/sonar/core/issue/db/IssueDtoTest.java +++ b/sonar-core/src/test/java/org/sonar/core/issue/db/IssueDtoTest.java @@ -59,8 +59,8 @@ public class IssueDtoTest { .setRuleKey_unit_test_only("squid", "AvoidCycle") .setComponentKey_unit_test_only("org.sonar.sample:Sample") .setRootComponentKey_unit_test_only("org.sonar.sample") - .setComponentId(1) - .setRootComponentId(1) + .setComponentId(1l) + .setRootComponentId(1l) .setStatus(Issue.STATUS_CLOSED) .setResolution(Issue.RESOLUTION_FALSE_POSITIVE) .setEffortToFix(15.0) diff --git a/sonar-core/src/test/java/org/sonar/core/issue/db/IssueMapperTest.java b/sonar-core/src/test/java/org/sonar/core/issue/db/IssueMapperTest.java index b026bbadce6..8311558009f 100644 --- a/sonar-core/src/test/java/org/sonar/core/issue/db/IssueMapperTest.java +++ b/sonar-core/src/test/java/org/sonar/core/issue/db/IssueMapperTest.java @@ -39,8 +39,8 @@ public class IssueMapperTest extends AbstractDaoTestCase { @Test public void testInsert() throws Exception { IssueDto dto = new IssueDto(); - dto.setComponentId(123); - dto.setRootComponentId(100); + dto.setComponentId(123l); + dto.setRootComponentId(100l); dto.setRuleId(200); dto.setKee("ABCDE"); dto.setLine(500); @@ -73,8 +73,8 @@ public class IssueMapperTest extends AbstractDaoTestCase { setupData("testUpdate"); IssueDto dto = new IssueDto(); - dto.setComponentId(123); - dto.setRootComponentId(100); + dto.setComponentId(123l); + dto.setRootComponentId(100l); dto.setRuleId(200); dto.setKee("ABCDE"); dto.setLine(500); diff --git a/sonar-core/src/test/java/org/sonar/core/issue/db/IssueStorageTest.java b/sonar-core/src/test/java/org/sonar/core/issue/db/IssueStorageTest.java index 8e89df64839..b65d623e911 100644 --- a/sonar-core/src/test/java/org/sonar/core/issue/db/IssueStorageTest.java +++ b/sonar-core/src/test/java/org/sonar/core/issue/db/IssueStorageTest.java @@ -115,13 +115,13 @@ public class IssueStorageTest extends AbstractDaoTestCase { } @Override - protected int componentId(DefaultIssue issue) { - return 100; + protected long componentId(DefaultIssue issue) { + return 100l; } @Override - protected int projectId(DefaultIssue issue) { - return 10; + protected long projectId(DefaultIssue issue) { + return 10l; } } diff --git a/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java b/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java index 458dd84f423..77146477c3e 100644 --- a/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java +++ b/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java @@ -152,7 +152,7 @@ public class ResourceDaoTest extends AbstractDaoTestCase { public void should_find_components_by_resource_ids() { setupData("fixture"); - Collection<Component> results = dao.findByIds(newArrayList(1)); + Collection<Component> results = dao.findByIds(newArrayList(1l)); assertThat(results).hasSize(1); Component component = results.iterator().next(); assertThat(component.key()).isNotNull(); diff --git a/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java b/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java index 394291783f7..42746971ac1 100644 --- a/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java +++ b/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java @@ -31,7 +31,7 @@ import static org.fest.assertions.Assertions.assertThat; public class AuthorizationDaoTest extends AbstractDaoTestCase { private static final int USER = 100; - private static final int PROJECT = 300, PACKAGE = 301, FILE = 302, FILE_IN_OTHER_PROJECT = 999; + private static final long PROJECT = 300l, PACKAGE = 301l, FILE = 302l, FILE_IN_OTHER_PROJECT = 999l; @Test public void user_should_be_authorized() { @@ -39,15 +39,15 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase { setupData("user_should_be_authorized"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); - Set<Integer> componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), + Set<Long> componentIds = authorization.keepAuthorizedComponentIds( + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), USER, "user"); assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE); // user does not have the role "admin" componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE), + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE), USER, "admin"); assertThat(componentIds).isEmpty(); } @@ -58,15 +58,15 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase { setupData("group_should_be_authorized"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); - Set<Integer> componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), + Set<Long> componentIds = authorization.keepAuthorizedComponentIds( + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), USER, "user"); assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE); // group does not have the role "admin" componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), USER, "admin"); assertThat(componentIds).isEmpty(); } @@ -77,15 +77,15 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase { setupData("group_should_have_global_authorization"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); - Set<Integer> componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), + Set<Long> componentIds = authorization.keepAuthorizedComponentIds( + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), USER, "user"); assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE); // group does not have the role "admin" componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), USER, "admin"); assertThat(componentIds).isEmpty(); } @@ -95,15 +95,15 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase { setupData("anonymous_should_be_authorized"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); - Set<Integer> componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), + Set<Long> componentIds = authorization.keepAuthorizedComponentIds( + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), null, "user"); assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE); // group does not have the role "admin" componentIds = authorization.keepAuthorizedComponentIds( - Sets.<Integer>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), + Sets.<Long>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), null, "admin"); assertThat(componentIds).isEmpty(); } @@ -113,7 +113,7 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase { setupData("should_return_root_project_ids_for_user"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); - Collection<Integer> rootProjectIds = authorization.selectAuthorizedRootProjectsIds(USER, "user"); + Collection<Long> rootProjectIds = authorization.selectAuthorizedRootProjectsIds(USER, "user"); assertThat(rootProjectIds).containsOnly(PROJECT); @@ -128,7 +128,7 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase { setupData("should_return_root_project_ids_for_group"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); - Collection<Integer> rootProjectIds = authorization.selectAuthorizedRootProjectsIds(USER, "user"); + Collection<Long> rootProjectIds = authorization.selectAuthorizedRootProjectsIds(USER, "user"); assertThat(rootProjectIds).containsOnly(PROJECT); @@ -142,7 +142,7 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase { setupData("should_return_root_project_ids_for_anonymous"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); - Collection<Integer> rootProjectIds = authorization.selectAuthorizedRootProjectsIds(null, "user"); + Collection<Long> rootProjectIds = authorization.selectAuthorizedRootProjectsIds(null, "user"); assertThat(rootProjectIds).containsOnly(PROJECT); diff --git a/sonar-server/src/main/java/org/sonar/server/issue/ActionPlanService.java b/sonar-server/src/main/java/org/sonar/server/issue/ActionPlanService.java index ee024f6bb58..8e8331096e1 100644 --- a/sonar-server/src/main/java/org/sonar/server/issue/ActionPlanService.java +++ b/sonar-server/src/main/java/org/sonar/server/issue/ActionPlanService.java @@ -24,6 +24,7 @@ import com.google.common.base.Function; import com.google.common.collect.Iterables; import org.sonar.api.ServerComponent; import org.sonar.api.issue.ActionPlan; +import org.sonar.api.web.UserRole; import org.sonar.core.issue.ActionPlanDeadlineComparator; import org.sonar.core.issue.ActionPlanStats; import org.sonar.core.issue.db.ActionPlanDao; @@ -33,6 +34,8 @@ import org.sonar.core.issue.db.ActionPlanStatsDto; import org.sonar.core.resource.ResourceDao; import org.sonar.core.resource.ResourceDto; import org.sonar.core.resource.ResourceQuery; +import org.sonar.core.user.AuthorizationDao; +import org.sonar.server.user.UserSession; import javax.annotation.CheckForNull; @@ -51,32 +54,38 @@ public class ActionPlanService implements ServerComponent { private final ActionPlanDao actionPlanDao; private final ActionPlanStatsDao actionPlanStatsDao; private final ResourceDao resourceDao; + private final AuthorizationDao authorizationDao; - public ActionPlanService(ActionPlanDao actionPlanDao, ActionPlanStatsDao actionPlanStatsDao, ResourceDao resourceDao) { + public ActionPlanService(ActionPlanDao actionPlanDao, ActionPlanStatsDao actionPlanStatsDao, ResourceDao resourceDao, AuthorizationDao authorizationDao) { this.actionPlanDao = actionPlanDao; this.actionPlanStatsDao = actionPlanStatsDao; this.resourceDao = resourceDao; + this.authorizationDao = authorizationDao; } - public ActionPlan create(ActionPlan actionPlan){ - actionPlanDao.save(ActionPlanDto.toActionDto(actionPlan, findComponent(actionPlan.projectKey()).getId())); + public ActionPlan create(ActionPlan actionPlan, UserSession userSession) { + ResourceDto project = findProject(actionPlan.projectKey()); + checkAuthorization(userSession, project, UserRole.ADMIN); + actionPlanDao.save(ActionPlanDto.toActionDto(actionPlan, project.getId())); return actionPlan; } - public ActionPlan update(ActionPlan actionPlan){ - actionPlanDao.update(ActionPlanDto.toActionDto(actionPlan, findComponent(actionPlan.projectKey()).getId())); + public ActionPlan update(ActionPlan actionPlan, UserSession userSession) { + ResourceDto project = findProject(actionPlan.projectKey()); + checkAuthorization(userSession, project, UserRole.ADMIN); + actionPlanDao.update(ActionPlanDto.toActionDto(actionPlan, project.getId())); return actionPlan; } - public void delete(String key){ - actionPlanDao.delete(key); + public void delete(String actionPlanKey, UserSession userSession) { + checkAuthorization(userSession, findActionPlanDto(actionPlanKey).getProjectKey(), UserRole.ADMIN); + actionPlanDao.delete(actionPlanKey); } - public ActionPlan setStatus(String key, String status){ - ActionPlanDto actionPlanDto = actionPlanDao.findByKey(key); - if (actionPlanDto == null) { - throw new IllegalArgumentException("Action plan " + key + " has not been found."); - } + public ActionPlan setStatus(String actionPlanKey, String status, UserSession userSession) { + ActionPlanDto actionPlanDto = findActionPlanDto(actionPlanKey); + checkAuthorization(userSession, actionPlanDto.getProjectKey(), UserRole.ADMIN); + actionPlanDto.setStatus(status); actionPlanDto.setCreatedAt(new Date()); actionPlanDao.update(actionPlanDto); @@ -84,11 +93,12 @@ public class ActionPlanService implements ServerComponent { } @CheckForNull - public ActionPlan findByKey(String key) { + public ActionPlan findByKey(String key, UserSession userSession) { ActionPlanDto actionPlanDto = actionPlanDao.findByKey(key); if (actionPlanDto == null) { return null; } + checkAuthorization(userSession, actionPlanDto.getProjectKey(), UserRole.USER); return actionPlanDto.toActionPlan(); } @@ -97,15 +107,21 @@ public class ActionPlanService implements ServerComponent { return toActionPlans(actionPlanDtos); } - public Collection<ActionPlan> findOpenByComponentKey(String componentKey) { - List<ActionPlanDto> dtos = actionPlanDao.findOpenByProjectId(findRootProject(componentKey).getId()); + public Collection<ActionPlan> findOpenByProjectKey(String projectKey, UserSession userSession) { + ResourceDto project = findProject(projectKey); + checkAuthorization(userSession, project, UserRole.USER); + + List<ActionPlanDto> dtos = actionPlanDao.findOpenByProjectId(project.getId()); List<ActionPlan> plans = toActionPlans(dtos); Collections.sort(plans, new ActionPlanDeadlineComparator()); return plans; } - public List<ActionPlanStats> findActionPlanStats(String projectKey) { - List<ActionPlanStatsDto> actionPlanStatsDtos = actionPlanStatsDao.findByProjectId(findComponent(projectKey).getId()); + public List<ActionPlanStats> findActionPlanStats(String projectKey, UserSession userSession) { + ResourceDto project = findProject(projectKey); + checkAuthorization(userSession, project, UserRole.USER); + + List<ActionPlanStatsDto> actionPlanStatsDtos = actionPlanStatsDao.findByProjectId(project.getId()); List<ActionPlanStats> actionPlanStats = newArrayList(Iterables.transform(actionPlanStatsDtos, new Function<ActionPlanStatsDto, ActionPlanStats>() { @Override public ActionPlanStats apply(ActionPlanStatsDto actionPlanStatsDto) { @@ -117,7 +133,7 @@ public class ActionPlanService implements ServerComponent { } public boolean isNameAlreadyUsedForProject(String name, String projectKey) { - return !actionPlanDao.findByNameAndProjectId(name, findComponent(projectKey).getId()).isEmpty(); + return !actionPlanDao.findByNameAndProjectId(name, findProject(projectKey).getId()).isEmpty(); } private List<ActionPlan> toActionPlans(List<ActionPlanDto> actionPlanDtos) { @@ -129,19 +145,34 @@ public class ActionPlanService implements ServerComponent { })); } - private ResourceDto findComponent(String componentKey){ - ResourceDto resourceDto = resourceDao.getResource(ResourceQuery.create().setKey(componentKey)); - if (resourceDto == null) { - throw new IllegalArgumentException("Component " + componentKey + " does not exists."); + private ActionPlanDto findActionPlanDto(String actionPlanKey) { + ActionPlanDto actionPlanDto = actionPlanDao.findByKey(actionPlanKey); + if (actionPlanDto == null) { + throw new IllegalArgumentException("Action plan " + actionPlanKey + " has not been found."); } - return resourceDto; + return actionPlanDto; } - private ResourceDto findRootProject(String componentKey){ - ResourceDto resourceDto = resourceDao.getRootProjectByComponentKey(componentKey); + private ResourceDto findProject(String projectKey) { + ResourceDto resourceDto = resourceDao.getResource(ResourceQuery.create().setKey(projectKey)); if (resourceDto == null) { - throw new IllegalArgumentException("Component " + componentKey + " does not exists."); + throw new IllegalArgumentException("Project " + projectKey + " does not exists."); } return resourceDto; } + + private void checkAuthorization(UserSession userSession, String projectKey, String requiredRole) { + checkAuthorization(userSession, findProject(projectKey), requiredRole); + } + + private void checkAuthorization(UserSession userSession, ResourceDto project, String requiredRole) { + if (!userSession.isLoggedIn()) { + // must be logged + throw new IllegalStateException("User is not logged in"); + } + if (!authorizationDao.isAuthorizedComponentId(project.getId(), userSession.userId(), requiredRole)) { + throw new IllegalStateException("User does not have the required role to access the project: " + project.getKey()); + } + } + } diff --git a/sonar-server/src/main/java/org/sonar/server/issue/DefaultIssueFinder.java b/sonar-server/src/main/java/org/sonar/server/issue/DefaultIssueFinder.java index b3bcd0f6885..5fdd5b54e04 100644 --- a/sonar-server/src/main/java/org/sonar/server/issue/DefaultIssueFinder.java +++ b/sonar-server/src/main/java/org/sonar/server/issue/DefaultIssueFinder.java @@ -88,7 +88,7 @@ public class DefaultIssueFinder implements IssueFinder { throw new IllegalStateException("Unknown issue: " + issueKey); } if (!authorizationDao.isAuthorizedComponentId(dto.getComponentId(), UserSession.get().userId(), requiredRole)) { - throw new IllegalStateException("User does not have the role " + requiredRole + " required to change the issue: " + issueKey); + throw new IllegalStateException("User does not have the required role required to change the issue: " + issueKey); } return dto.toDefaultIssue(); } @@ -115,8 +115,8 @@ public class DefaultIssueFinder implements IssueFinder { Map<String, DefaultIssue> issuesByKey = newHashMap(); List<Issue> issues = newArrayList(); Set<Integer> ruleIds = Sets.newHashSet(); - Set<Integer> componentIds = Sets.newHashSet(); - Set<Integer> projectIds = Sets.newHashSet(); + Set<Long> componentIds = Sets.newHashSet(); + Set<Long> projectIds = Sets.newHashSet(); Set<String> actionPlanKeys = Sets.newHashSet(); Set<String> users = Sets.newHashSet(); for (IssueDto dto : pagedSortedIssues) { @@ -185,11 +185,11 @@ public class DefaultIssueFinder implements IssueFinder { return userFinder.findByLogins(Lists.newArrayList(logins)); } - private Collection<Component> findComponents(Set<Integer> componentIds) { + private Collection<Component> findComponents(Set<Long> componentIds) { return resourceDao.findByIds(componentIds); } - private Collection<Component> findProjects(Set<Integer> projectIds) { + private Collection<Component> findProjects(Set<Long> projectIds) { return resourceDao.findByIds(projectIds); } diff --git a/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java b/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java index 8a7e3231c8c..24e5f67f0f3 100644 --- a/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java +++ b/sonar-server/src/main/java/org/sonar/server/issue/InternalRubyIssueService.java @@ -201,32 +201,28 @@ public class InternalRubyIssueService implements ServerComponent { return result; } - public Collection<ActionPlan> findOpenActionPlansForComponent(String componentKey) { - return actionPlanService.findOpenByComponentKey(componentKey); + public Collection<ActionPlan> findOpenActionPlans(String projectKey) { + return actionPlanService.findOpenByProjectKey(projectKey, UserSession.get()); } public ActionPlan findActionPlan(String actionPlanKey) { - return actionPlanService.findByKey(actionPlanKey); + return actionPlanService.findByKey(actionPlanKey, UserSession.get()); } public List<ActionPlanStats> findActionPlanStats(String projectKey) { - return actionPlanService.findActionPlanStats(projectKey); + return actionPlanService.findActionPlanStats(projectKey, UserSession.get()); } public Result<ActionPlan> createActionPlan(Map<String, String> parameters) { - // TODO verify authorization - Result<ActionPlan> result = createActionPlanResult(parameters); if (result.ok()) { - result.set(actionPlanService.create(result.get())); + result.set(actionPlanService.create(result.get(), UserSession.get())); } return result; } public Result<ActionPlan> updateActionPlan(String key, Map<String, String> parameters) { - // TODO verify authorization - - DefaultActionPlan existingActionPlan = (DefaultActionPlan) actionPlanService.findByKey(key); + DefaultActionPlan existingActionPlan = (DefaultActionPlan) actionPlanService.findByKey(key, UserSession.get()); if (existingActionPlan == null) { Result<ActionPlan> result = Result.of(); result.addError(Result.Message.ofL10n("action_plans.errors.action_plan_does_not_exist", key)); @@ -237,35 +233,32 @@ public class InternalRubyIssueService implements ServerComponent { DefaultActionPlan actionPlan = (DefaultActionPlan) result.get(); actionPlan.setKey(existingActionPlan.key()); actionPlan.setUserLogin(existingActionPlan.userLogin()); - result.set(actionPlanService.update(actionPlan)); + result.set(actionPlanService.update(actionPlan, UserSession.get())); } return result; } } public Result<ActionPlan> closeActionPlan(String actionPlanKey) { - // TODO verify authorization Result<ActionPlan> result = createResultForExistingActionPlan(actionPlanKey); if (result.ok()) { - result.set(actionPlanService.setStatus(actionPlanKey, ActionPlan.STATUS_CLOSED)); + result.set(actionPlanService.setStatus(actionPlanKey, ActionPlan.STATUS_CLOSED, UserSession.get())); } return result; } public Result<ActionPlan> openActionPlan(String actionPlanKey) { - // TODO verify authorization Result<ActionPlan> result = createResultForExistingActionPlan(actionPlanKey); if (result.ok()) { - result.set(actionPlanService.setStatus(actionPlanKey, ActionPlan.STATUS_OPEN)); + result.set(actionPlanService.setStatus(actionPlanKey, ActionPlan.STATUS_OPEN, UserSession.get())); } return result; } public Result<ActionPlan> deleteActionPlan(String actionPlanKey) { - // TODO verify authorization Result<ActionPlan> result = createResultForExistingActionPlan(actionPlanKey); if (result.ok()) { - actionPlanService.delete(actionPlanKey); + actionPlanService.delete(actionPlanKey, UserSession.get()); } return result; } diff --git a/sonar-server/src/main/java/org/sonar/server/issue/IssueService.java b/sonar-server/src/main/java/org/sonar/server/issue/IssueService.java index ee8e177b9f1..5a146420b9a 100644 --- a/sonar-server/src/main/java/org/sonar/server/issue/IssueService.java +++ b/sonar-server/src/main/java/org/sonar/server/issue/IssueService.java @@ -120,7 +120,7 @@ public class IssueService implements ServerComponent { } public Issue plan(String issueKey, @Nullable String actionPlanKey, UserSession userSession) { - if (!Strings.isNullOrEmpty(actionPlanKey) && actionPlanService.findByKey(actionPlanKey) == null) { + if (!Strings.isNullOrEmpty(actionPlanKey) && actionPlanService.findByKey(actionPlanKey, userSession) == null) { throw new IllegalStateException("Unknown action plan: " + actionPlanKey); } diff --git a/sonar-server/src/main/java/org/sonar/server/issue/ServerIssueStorage.java b/sonar-server/src/main/java/org/sonar/server/issue/ServerIssueStorage.java index 447a62a9d19..ad1fce39df3 100644 --- a/sonar-server/src/main/java/org/sonar/server/issue/ServerIssueStorage.java +++ b/sonar-server/src/main/java/org/sonar/server/issue/ServerIssueStorage.java @@ -38,20 +38,20 @@ public class ServerIssueStorage extends IssueStorage implements ServerComponent } @Override - protected int componentId(DefaultIssue issue) { + protected long componentId(DefaultIssue issue) { ResourceDto resourceDto = resourceDao.getResource(ResourceQuery.create().setKey(issue.componentKey())); if (resourceDto == null) { throw new IllegalStateException("Unknown component: " + issue.componentKey()); } - return resourceDto.getId().intValue(); + return resourceDto.getId(); } @Override - protected int projectId(DefaultIssue issue) { + protected long projectId(DefaultIssue issue) { ResourceDto resourceDto = resourceDao.getRootProjectByComponentKey(issue.componentKey()); if (resourceDto == null) { throw new IllegalStateException("Unknown component: " + issue.componentKey()); } - return resourceDto.getId().intValue(); + return resourceDto.getId(); } } diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_plan_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_plan_form.html.erb index 9bb65fc8048..894eb63edd6 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_plan_form.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/issue/_plan_form.html.erb @@ -1,13 +1,13 @@ <% plans_select_box_id = "plans-#{params[:issue]}" - plans = Internal.issues.findOpenActionPlansForComponent(@issue.componentKey()) + plans = Internal.issues.findOpenActionPlans(@issue.componentKey()) if plans.empty? %> <% if is_admin? %> <span class="error"><%= message('issue.plan.error.plan_must_be_created_first_for_admin', - :params => ApplicationController.root_context + '/action_plans/index/' + @issue.projectKey()) -%></span> + :params => ApplicationController.root_context + '/action_plans/index/' + @issue_result.project(@issue).key()) -%></span> <% else %> <span class="error"><%= message('issue.plan.error.plan_must_be_created_first_for_other') -%></span> <% end %> diff --git a/sonar-server/src/test/java/org/sonar/server/issue/ActionPlanServiceTest.java b/sonar-server/src/test/java/org/sonar/server/issue/ActionPlanServiceTest.java index f44aa68d721..67f5bf86917 100644 --- a/sonar-server/src/test/java/org/sonar/server/issue/ActionPlanServiceTest.java +++ b/sonar-server/src/test/java/org/sonar/server/issue/ActionPlanServiceTest.java @@ -23,6 +23,7 @@ package org.sonar.server.issue; import org.junit.Before; import org.junit.Test; import org.sonar.api.issue.ActionPlan; +import org.sonar.api.web.UserRole; import org.sonar.core.issue.ActionPlanStats; import org.sonar.core.issue.DefaultActionPlan; import org.sonar.core.issue.db.ActionPlanDao; @@ -32,6 +33,8 @@ import org.sonar.core.issue.db.ActionPlanStatsDto; import org.sonar.core.resource.ResourceDao; import org.sonar.core.resource.ResourceDto; import org.sonar.core.resource.ResourceQuery; +import org.sonar.core.user.AuthorizationDao; +import org.sonar.server.user.UserSession; import java.util.Collection; @@ -45,11 +48,18 @@ public class ActionPlanServiceTest { private ActionPlanDao actionPlanDao = mock(ActionPlanDao.class); private ActionPlanStatsDao actionPlanStatsDao = mock(ActionPlanStatsDao.class); private ResourceDao resourceDao = mock(ResourceDao.class); + private AuthorizationDao authorizationDao = mock(AuthorizationDao.class); + private UserSession userSession = mock(UserSession.class); + private ActionPlanService actionPlanService; @Before public void before() { - actionPlanService = new ActionPlanService(actionPlanDao, actionPlanStatsDao, resourceDao); + when(userSession.isLoggedIn()).thenReturn(true); + when(userSession.userId()).thenReturn(10); + when(authorizationDao.isAuthorizedComponentId(anyLong(), eq(10), anyString())).thenReturn(true); + + actionPlanService = new ActionPlanService(actionPlanDao, actionPlanStatsDao, resourceDao, authorizationDao); } @Test @@ -57,15 +67,45 @@ public class ActionPlanServiceTest { when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); ActionPlan actionPlan = DefaultActionPlan.create("Long term"); - actionPlanService.create(actionPlan); + actionPlanService.create(actionPlan, userSession); verify(actionPlanDao).save(any(ActionPlanDto.class)); } @Test + public void should_create_required_logged_user() { + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); + ActionPlan actionPlan = DefaultActionPlan.create("Long term"); + when(userSession.isLoggedIn()).thenReturn(false); + + try { + actionPlanService.create(actionPlan, userSession); + } catch (Exception e){ + assertThat(e).isInstanceOf(IllegalStateException.class).hasMessage("User is not logged in"); + } + verifyZeroInteractions(actionPlanDao); + } + + @Test + public void should_create_required_admin_role() { + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); + ActionPlan actionPlan = DefaultActionPlan.create("Long term"); + when(authorizationDao.isAuthorizedComponentId(anyLong(), eq(10), anyString())).thenReturn(false); + + try { + actionPlanService.create(actionPlan, userSession); + } catch (Exception e){ + assertThat(e).isInstanceOf(IllegalStateException.class).hasMessage("User does not have the required role to access the project: org.sonar.Sample"); + } + verify(authorizationDao).isAuthorizedComponentId(eq(1l), eq(10), eq(UserRole.ADMIN)); + verifyZeroInteractions(actionPlanDao); + } + + @Test public void should_set_status() { when(actionPlanDao.findByKey("ABCD")).thenReturn(new ActionPlanDto().setKey("ABCD")); + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); - ActionPlan result = actionPlanService.setStatus("ABCD", "CLOSED"); + ActionPlan result = actionPlanService.setStatus("ABCD", "CLOSED", userSession); verify(actionPlanDao).update(any(ActionPlanDto.class)); assertThat(result).isNotNull(); @@ -73,15 +113,28 @@ public class ActionPlanServiceTest { } @Test + public void should_update() { + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); + ActionPlan actionPlan = DefaultActionPlan.create("Long term"); + + actionPlanService.update(actionPlan, userSession); + verify(actionPlanDao).update(any(ActionPlanDto.class)); + } + + @Test public void should_delete() { - actionPlanService.delete("ABCD"); + when(actionPlanDao.findByKey("ABCD")).thenReturn(new ActionPlanDto().setKey("ABCD")); + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); + actionPlanService.delete("ABCD", userSession); verify(actionPlanDao).delete("ABCD"); } @Test public void should_find_by_key() { when(actionPlanDao.findByKey("ABCD")).thenReturn(new ActionPlanDto().setKey("ABCD")); - ActionPlan result = actionPlanService.findByKey("ABCD"); + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); + + ActionPlan result = actionPlanService.findByKey("ABCD", userSession); assertThat(result).isNotNull(); assertThat(result.key()).isEqualTo("ABCD"); } @@ -89,7 +142,7 @@ public class ActionPlanServiceTest { @Test public void should_return_null_if_no_action_plan_when_find_by_key() { when(actionPlanDao.findByKey("ABCD")).thenReturn(null); - assertThat(actionPlanService.findByKey("ABCD")).isNull(); + assertThat(actionPlanService.findByKey("ABCD", userSession)).isNull(); } @Test @@ -102,17 +155,32 @@ public class ActionPlanServiceTest { @Test public void should_find_open_by_project_key() { - when(resourceDao.getRootProjectByComponentKey("org.sonar.Sample")).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); when(actionPlanDao.findOpenByProjectId(1l)).thenReturn(newArrayList(new ActionPlanDto().setKey("ABCD"))); - Collection<ActionPlan> results = actionPlanService.findOpenByComponentKey("org.sonar.Sample"); + Collection<ActionPlan> results = actionPlanService.findOpenByProjectKey("org.sonar.Sample", userSession); assertThat(results).hasSize(1); assertThat(results.iterator().next().key()).isEqualTo("ABCD"); } + @Test + public void should_find_open_by_project_key_required_user_role() { + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setKey("org.sonar.Sample").setId(1l)); + when(actionPlanDao.findOpenByProjectId(1l)).thenReturn(newArrayList(new ActionPlanDto().setKey("ABCD"))); + when(authorizationDao.isAuthorizedComponentId(anyLong(), eq(10), anyString())).thenReturn(false); + + try { + actionPlanService.findOpenByProjectKey("org.sonar.Sample", userSession); + } catch (Exception e){ + assertThat(e).isInstanceOf(IllegalStateException.class).hasMessage("User does not have the required role to access the project: org.sonar.Sample"); + } + verify(authorizationDao).isAuthorizedComponentId(eq(1l), eq(10), eq(UserRole.USER)); + verifyZeroInteractions(actionPlanDao); + } + @Test(expected = IllegalArgumentException.class) public void should_throw_exception_if_project_not_found_when_find_open_by_project_key() { - when(resourceDao.getRootProjectByComponentKey(anyString())).thenReturn(null); - actionPlanService.findOpenByComponentKey("<Unkown>"); + when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(null); + actionPlanService.findOpenByProjectKey("<Unkown>", userSession); } @Test @@ -120,7 +188,7 @@ public class ActionPlanServiceTest { when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(new ResourceDto().setId(1L).setKey("org.sonar.Sample")); when(actionPlanStatsDao.findByProjectId(1L)).thenReturn(newArrayList(new ActionPlanStatsDto())); - Collection<ActionPlanStats> results = actionPlanService.findActionPlanStats("org.sonar.Sample"); + Collection<ActionPlanStats> results = actionPlanService.findActionPlanStats("org.sonar.Sample", userSession); assertThat(results).hasSize(1); } @@ -128,7 +196,7 @@ public class ActionPlanServiceTest { public void should_throw_exception_if_project_not_found_when_find_open_action_plan_stats(){ when(resourceDao.getResource(any(ResourceQuery.class))).thenReturn(null); - actionPlanService.findActionPlanStats("org.sonar.Sample"); + actionPlanService.findActionPlanStats("org.sonar.Sample", userSession); } } diff --git a/sonar-server/src/test/java/org/sonar/server/issue/DefaultIssueFinderTest.java b/sonar-server/src/test/java/org/sonar/server/issue/DefaultIssueFinderTest.java index cd6ad711e0a..af2689bc7ce 100644 --- a/sonar-server/src/test/java/org/sonar/server/issue/DefaultIssueFinderTest.java +++ b/sonar-server/src/test/java/org/sonar/server/issue/DefaultIssueFinderTest.java @@ -71,12 +71,12 @@ public class DefaultIssueFinderTest { public void should_find_issues() { IssueQuery query = IssueQuery.builder().build(); - IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); - IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") @@ -98,12 +98,12 @@ public class DefaultIssueFinderTest { public void should_find_paginate_result() { IssueQuery query = IssueQuery.builder().pageSize(1).pageIndex(1).build(); - IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); - IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(135).setRootComponentId(100) + IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(135l).setRootComponentId(100l) .setComponentKey_unit_test_only("Phases.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") @@ -123,7 +123,7 @@ public class DefaultIssueFinderTest { @Test public void should_find_by_key() { - IssueDto issueDto = new IssueDto().setId(1L).setRuleId(1).setComponentId(1).setRootComponentId(100) + IssueDto issueDto = new IssueDto().setId(1L).setRuleId(1).setComponentId(1l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") @@ -143,12 +143,12 @@ public class DefaultIssueFinderTest { IssueQuery query = IssueQuery.builder().build(); - IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); - IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") @@ -171,12 +171,12 @@ public class DefaultIssueFinderTest { IssueQuery query = IssueQuery.builder().build(); - IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); - IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") @@ -198,12 +198,12 @@ public class DefaultIssueFinderTest { IssueQuery query = IssueQuery.builder().build(); - IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); - IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123).setRootComponentId(100) + IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123l).setRootComponentId(100l) .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") @@ -225,12 +225,12 @@ public class DefaultIssueFinderTest { IssueQuery query = IssueQuery.builder().build(); - IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123).setRootComponentId(100).setKee("ABC").setActionPlanKey("A") + IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123l).setRootComponentId(100l).setKee("ABC").setActionPlanKey("A") .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); - IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123).setRootComponentId(100).setKee("DEF").setActionPlanKey("B") + IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123l).setRootComponentId(100l).setKee("DEF").setActionPlanKey("B") .setComponentKey_unit_test_only("Action.java") .setRootComponentKey_unit_test_only("struts") .setRuleKey_unit_test_only("squid", "AvoidCycle") @@ -255,10 +255,10 @@ public class DefaultIssueFinderTest { IssueQuery query = IssueQuery.builder().build(); - IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123).setRootComponentId(100).setKee("ABC").setAssignee("perceval") + IssueDto issue1 = new IssueDto().setId(1L).setRuleId(50).setComponentId(123l).setRootComponentId(100l).setKee("ABC").setAssignee("perceval") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); - IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123).setRootComponentId(100).setKee("DEF").setReporter("arthur") + IssueDto issue2 = new IssueDto().setId(2L).setRuleId(50).setComponentId(123l).setRootComponentId(100l).setKee("DEF").setReporter("arthur") .setRuleKey_unit_test_only("squid", "AvoidCycle") .setStatus("OPEN").setResolution("OPEN"); List<IssueDto> dtoList = newArrayList(issue1, issue2); diff --git a/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java b/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java index 512cc97413e..0a82a2335cd 100644 --- a/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java +++ b/sonar-server/src/test/java/org/sonar/server/issue/InternalRubyIssueServiceTest.java @@ -28,6 +28,7 @@ import org.sonar.core.issue.DefaultActionPlan; import org.sonar.core.resource.ResourceDao; import org.sonar.core.resource.ResourceDto; import org.sonar.core.resource.ResourceQuery; +import org.sonar.server.user.UserSession; import java.util.Map; @@ -65,7 +66,7 @@ public class InternalRubyIssueServiceTest { Result result = internalRubyIssueService.createActionPlan(parameters); assertThat(result.ok()).isTrue(); - verify(actionPlanService).create(actionPlanCaptor.capture()); + verify(actionPlanService).create(actionPlanCaptor.capture(), any(UserSession.class)); ActionPlan actionPlan = actionPlanCaptor.getValue(); assertThat(actionPlan).isNotNull(); @@ -77,7 +78,7 @@ public class InternalRubyIssueServiceTest { @Test public void should_update_action_plan() { - when(actionPlanService.findByKey("ABCD")).thenReturn(DefaultActionPlan.create("Long term")); + when(actionPlanService.findByKey(eq("ABCD"), any(UserSession.class))).thenReturn(DefaultActionPlan.create("Long term")); Map<String, String> parameters = newHashMap(); parameters.put("name", "New Long term"); @@ -88,7 +89,7 @@ public class InternalRubyIssueServiceTest { Result result = internalRubyIssueService.updateActionPlan("ABCD", parameters); assertThat(result.ok()).isTrue(); - verify(actionPlanService).update(actionPlanCaptor.capture()); + verify(actionPlanService).update(actionPlanCaptor.capture(), any(UserSession.class)); ActionPlan actionPlan = actionPlanCaptor.getValue(); assertThat(actionPlan).isNotNull(); @@ -100,7 +101,7 @@ public class InternalRubyIssueServiceTest { @Test public void should_update_action_plan_with_new_project() { - when(actionPlanService.findByKey("ABCD")).thenReturn(DefaultActionPlan.create("Long term")); + when(actionPlanService.findByKey(eq("ABCD"), any(UserSession.class))).thenReturn(DefaultActionPlan.create("Long term")); Map<String, String> parameters = newHashMap(); parameters.put("name", "New Long term"); @@ -112,7 +113,7 @@ public class InternalRubyIssueServiceTest { Result result = internalRubyIssueService.updateActionPlan("ABCD", parameters); assertThat(result.ok()).isTrue(); - verify(actionPlanService).update(actionPlanCaptor.capture()); + verify(actionPlanService).update(actionPlanCaptor.capture(), any(UserSession.class)); ActionPlan actionPlan = actionPlanCaptor.getValue(); assertThat(actionPlan).isNotNull(); @@ -125,7 +126,7 @@ public class InternalRubyIssueServiceTest { @Test public void should_not_update_action_plan_when_action_plan_is_not_found() { - when(actionPlanService.findByKey("ABCD")).thenReturn(null); + when(actionPlanService.findByKey(eq("ABCD"), any(UserSession.class))).thenReturn(null); Result result = internalRubyIssueService.updateActionPlan("ABCD", null); assertThat(result.ok()).isFalse(); @@ -134,38 +135,38 @@ public class InternalRubyIssueServiceTest { @Test public void should_delete_action_plan() { - when(actionPlanService.findByKey("ABCD")).thenReturn(DefaultActionPlan.create("Long term")); + when(actionPlanService.findByKey(eq("ABCD"), any(UserSession.class))).thenReturn(DefaultActionPlan.create("Long term")); Result result = internalRubyIssueService.deleteActionPlan("ABCD"); - verify(actionPlanService).delete("ABCD"); + verify(actionPlanService).delete(eq("ABCD"), any(UserSession.class)); assertThat(result.ok()).isTrue(); } @Test public void should_not_delete_action_plan_if_action_plan_not_found() { - when(actionPlanService.findByKey("ABCD")).thenReturn(null); + when(actionPlanService.findByKey(eq("ABCD"), any(UserSession.class))).thenReturn(null); Result result = internalRubyIssueService.deleteActionPlan("ABCD"); - verify(actionPlanService, never()).delete("ABCD"); + verify(actionPlanService, never()).delete(eq("ABCD"), any(UserSession.class)); assertThat(result.ok()).isFalse(); assertThat(result.errors()).contains(Result.Message.ofL10n("action_plans.errors.action_plan_does_not_exist", "ABCD")); } @Test public void should_close_action_plan() { - when(actionPlanService.findByKey("ABCD")).thenReturn(DefaultActionPlan.create("Long term")); + when(actionPlanService.findByKey(eq("ABCD"), any(UserSession.class))).thenReturn(DefaultActionPlan.create("Long term")); Result result = internalRubyIssueService.closeActionPlan("ABCD"); - verify(actionPlanService).setStatus(eq("ABCD"), eq("CLOSED")); + verify(actionPlanService).setStatus(eq("ABCD"), eq("CLOSED"), any(UserSession.class)); assertThat(result.ok()).isTrue(); } @Test public void should_open_action_plan() { - when(actionPlanService.findByKey("ABCD")).thenReturn(DefaultActionPlan.create("Long term")); + when(actionPlanService.findByKey(eq("ABCD"), any(UserSession.class))).thenReturn(DefaultActionPlan.create("Long term")); Result result = internalRubyIssueService.openActionPlan("ABCD"); - verify(actionPlanService).setStatus(eq("ABCD"), eq("OPEN")); + verify(actionPlanService).setStatus(eq("ABCD"), eq("OPEN"), any(UserSession.class)); assertThat(result.ok()).isTrue(); } diff --git a/sonar-server/src/test/java/org/sonar/server/issue/ServerIssueStorageTest.java b/sonar-server/src/test/java/org/sonar/server/issue/ServerIssueStorageTest.java index b0b910621ef..5192ae23e22 100644 --- a/sonar-server/src/test/java/org/sonar/server/issue/ServerIssueStorageTest.java +++ b/sonar-server/src/test/java/org/sonar/server/issue/ServerIssueStorageTest.java @@ -41,7 +41,7 @@ public class ServerIssueStorageTest extends AbstractDaoTestCase { setupData("should_load_component_id_from_db"); ServerIssueStorage storage = new ServerIssueStorage(getMyBatis(), new FakeRuleFinder(), new ResourceDao(getMyBatis())); - int componentId = storage.componentId(new DefaultIssue().setComponentKey("struts:Action.java")); + long componentId = storage.componentId(new DefaultIssue().setComponentKey("struts:Action.java")); assertThat(componentId).isEqualTo(123); } @@ -64,7 +64,7 @@ public class ServerIssueStorageTest extends AbstractDaoTestCase { setupData("should_load_project_id_from_db"); ServerIssueStorage storage = new ServerIssueStorage(getMyBatis(), new FakeRuleFinder(), new ResourceDao(getMyBatis())); - int projectId = storage.projectId(new DefaultIssue().setComponentKey("struts:Action.java")); + long projectId = storage.projectId(new DefaultIssue().setComponentKey("struts:Action.java")); assertThat(projectId).isEqualTo(1); } |