diff options
| author | Simon Brandhof <simon.brandhof@sonarsource.com> | 2017-01-29 17:08:59 +0100 |
|---|---|---|
| committer | Simon Brandhof <simon.brandhof@sonarsource.com> | 2017-02-01 17:11:52 +0100 |
| commit | bd8c009b98b373b4916ea586becabf5ae989f64a (patch) | |
| tree | 339e2aaa86e7a715b4c3c2ab1e8e1cda42c05542 | |
| parent | 54c908420bee1f6a0920e0b19bfcea194f2e3a7d (diff) | |
| download | sonarqube-bd8c009b98b373b4916ea586becabf5ae989f64a.tar.gz sonarqube-bd8c009b98b373b4916ea586becabf5ae989f64a.zip | |
SONAR-8716 Add methods in UserSession with ComponentDto parameters.
The new methods hasComponentPermission(String,ComponentDto) and
checkComponentPermission(String,ComponentDto) will help to
drop the same methods with key/uuid String parameters.
7 files changed, 83 insertions, 2 deletions
diff --git a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java index 39f6f821fa4..0e15807fe29 100644 --- a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java +++ b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java @@ -19,8 +19,10 @@ */ package org.sonar.ce.user; +import java.util.Collection; import java.util.List; import java.util.Set; +import org.sonar.db.component.ComponentDto; import org.sonar.db.user.GroupDto; import org.sonar.server.user.UserSession; @@ -105,6 +107,11 @@ public class CeUserSession implements UserSession { } @Override + public UserSession checkComponentPermission(String projectPermission, ComponentDto component) { + return notImplemented(); + } + + @Override public UserSession checkComponentPermission(String projectPermission, String componentKey) { return notImplemented(); } @@ -115,6 +122,11 @@ public class CeUserSession implements UserSession { } @Override + public boolean hasComponentPermission(String permission, ComponentDto component) { + return notImplementedBooleanMethod(); + } + + @Override public boolean hasComponentPermission(String permission, String componentKey) { return notImplementedBooleanMethod(); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java index a61b44710e1..76335c8b83d 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java @@ -19,6 +19,7 @@ */ package org.sonar.server.user; +import org.sonar.db.component.ComponentDto; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.exceptions.UnauthorizedException; @@ -72,6 +73,19 @@ public abstract class AbstractUserSession implements UserSession { } @Override + public boolean hasComponentPermission(String permission, ComponentDto component) { + return hasComponentUuidPermission(permission, component.projectUuid()); + } + + @Override + public UserSession checkComponentPermission(String projectPermission, ComponentDto component) { + if (!hasComponentPermission(projectPermission, component)) { + throw new ForbiddenException(INSUFFICIENT_PRIVILEGES_MESSAGE); + } + return this; + } + + @Override public UserSession checkComponentPermission(String projectPermission, String componentKey) { if (!hasComponentPermission(projectPermission, componentKey)) { throw new ForbiddenException(INSUFFICIENT_PRIVILEGES_MESSAGE); diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java b/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java index 3d08fc487e5..d5242f0af6b 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java @@ -26,6 +26,7 @@ import java.util.Set; import org.sonar.api.security.DefaultGroups; import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.user.GroupDto; +import org.sonar.db.component.ComponentDto; /** * Allow code to be executed with the highest privileges possible, as if executed by a {@link GlobalPermissions#SYSTEM_ADMIN} account. @@ -119,6 +120,11 @@ public final class DoPrivileged { } @Override + public boolean hasComponentPermission(String permission, ComponentDto component) { + return true; + } + + @Override public boolean hasComponentPermission(String permission, String componentKey) { return true; } diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java index db21fb6b49b..9692239f592 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java @@ -19,9 +19,11 @@ */ package org.sonar.server.user; +import java.util.Collection; import java.util.List; import java.util.Set; import javax.annotation.CheckForNull; +import org.sonar.db.component.ComponentDto; import org.sonar.db.user.GroupDto; import org.sonar.server.exceptions.UnauthorizedException; @@ -119,6 +121,12 @@ public class ThreadLocalUserSession implements UserSession { } @Override + public UserSession checkComponentPermission(String projectPermission, ComponentDto component) { + get().checkComponentPermission(projectPermission, component); + return this; + } + + @Override public UserSession checkComponentPermission(String projectPermission, String componentKey) { get().checkComponentPermission(projectPermission, componentKey); return this; @@ -131,6 +139,11 @@ public class ThreadLocalUserSession implements UserSession { } @Override + public boolean hasComponentPermission(String permission, ComponentDto component) { + return get().hasComponentPermission(permission, component); + } + + @Override public boolean hasComponentPermission(String permission, String componentKey) { return get().hasComponentPermission(permission, componentKey); } diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java index bb6b2eb662f..9ccd1d380f4 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java @@ -19,10 +19,12 @@ */ package org.sonar.server.user; +import java.util.Collection; import java.util.List; import java.util.Set; import javax.annotation.CheckForNull; import org.sonar.api.security.DefaultGroups; +import org.sonar.db.component.ComponentDto; import org.sonar.db.user.GroupDto; public interface UserSession { @@ -71,7 +73,7 @@ public interface UserSession { /** * Ensures that permission is granted to user, otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}. - + * @deprecated in 6.3 because it doesn't support organizations * @see org.sonar.core.permission.GlobalPermissions * @see #checkIsRoot() for system administrators @@ -82,7 +84,7 @@ public interface UserSession { /** * Does the user have the given permission ? - + * @deprecated in 6.3 because if doesn't support organizations * @see org.sonar.core.permission.GlobalPermissions * @see #isRoot() @@ -112,6 +114,15 @@ public interface UserSession { List<String> globalPermissions(); /** + * Ensures that permission is granted to user, otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}. + * If the component doesn't exist and the user doesn't have the permission, throws + * a {@link org.sonar.server.exceptions.ForbiddenException}. + * + * @see org.sonar.api.web.UserRole for list of project permissions + */ + UserSession checkComponentPermission(String projectPermission, ComponentDto component); + + /** * Ensures that permission is granted to user on the specified component, otherwise throws * a {@link org.sonar.server.exceptions.ForbiddenException}. * If the component doesn't exist and the user doesn't have the global permission, @@ -127,6 +138,12 @@ public interface UserSession { UserSession checkComponentUuidPermission(String permission, String componentUuid); /** + * Whether the user has the permission on the component. Returns {@code false} + * if the component does not exist in database. + */ + boolean hasComponentPermission(String permission, ComponentDto component); + + /** * Does the user have the given permission for a component key ? * * First, check if the user has the global permission (even if the component doesn't exist) diff --git a/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java b/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java index 56261cd7e3c..6d5fcb00e82 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java +++ b/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java @@ -29,6 +29,7 @@ import java.util.Map; import java.util.Set; import javax.annotation.Nullable; import org.sonar.api.security.DefaultGroups; +import org.sonar.db.component.ComponentDto; import org.sonar.server.user.AbstractUserSession; import static com.google.common.collect.Lists.newArrayList; @@ -111,6 +112,11 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession> } @Override + public boolean hasComponentPermission(String permission, ComponentDto component) { + return hasComponentUuidPermission(permission, component.projectUuid()); + } + + @Override public boolean hasComponentPermission(String permission, String componentKey) { String projectKey = projectKeyByComponentKey.get(componentKey); return hasPermission(permission) || (projectKey != null && hasProjectPermission(permission, projectKey)); diff --git a/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java b/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java index 1798c27d534..d2ebacdd2b0 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java +++ b/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java @@ -20,6 +20,7 @@ package org.sonar.server.tester; import com.google.common.base.Preconditions; +import java.util.Collection; import java.util.List; import java.util.Set; import javax.annotation.CheckForNull; @@ -27,6 +28,7 @@ import javax.annotation.Nullable; import org.junit.rules.TestRule; import org.junit.runner.Description; import org.junit.runners.model.Statement; +import org.sonar.db.component.ComponentDto; import org.sonar.db.organization.OrganizationDto; import org.sonar.db.user.GroupDto; import org.sonar.db.user.UserDto; @@ -255,6 +257,11 @@ public class UserSessionRule implements TestRule, UserSession { } @Override + public boolean hasComponentPermission(String permission, ComponentDto component) { + return hasComponentUuidPermission(permission, component.projectUuid()); + } + + @Override public boolean hasComponentPermission(String permission, String componentKey) { return currentUserSession.hasComponentPermission(permission, componentKey); } @@ -331,6 +338,12 @@ public class UserSessionRule implements TestRule, UserSession { } @Override + public UserSession checkComponentPermission(String projectPermission, ComponentDto component) { + currentUserSession.checkComponentPermission(projectPermission, component); + return this; + } + + @Override public UserSession checkComponentPermission(String projectPermission, String componentKey) { currentUserSession.checkComponentPermission(projectPermission, componentKey); return this; |