SONAR-8716 fix check of permissions in api/email

2 files changed, 16 insertions, 15 deletions

diff --git a/server/sonar-server/src/main/java/org/sonar/server/email/ws/SendAction.java b/server/sonar-server/src/main/java/org/sonar/server/email/ws/SendAction.java
index a406760f9e2..6846ba11737 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/email/ws/SendAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/email/ws/SendAction.java
@@ -28,7 +28,6 @@ import org.apache.commons.mail.EmailException;
 import org.sonar.api.server.ws.Request;
 import org.sonar.api.server.ws.Response;
 import org.sonar.api.server.ws.WebService;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.server.exceptions.BadRequestException;
 import org.sonar.server.exceptions.Message;
 import org.sonar.server.notification.email.EmailNotificationChannel;
@@ -74,7 +73,7 @@ public class SendAction implements EmailsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkPermission(GlobalPermissions.SYSTEM_ADMIN);
+    userSession.checkIsRoot();
     try {
       emailNotificationChannel.sendTestEmail(request.mandatoryParam(PARAM_TO), request.param(PARAM_SUBJECT), request.mandatoryParam(PARAM_MESSAGE));
     } catch (EmailException emailException) {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/email/ws/SendActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/email/ws/SendActionTest.java
index 39f3721fa6d..305dc417282 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/email/ws/SendActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/email/ws/SendActionTest.java
@@ -26,7 +26,6 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.api.server.ws.WebService;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.server.exceptions.BadRequestException;
 import org.sonar.server.exceptions.ForbiddenException;
 import org.sonar.server.exceptions.Message;
@@ -41,7 +40,6 @@ import static org.mockito.Matchers.anyString;
 import static org.mockito.Mockito.doThrow;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 
 public class SendActionTest {
 
@@ -51,13 +49,13 @@ public class SendActionTest {
   @Rule
   public UserSessionRule userSession = UserSessionRule.standalone();
 
-  EmailNotificationChannel emailNotificationChannel = mock(EmailNotificationChannel.class);
+  private EmailNotificationChannel emailNotificationChannel = mock(EmailNotificationChannel.class);
 
-  WsActionTester ws = new WsActionTester(new SendAction(userSession, emailNotificationChannel));
+  private WsActionTester ws = new WsActionTester(new SendAction(userSession, emailNotificationChannel));
 
   @Test
   public void send_test_email() throws Exception {
-    setUserAsSystemAdmin();
+    logInAsRoot();
 
     executeRequest("john@doo.com", "Test Message from SonarQube", "This is a test message from SonarQube at http://localhost:9000");
 
@@ -66,7 +64,7 @@ public class SendActionTest {
 
   @Test
   public void does_not_fail_when_subject_param_is_missing() throws Exception {
-    setUserAsSystemAdmin();
+    logInAsRoot();
 
     executeRequest("john@doo.com", null, "This is a test message from SonarQube at http://localhost:9000");
 
@@ -75,7 +73,8 @@ public class SendActionTest {
 
   @Test
   public void fail_when_to_param_is_missing() throws Exception {
-    setUserAsSystemAdmin();
+    logInAsRoot();
+
     expectedException.expect(IllegalArgumentException.class);
 
     executeRequest(null, "Test Message from SonarQube", "This is a test message from SonarQube at http://localhost:9000");
@@ -83,23 +82,26 @@ public class SendActionTest {
 
   @Test
   public void fail_when_message_param_is_missing() throws Exception {
-    setUserAsSystemAdmin();
+    logInAsRoot();
+
     expectedException.expect(IllegalArgumentException.class);
 
     executeRequest("john@doo.com", "Test Message from SonarQube", null);
   }
 
   @Test
-  public void fail_when_insufficient_privileges() {
-    userSession.anonymous().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+  public void throw_ForbiddenException_if_not_root() {
+    userSession.logIn();
+
     expectedException.expect(ForbiddenException.class);
+    expectedException.expectMessage("Insufficient privileges");
 
     ws.newRequest().execute();
   }
 
   @Test
   public void fail_with_BadRequestException_when_EmailException_is_generated() throws Exception {
-    setUserAsSystemAdmin();
+    logInAsRoot();
     IllegalArgumentException exception1 = new IllegalArgumentException("root cause");
     IllegalArgumentException exception2 = new IllegalArgumentException("parent cause", exception1);
     IllegalArgumentException exception3 = new IllegalArgumentException("child cause", exception2);
@@ -139,8 +141,8 @@ public class SendActionTest {
     request.execute();
   }
 
-  private void setUserAsSystemAdmin() {
-    userSession.logIn("admin").setGlobalPermissions(SYSTEM_ADMIN);
+  private void logInAsRoot() {
+    userSession.logIn().setRoot();
   }
 
 }