diff options
| author | Simon Brandhof <simon.brandhof@sonarsource.com> | 2018-02-20 13:50:50 +0100 |
|---|---|---|
| committer | Simon Brandhof <simon.brandhof@sonarsource.com> | 2018-02-22 09:23:27 +0100 |
| commit | 7ca304b0fdd0f0172eb85f1a911405c7709eb02f (patch) | |
| tree | 1a55e4000502a94c93b97dbf260c2a552adda49d | |
| parent | a0ab2f7b6381bf1325b209a23c5032320f04a512 (diff) | |
| download | sonarqube-7ca304b0fdd0f0172eb85f1a911405c7709eb02f.tar.gz sonarqube-7ca304b0fdd0f0172eb85f1a911405c7709eb02f.zip | |
SONAR-10356 restrict api/projects/search_my_projects to 1000 projects
3 files changed, 26 insertions, 11 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java index a3e07082fc2..515c07cf690 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsAction.java @@ -56,7 +56,7 @@ public class SearchMyProjectsAction implements ProjectsWsAction { @Override public void define(WebService.NewController context) { WebService.NewAction action = context.createAction("search_my_projects") - .setDescription("Return list of projects for which the current user has 'Administer' permission.") + .setDescription("Return list of projects for which the current user has 'Administer' permission. Maximum 1'000 projects are returned.") .setResponseExample(getClass().getResource("search_my_projects-example.json")) .addPagingParams(100, MAX_SIZE) .setSince("6.0") diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java index be0e6630dda..e602b8d401b 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java +++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchMyProjectsDataLoader.java @@ -26,6 +26,7 @@ import java.util.List; import org.sonar.api.measures.CoreMetrics; import org.sonar.api.resources.Qualifiers; import org.sonar.api.web.UserRole; +import org.sonar.db.DatabaseUtils; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.component.ComponentDto; @@ -81,7 +82,7 @@ public class SearchMyProjectsDataLoader { List<Long> componentIds = dbClient.roleDao().selectComponentIdsByPermissionAndUserId(dbSession, UserRole.ADMIN, userId); ComponentQuery dbQuery = ComponentQuery.builder() .setQualifiers(Qualifiers.PROJECT) - .setComponentIds(ImmutableSet.copyOf(componentIds)) + .setComponentIds(ImmutableSet.copyOf(componentIds.subList(0, Math.min(componentIds.size(), DatabaseUtils.PARTITION_SIZE_FOR_ORACLE)))) .build(); return new ProjectsResult( diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java index 8c4df109c8d..e676fc6c06d 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java @@ -19,6 +19,7 @@ */ package org.sonar.server.project.ws; +import java.util.stream.IntStream; import org.junit.Before; import org.junit.Rule; import org.junit.Test; @@ -116,13 +117,26 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnUser(anotherUser, UserRole.ADMIN, cLang); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); } @Test + public void return_only_first_1000_projects() { + OrganizationDto organization = db.organizations().insert(); + IntStream.range(0, 1_010).forEach(i -> { + ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organization)); + db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); + }); + + SearchMyProjectsWsResponse result = callWs(); + + assertThat(result.getPaging().getTotal()).isEqualTo(1_000); + } + + @Test public void sort_projects_by_name() { OrganizationDto organizationDto = db.organizations().insert(); ComponentDto b_project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(organizationDto).setName("B_project_name")); @@ -133,7 +147,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, a_project); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, c_project); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(3); assertThat(result.getProjectsList()).extracting(Project::getId) @@ -166,7 +180,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, clang); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); @@ -181,7 +195,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, view); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); @@ -193,7 +207,7 @@ public class SearchMyProjectsActionTest { ComponentDto branch = db.components().insertProjectBranch(project); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsList()) .extracting(Project::getKey) @@ -212,7 +226,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, jdk7); db.users().insertProjectPermissionOnGroup(group, UserRole.USER, cLang); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(1); assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid()); @@ -234,7 +248,7 @@ public class SearchMyProjectsActionTest { db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, sonarqube); db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, sonarqube); - SearchMyProjectsWsResponse result = call_ws(); + SearchMyProjectsWsResponse result = callWs(); assertThat(result.getProjectsCount()).isEqualTo(3); assertThat(result.getProjectsList()).extracting(Project::getId).containsOnly(jdk7.uuid(), cLang.uuid(), sonarqube.uuid()); @@ -251,7 +265,7 @@ public class SearchMyProjectsActionTest { userSession.anonymous(); expectedException.expect(UnauthorizedException.class); - call_ws(); + callWs(); } private ComponentDto insertClang(OrganizationDto organizationDto) { @@ -273,7 +287,7 @@ public class SearchMyProjectsActionTest { .setDbKey("Java")); } - private SearchMyProjectsWsResponse call_ws() { + private SearchMyProjectsWsResponse callWs() { return ws.newRequest() .executeProtobuf(SearchMyProjectsWsResponse.class); } |