SONAR-8716 Use UserSession#hasComponentPermission(String,ComponentDto)

author: Simon Brandhof <simon.brandhof@sonarsource.com> 2017-01-29 20:24:32 +0100
committer: Simon Brandhof <simon.brandhof@sonarsource.com> 2017-02-01 17:11:52 +0100
commit: 71b436dd7c7f8d7311b9c3605e6f0c9e5a422196 (patch)
tree: 5e5631827f9537d4a1119af098d11de363603df6
parent: 6ff19c3990f4f127bec8cdcc5c83ef29cb4f75c4 (diff)
download: sonarqube-71b436dd7c7f8d7311b9c3605e6f0c9e5a422196.tar.gz
sonarqube-71b436dd7c7f8d7311b9c3605e6f0c9e5a422196.zip
15 files changed, 32 insertions, 40 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
index 32e1f90a7e7..a4e8e6d0d1a 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
@@ -69,8 +69,8 @@ public class ProjectDataLoader {
         throw new BadRequestException(format("Key '%s' belongs to a component which is not a Project", query.getModuleKey()));
       }
 
-      boolean hasScanPerm = userSession.hasComponentUuidPermission(SCAN_EXECUTION, module.projectUuid());
-      boolean hasBrowsePerm = userSession.hasComponentUuidPermission(USER, module.projectUuid());
+      boolean hasScanPerm = userSession.hasComponentPermission(SCAN_EXECUTION, module);
+      boolean hasBrowsePerm = userSession.hasComponentPermission(USER, module);
       checkPermission(query.isIssuesMode(), hasScanPerm, hasBrowsePerm);
 
       ComponentDto project = getProject(module, session);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java b/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java
index eb9dee249a1..844aabc2edd 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/component/ws/AppAction.java
@@ -145,7 +145,7 @@ public class AppAction implements RequestHandler {
   }
 
   private static void appendPermissions(JsonWriter json, ComponentDto component, UserSession userSession) {
-    boolean hasBrowsePermission = userSession.hasComponentUuidPermission(UserRole.USER, component.uuid());
+    boolean hasBrowsePermission = userSession.hasComponentPermission(UserRole.USER, component);
     json.prop("canMarkAsFavourite", userSession.isLoggedIn() && hasBrowsePermission);
   }
 
diff --git a/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java b/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java
index e6b362538c2..f088cb6b5bc 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/component/ws/ShowAction.java
@@ -35,7 +35,6 @@ import org.sonar.server.user.UserSession;
 import org.sonarqube.ws.WsComponents.ShowWsResponse;
 import org.sonarqube.ws.client.component.ShowWsRequest;
 
-import static com.google.common.base.MoreObjects.firstNonNull;
 import static java.lang.String.format;
 import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01;
 import static org.sonar.server.component.ws.ComponentDtoToWsComponent.componentDtoToWsComponent;
@@ -119,8 +118,7 @@ public class ShowAction implements ComponentsWsAction {
 
   private ComponentDto getComponentByUuidOrKey(DbSession dbSession, ShowWsRequest request) {
     ComponentDto component = componentFinder.getByUuidOrKey(dbSession, request.getId(), request.getKey(), ParamNames.ID_AND_KEY);
-    String projectUuid = firstNonNull(component.projectUuid(), component.uuid());
-    userSession.checkComponentUuidPermission(UserRole.USER, projectUuid);
+    userSession.checkComponentPermission(UserRole.USER, component);
     return component;
   }
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java b/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java
index 1b6f3db1c3b..4e2d2e3fdb0 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/component/ws/TreeAction.java
@@ -51,7 +51,6 @@ import org.sonarqube.ws.WsComponents;
 import org.sonarqube.ws.WsComponents.TreeWsResponse;
 import org.sonarqube.ws.client.component.TreeWsRequest;
 
-import static com.google.common.base.MoreObjects.firstNonNull;
 import static com.google.common.collect.FluentIterable.from;
 import static com.google.common.collect.Sets.newHashSet;
 import static java.lang.String.CASE_INSENSITIVE_ORDER;
@@ -189,8 +188,7 @@ public class TreeAction implements ComponentsWsAction {
   }
 
   private void checkPermissions(ComponentDto baseComponent) {
-    String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid());
-    userSession.checkComponentUuidPermission(UserRole.USER, projectUuid);
+    userSession.checkComponentPermission(UserRole.USER, baseComponent);
   }
 
   private static TreeWsResponse buildResponse(ComponentDto baseComponent, OrganizationDto organizationDto, List<ComponentDto> components,
diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java
index 9e89a6812ac..081b333437b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentAction.java
@@ -54,7 +54,6 @@ import org.sonarqube.ws.WsMeasures;
 import org.sonarqube.ws.WsMeasures.ComponentWsResponse;
 import org.sonarqube.ws.client.measure.ComponentWsRequest;
 
-import static com.google.common.base.MoreObjects.firstNonNull;
 import static java.lang.String.format;
 import static java.util.Collections.emptyList;
 import static java.util.Collections.emptyMap;
@@ -258,7 +257,6 @@ public class ComponentAction implements MeasuresWsAction {
   }
 
   private void checkPermissions(ComponentDto baseComponent) {
-    String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid());
-    userSession.checkComponentUuidPermission(UserRole.USER, projectUuid);
+    userSession.checkComponentPermission(UserRole.USER, baseComponent);
   }
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java
index 4fe6125defe..76cfde04de0 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/measure/ws/ComponentTreeDataLoader.java
@@ -61,7 +61,6 @@ import org.sonar.server.user.UserSession;
 import org.sonarqube.ws.WsMeasures;
 import org.sonarqube.ws.client.measure.ComponentTreeWsRequest;
 
-import static com.google.common.base.MoreObjects.firstNonNull;
 import static com.google.common.base.Preconditions.checkState;
 import static com.google.common.collect.Sets.newHashSet;
 import static java.lang.String.format;
@@ -298,8 +297,7 @@ public class ComponentTreeDataLoader {
   }
 
   private void checkPermissions(ComponentDto baseComponent) {
-    String projectUuid = firstNonNull(baseComponent.projectUuid(), baseComponent.uuid());
-    userSession.checkComponentUuidPermission(UserRole.USER, projectUuid);
+    userSession.checkComponentPermission(UserRole.USER, baseComponent);
   }
 
   private enum IsFileComponent implements Predicate<ComponentDto> {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java
index 2e041d135d4..931da4263f6 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/projectlink/ws/SearchAction.java
@@ -124,8 +124,8 @@ public class SearchAction implements ProjectLinksWsAction {
       request.getProjectKey(),
       ComponentFinder.ParamNames.PROJECT_ID_AND_KEY);
 
-    if (!userSession.hasComponentUuidPermission(UserRole.ADMIN, component.uuid()) &&
-      !userSession.hasComponentUuidPermission(UserRole.USER, component.uuid())) {
+    if (!userSession.hasComponentPermission(UserRole.ADMIN, component) &&
+      !userSession.hasComponentPermission(UserRole.USER, component)) {
       throw insufficientPrivilegesException();
     }
 
diff --git a/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java b/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java
index cdeb026538b..743d9d1c5a1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/property/ws/IndexAction.java
@@ -148,7 +148,7 @@ public class IndexAction implements WsAction {
   }
 
   private boolean hasAdminPermission(Optional<ComponentDto> component) {
-    return component.isPresent() ? userSession.hasComponentUuidPermission(ADMIN, component.get().uuid()) : userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN);
+    return component.isPresent() ? userSession.hasComponentPermission(ADMIN, component.get()) : userSession.hasPermission(GlobalPermissions.SYSTEM_ADMIN);
   }
 
   private List<PropertyDto> loadGlobalSettings(DbSession dbSession, Optional<String> key) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
index 4743bb28717..fcaa6e38ae1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
@@ -271,7 +271,7 @@ public class QualityGates {
   private void checkPermission(Long projectId, DbSession session) {
     ComponentDto project = componentDao.selectOrFailById(session, projectId);
     if (!userSession.hasPermission(GlobalPermissions.QUALITY_GATE_ADMIN)
-      && !userSession.hasComponentUuidPermission(UserRole.ADMIN, project.uuid())) {
+      && !userSession.hasComponentPermission(UserRole.ADMIN, project)) {
       throw new ForbiddenException("Insufficient privileges");
     }
   }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java
index 977e9120e9c..1be33bba7ff 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/GetByProjectAction.java
@@ -92,8 +92,8 @@ public class GetByProjectAction implements QualityGatesWsAction {
   private ComponentDto getProject(DbSession dbSession, String projectUuid, String projectKey) {
     ComponentDto project = componentFinder.getByUuidOrKey(dbSession, projectUuid, projectKey, ParamNames.PROJECT_ID_AND_KEY);
 
-    if (!userSession.hasComponentUuidPermission(UserRole.USER, projectUuid) &&
-      !userSession.hasComponentUuidPermission(UserRole.ADMIN, projectUuid)) {
+    if (!userSession.hasComponentPermission(UserRole.USER, project) &&
+      !userSession.hasComponentPermission(UserRole.ADMIN, project)) {
       throw insufficientPrivilegesException();
     }
 
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java
index 2db5c5456eb..9177ea6ef67 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/ProjectStatusAction.java
@@ -114,7 +114,7 @@ public class ProjectStatusAction implements QualityGatesWsAction {
     DbSession dbSession = dbClient.openSession(false);
     try {
       ProjectAndSnapshot projectAndSnapshot = getProjectAndSnapshot(dbSession, request);
-      checkPermission(projectAndSnapshot.project.uuid());
+      checkPermission(projectAndSnapshot.project);
       Optional<String> measureData = getQualityGateDetailsMeasureData(dbSession, projectAndSnapshot.project);
 
       return ProjectStatusWsResponse.newBuilder()
@@ -178,9 +178,9 @@ public class ProjectStatusAction implements QualityGatesWsAction {
     return projectStatusWsRequest;
   }
 
-  private void checkPermission(String projectUuid) {
-    if (!userSession.hasComponentUuidPermission(UserRole.ADMIN, projectUuid) &&
-      !userSession.hasComponentUuidPermission(UserRole.USER, projectUuid)) {
+  private void checkPermission(ComponentDto project) {
+    if (!userSession.hasComponentPermission(UserRole.ADMIN, project) &&
+      !userSession.hasComponentPermission(UserRole.USER, project)) {
       throw insufficientPrivilegesException();
     }
   }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
index 318c11ee04e..b44cdc1f5fb 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
@@ -119,7 +119,7 @@ public class SelectAction implements QualityGatesWsAction {
       .or(() -> componentFinder.getByUuidOrKey(dbSession, projectId, projectKey, ParamNames.PROJECT_ID_AND_KEY));
 
     if (!userSession.hasPermission(GlobalPermissions.QUALITY_GATE_ADMIN) &&
-      !userSession.hasComponentUuidPermission(UserRole.ADMIN, project.uuid())) {
+      !userSession.hasComponentPermission(UserRole.ADMIN, project)) {
       throw insufficientPrivilegesException();
     }
 
diff --git a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java
index 1bad7a11a39..10569459913 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsPermissionPredicates.java
@@ -68,6 +68,6 @@ public class SettingsPermissionPredicates {
   }
 
   private boolean hasPermission(String permission, Optional<ComponentDto> component) {
-    return userSession.hasPermission(permission) || (component.isPresent() && userSession.hasComponentUuidPermission(permission, component.get().uuid()));
+    return userSession.hasPermission(permission) || (component.isPresent() && userSession.hasComponentPermission(permission, component.get()));
   }
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
index 0e7bdb081cf..e658d3207e5 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
@@ -129,7 +129,7 @@ public class ComponentAction implements NavigationWsAction {
     String componentKey = request.mandatoryParam(PARAM_COMPONENT_KEY);
     try (DbSession session = dbClient.openSession(false)) {
       ComponentDto component = componentFinder.getByKey(session, componentKey);
-      if (!(userSession.hasComponentUuidPermission(USER, component.projectUuid()) || userSession.hasComponentUuidPermission(ADMIN, component.projectUuid()))) {
+      if (!(userSession.hasComponentPermission(USER, component) || userSession.hasComponentPermission(ADMIN, component))) {
         throw new ForbiddenException("Insufficient privileges");
       }
       OrganizationDto organizationDto = componentFinder.getOrganization(session, component);
@@ -140,7 +140,7 @@ public class ComponentAction implements NavigationWsAction {
       writeComponent(json, session, component, organizationDto, analysis.orElse(null));
       writeProfiles(json, session, component);
       writeQualityGate(json, session, component);
-      if (userSession.hasComponentUuidPermission(ADMIN, component.projectUuid()) || userSession.hasPermission(QUALITY_PROFILE_ADMIN)) {
+      if (userSession.hasComponentPermission(ADMIN, component) || userSession.hasPermission(QUALITY_PROFILE_ADMIN)) {
         writeConfiguration(json, component);
       }
       writeBreadCrumbs(json, session, component);
@@ -200,7 +200,7 @@ public class ComponentAction implements NavigationWsAction {
     json.name("extensions").beginArray();
     Predicate<Page> isAuthorized = page -> {
       String requiredPermission = page.isAdmin() ? UserRole.ADMIN : UserRole.USER;
-      return userSession.hasComponentUuidPermission(requiredPermission, component.uuid());
+      return userSession.hasComponentPermission(requiredPermission, component);
     };
     pages.stream()
       .filter(isAuthorized)
@@ -209,7 +209,7 @@ public class ComponentAction implements NavigationWsAction {
   }
 
   private void writeConfiguration(JsonWriter json, ComponentDto component) {
-    boolean isAdmin = userSession.hasComponentUuidPermission(ADMIN, component.projectUuid());
+    boolean isAdmin = userSession.hasComponentPermission(ADMIN, component);
 
     json.name("configuration").beginObject();
     writeConfigPageAccess(json, isAdmin, component);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java
index cbaa6dd3809..47c240ea118 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java
@@ -62,9 +62,9 @@ public class GetByProjectActionTest {
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
-  ComponentDbTester componentDb = new ComponentDbTester(db);
-  DbClient dbClient = db.getDbClient();
-  DbSession dbSession = db.getSession();
+  private ComponentDbTester componentDb = new ComponentDbTester(db);
+  private DbClient dbClient = db.getDbClient();
+  private DbSession dbSession = db.getSession();
 
   private WsActionTester ws = new WsActionTester(
     new GetByProjectAction(userSession, dbClient, new ComponentFinder(dbClient), new QualityGateFinder(dbClient)));
@@ -85,7 +85,7 @@ public class GetByProjectActionTest {
 
   @Test
   public void empty_response() {
-    ComponentDto project = componentDb.insertComponent(newProjectDto(db.getDefaultOrganization()));
+    ComponentDto project = componentDb.insertProject();
     insertQualityGate("Another QG");
 
     String result = ws.newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).execute().getInput();
@@ -135,8 +135,8 @@ public class GetByProjectActionTest {
 
   @Test
   public void get_with_project_admin_permission() {
-    ComponentDto project = componentDb.insertComponent(newProjectDto(db.organizations().insert()));
-    userSession.anonymous().addProjectUuidPermissions(UserRole.USER, project.uuid());
+    ComponentDto project = componentDb.insertProject();
+    userSession.login().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
     QualityGateDto dbQualityGate = insertQualityGate("Sonar way");
     setDefaultQualityGate(dbQualityGate.getId());
 
@@ -146,9 +146,9 @@ public class GetByProjectActionTest {
   }
 
   @Test
-  public void get_with_project_browse_permission() {
-    ComponentDto project = componentDb.insertComponent(newProjectDto(db.getDefaultOrganization()));
-    userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+  public void get_with_project_user_permission() {
+    ComponentDto project = componentDb.insertProject();
+    userSession.login().addProjectUuidPermissions(UserRole.USER, project.uuid());
     QualityGateDto dbQualityGate = insertQualityGate("Sonar way");
     setDefaultQualityGate(dbQualityGate.getId());
author	Simon Brandhof <simon.brandhof@sonarsource.com>	2017-01-29 20:24:32 +0100
committer	Simon Brandhof <simon.brandhof@sonarsource.com>	2017-02-01 17:11:52 +0100
commit	71b436dd7c7f8d7311b9c3605e6f0c9e5a422196 (patch)
tree	5e5631827f9537d4a1119af098d11de363603df6
parent	6ff19c3990f4f127bec8cdcc5c83ef29cb4f75c4 (diff)
download	sonarqube-71b436dd7c7f8d7311b9c3605e6f0c9e5a422196.tar.gz sonarqube-71b436dd7c7f8d7311b9c3605e6f0c9e5a422196.zip