SONAR-6488 WS permissions/add_user add project permissions

author: Teryk Bellahsene <teryk.bellahsene@sonarsource.com> 2015-08-10 18:07:45 +0200
committer: Teryk Bellahsene <teryk.bellahsene@sonarsource.com> 2015-08-13 08:30:39 +0200
commit: 3cdd5de698a4aa6f385c9d5334262874ac798788 (patch)
tree: 03ea4eed65b4adf066f77bcc5911344fbd95ed69
parent: d8e98649ff69187e8bc77a137c4d90ff708a622f (diff)
download: sonarqube-3cdd5de698a4aa6f385c9d5334262874ac798788.tar.gz
sonarqube-3cdd5de698a4aa6f385c9d5334262874ac798788.zip
3 files changed, 135 insertions, 21 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
index 39cd5f0a370..b9f279b7486 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
@@ -27,16 +27,21 @@ import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.server.permission.PermissionChange;
 import org.sonar.server.permission.PermissionUpdater;
 
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PERMISSION;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_ID;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_KEY;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_USER_LOGIN;
+
 public class AddUserAction implements PermissionsWsAction {
 
   public static final String ACTION = "add_user";
-  public static final String PARAM_PERMISSION = "permission";
-  public static final String PARAM_USER_LOGIN = "login";
 
   private final PermissionUpdater permissionUpdater;
+  private final PermissionWsCommons permissionWsCommons;
 
-  public AddUserAction(PermissionUpdater permissionUpdater) {
+  public AddUserAction(PermissionUpdater permissionUpdater, PermissionWsCommons permissionWsCommons) {
     this.permissionUpdater = permissionUpdater;
+    this.permissionWsCommons = permissionWsCommons;
   }
 
   @Override
@@ -56,17 +61,20 @@ public class AddUserAction implements PermissionsWsAction {
       .setRequired(true)
       .setDescription("User login")
       .setExampleValue("g.hopper");
+
+    action.createParam(PARAM_PROJECT_ID)
+      .setDescription("Project id")
+      .setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d");
+
+    action.createParam(PARAM_PROJECT_KEY)
+      .setDescription("Project key")
+      .setExampleValue("org.apache.hbas:hbase");
   }
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    String permission = request.mandatoryParam(PARAM_PERMISSION);
-    String userLogin = request.mandatoryParam(PARAM_USER_LOGIN);
-    permissionUpdater.addPermission(
-      new PermissionChange()
-        .setPermission(permission)
-        .setUser(userLogin)
-    );
+    PermissionChange permissionChange = permissionWsCommons.buildUserPermissionChange(request);
+    permissionUpdater.addPermission(permissionChange);
 
     response.noContent();
   }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionWsCommons.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionWsCommons.java
index ad7a093316d..ed073557b8e 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionWsCommons.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionWsCommons.java
@@ -38,6 +38,7 @@ public class PermissionWsCommons {
   public static final String PARAM_GROUP_ID = "groupId";
   public static final String PARAM_PROJECT_ID = "projectId";
   public static final String PARAM_PROJECT_KEY = "projectKey";
+  public static final String PARAM_USER_LOGIN = "login";
 
   private final DbClient dbClient;
   private final ComponentFinder componentFinder;
@@ -61,6 +62,24 @@ public class PermissionWsCommons {
     return group.getName();
   }
 
+  public PermissionChange buildUserPermissionChange(Request request) {
+    String permission = request.mandatoryParam(PARAM_PERMISSION);
+    String userLogin = request.mandatoryParam(PARAM_USER_LOGIN);
+
+    DbSession dbSession = dbClient.openSession(false);
+    try {
+      PermissionChange permissionChange = new PermissionChange()
+        .setPermission(permission)
+        .setUser(userLogin);
+      addProjectToPermissionChange(dbSession, permissionChange, request.param(PARAM_PROJECT_ID), request.param(PARAM_PROJECT_KEY));
+
+      return permissionChange;
+    } finally {
+      dbClient.closeSession(dbSession);
+    }
+
+  }
+
   public PermissionChange buildGroupPermissionChange(DbSession dbSession, Request request) {
     String permission = request.mandatoryParam(PARAM_PERMISSION);
     String groupNameParam = request.param(PARAM_GROUP_NAME);
@@ -73,12 +92,16 @@ public class PermissionWsCommons {
     PermissionChange permissionChange = new PermissionChange()
       .setPermission(permission)
       .setGroup(groupName);
+    addProjectToPermissionChange(dbSession, permissionChange, projectUuid, projectKey);
+
+    return permissionChange;
+  }
+
+  private void addProjectToPermissionChange(DbSession dbSession, PermissionChange permissionChange, @Nullable String projectUuid, @Nullable String projectKey) {
     if (isProjectUuidOrProjectKeyProvided(projectUuid, projectKey)) {
       ComponentDto project = componentFinder.getProjectByUuidOrKey(dbSession, projectUuid, projectKey);
       permissionChange.setComponentKey(project.key());
     }
-
-    return permissionChange;
   }
 
   private static void checkParameters(@Nullable String groupName, @Nullable Long groupId) {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
index ee7aac66774..f14acfec476 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
@@ -23,22 +23,37 @@ package org.sonar.server.permission.ws;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
+import org.junit.experimental.categories.Category;
 import org.junit.rules.ExpectedException;
 import org.mockito.ArgumentCaptor;
 import org.sonar.api.utils.System2;
+import org.sonar.db.DbClient;
+import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
+import org.sonar.db.component.ComponentDto;
+import org.sonar.server.component.ComponentFinder;
+import org.sonar.server.exceptions.BadRequestException;
+import org.sonar.server.exceptions.NotFoundException;
 import org.sonar.server.exceptions.ServerException;
 import org.sonar.server.permission.PermissionChange;
 import org.sonar.server.permission.PermissionUpdater;
 import org.sonar.server.tester.UserSessionRule;
 import org.sonar.server.ws.WsTester;
+import org.sonar.test.DbTests;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.component.ComponentTesting.newFileDto;
+import static org.sonar.server.component.ComponentTesting.newProjectDto;
 import static org.sonar.server.permission.ws.AddUserAction.ACTION;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PERMISSION;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_ID;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_PROJECT_KEY;
+import static org.sonar.server.permission.ws.PermissionWsCommons.PARAM_USER_LOGIN;
 
+@Category(DbTests.class)
 public class AddUserActionTest {
   UserSessionRule userSession = UserSessionRule.standalone();
   WsTester ws;
@@ -47,23 +62,27 @@ public class AddUserActionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   private PermissionUpdater permissionUpdater;
+  private DbClient dbClient;
+  private DbSession dbSession;
+  private ArgumentCaptor<PermissionChange> permissionChangeCaptor = ArgumentCaptor.forClass(PermissionChange.class);
 
   @Before
   public void setUp() {
     permissionUpdater = mock(PermissionUpdater.class);
+    dbClient = db.getDbClient();
+    dbSession = db.getSession();
     ws = new WsTester(new PermissionsWs(
-      new AddUserAction(permissionUpdater)));
+      new AddUserAction(permissionUpdater, new PermissionWsCommons(dbClient, new ComponentFinder(dbClient)))));
     userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN);
   }
 
   @Test
   public void call_permission_service_with_right_data() throws Exception {
     ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
-      .setParam(AddUserAction.PARAM_USER_LOGIN, "ray.bradbury")
-      .setParam(AddUserAction.PARAM_PERMISSION, SYSTEM_ADMIN)
+      .setParam(PARAM_USER_LOGIN, "ray.bradbury")
+      .setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
       .execute();
 
-    ArgumentCaptor<PermissionChange> permissionChangeCaptor = ArgumentCaptor.forClass(PermissionChange.class);
     verify(permissionUpdater).addPermission(permissionChangeCaptor.capture());
     PermissionChange permissionChange = permissionChangeCaptor.getValue();
     assertThat(permissionChange.user()).isEqualTo("ray.bradbury");
@@ -71,12 +90,68 @@ public class AddUserActionTest {
   }
 
   @Test
-  public void get_request_are_not_authorized() throws Exception {
+  public void add_user_permission_with_project_uuid() throws Exception {
+    dbClient.componentDao().insert(dbSession, newProjectDto("project-uuid").setKey("project-key"));
+    commit();
+
+    ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
+      .setParam(PARAM_USER_LOGIN, "ray.bradbury")
+      .setParam(PARAM_PROJECT_ID, "project-uuid")
+      .setParam(PermissionWsCommons.PARAM_PERMISSION, SYSTEM_ADMIN)
+      .execute();
+
+    verify(permissionUpdater).addPermission(permissionChangeCaptor.capture());
+    PermissionChange permissionChange = permissionChangeCaptor.getValue();
+    assertThat(permissionChange.component()).isEqualTo("project-key");
+  }
+
+  @Test
+  public void add_user_permissions_with_project_key() throws Exception {
+    dbClient.componentDao().insert(dbSession, newProjectDto("project-uuid").setKey("project-key"));
+    commit();
+
+    ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
+      .setParam(PARAM_USER_LOGIN, "ray.bradbury")
+      .setParam(PARAM_PROJECT_KEY, "project-key")
+      .setParam(PermissionWsCommons.PARAM_PERMISSION, SYSTEM_ADMIN)
+      .execute();
+
+    verify(permissionUpdater).addPermission(permissionChangeCaptor.capture());
+    PermissionChange permissionChange = permissionChangeCaptor.getValue();
+    assertThat(permissionChange.component()).isEqualTo("project-key");
+  }
+
+  @Test
+  public void fail_when_project_uuid_is_unknown() throws Exception {
+    expectedException.expect(NotFoundException.class);
+
+    ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
+      .setParam(PARAM_USER_LOGIN, "ray.bradbury")
+      .setParam(PARAM_PROJECT_ID, "unknown-project-uuid")
+      .setParam(PermissionWsCommons.PARAM_PERMISSION, SYSTEM_ADMIN)
+      .execute();
+  }
+
+  @Test
+  public void fail_when_component_is_not_a_project() throws Exception {
+    expectedException.expect(BadRequestException.class);
+    insertComponent(newFileDto(newProjectDto("project-uuid"), "file-uuid"));
+    commit();
+
+    ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
+      .setParam(PARAM_USER_LOGIN, "ray.bradbury")
+      .setParam(PARAM_PROJECT_ID, "file-uuid")
+      .setParam(PermissionWsCommons.PARAM_PERMISSION, SYSTEM_ADMIN)
+      .execute();
+  }
+
+  @Test
+  public void fail_when_get_request() throws Exception {
     expectedException.expect(ServerException.class);
 
     ws.newGetRequest(PermissionsWs.ENDPOINT, ACTION)
-      .setParam(AddUserAction.PARAM_USER_LOGIN, "george.orwell")
-      .setParam(AddUserAction.PARAM_PERMISSION, SYSTEM_ADMIN)
+      .setParam(PARAM_USER_LOGIN, "george.orwell")
+      .setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
       .execute();
   }
 
@@ -85,7 +160,7 @@ public class AddUserActionTest {
     expectedException.expect(IllegalArgumentException.class);
 
     ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
-      .setParam(AddUserAction.PARAM_PERMISSION, SYSTEM_ADMIN)
+      .setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
       .execute();
   }
 
@@ -94,7 +169,15 @@ public class AddUserActionTest {
     expectedException.expect(IllegalArgumentException.class);
 
     ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION)
-      .setParam(AddUserAction.PARAM_USER_LOGIN, "jrr.tolkien")
+      .setParam(PARAM_USER_LOGIN, "jrr.tolkien")
       .execute();
   }
+
+  private void insertComponent(ComponentDto component) {
+    dbClient.componentDao().insert(dbSession, component);
+  }
+
+  private void commit() {
+    dbSession.commit();
+  }
 }
author	Teryk Bellahsene <teryk.bellahsene@sonarsource.com>	2015-08-10 18:07:45 +0200
committer	Teryk Bellahsene <teryk.bellahsene@sonarsource.com>	2015-08-13 08:30:39 +0200
commit	3cdd5de698a4aa6f385c9d5334262874ac798788 (patch)
tree	03ea4eed65b4adf066f77bcc5911344fbd95ed69
parent	d8e98649ff69187e8bc77a137c4d90ff708a622f (diff)
download	sonarqube-3cdd5de698a4aa6f385c9d5334262874ac798788.tar.gz sonarqube-3cdd5de698a4aa6f385c9d5334262874ac798788.zip