aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTeryk Bellahsene <teryk.bellahsene@sonarsource.com>2017-02-15 18:12:56 +0100
committerTeryk Bellahsene <teryk.bellahsene@sonarsource.com>2017-02-16 14:51:35 +0100
commite6dd781f43af40b2648543249855e1c53796c91c (patch)
treed4ed0e2cdb11b9bd04c77792fbcce19d65ed0fc2
parent6416a8324b7ecc1400879a26242e47dbe994e319 (diff)
downloadsonarqube-e6dd781f43af40b2648543249855e1c53796c91c.tar.gz
sonarqube-e6dd781f43af40b2648543249855e1c53796c91c.zip
SONAR-8774 Sanitize parameter names of the api/projects domain
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java19
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java24
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java13
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java16
-rw-r--r--sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java1
5 files changed, 42 insertions, 31 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
index dda804a317c..e8d367668f4 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
@@ -38,8 +38,8 @@ import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
public class BulkDeleteAction implements ProjectsWsAction {
private static final String ACTION = "bulk_delete";
- private static final String PARAM_IDS = "ids";
- private static final String PARAM_KEYS = "keys";
+ private static final String PARAM_PROJECT_IDS = "projectIds";
+ private static final String PARAM_PROJECTS = "projects";
private final ComponentCleanerService componentCleanerService;
private final DbClient dbClient;
@@ -59,18 +59,21 @@ public class BulkDeleteAction implements ProjectsWsAction {
WebService.NewAction action = context
.createAction(ACTION)
.setPost(true)
- .setDescription("Delete one or several projects.<br /> Requires 'Administer System' permission.")
+ .setDescription("Delete one or several projects.<br />" +
+ "Requires 'Administer System' permission.")
.setSince("5.2")
.setHandler(this);
action
- .createParam(PARAM_IDS)
- .setDescription("List of project ids to delete")
+ .createParam(PARAM_PROJECT_IDS)
+ .setDescription("List of project IDs to delete")
+ .setDeprecatedKey("ids", "6.4")
.setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d,c526ef20-131b-4486-9357-063fa64b5079");
action
- .createParam(PARAM_KEYS)
+ .createParam(PARAM_PROJECTS)
.setDescription("List of project keys to delete")
+ .setDeprecatedKey("keys", "6.4")
.setExampleValue(KEY_PROJECT_EXAMPLE_001);
support.addOrganizationParam(action);
@@ -80,8 +83,8 @@ public class BulkDeleteAction implements ProjectsWsAction {
public void handle(Request request, Response response) throws Exception {
userSession.checkLoggedIn();
- List<String> uuids = request.paramAsStrings(PARAM_IDS);
- List<String> keys = request.paramAsStrings(PARAM_KEYS);
+ List<String> uuids = request.paramAsStrings(PARAM_PROJECT_IDS);
+ List<String> keys = request.paramAsStrings(PARAM_PROJECTS);
String orgKey = request.param(ProjectsWsSupport.PARAM_ORGANIZATION);
try (DbSession dbSession = dbClient.openSession(false)) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
index 14597652a67..9af482443a2 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
@@ -31,15 +31,14 @@ import org.sonar.server.component.ComponentCleanerService;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.user.UserSession;
-import static org.sonar.server.component.ComponentFinder.ParamNames.ID_AND_KEY;
+import static org.sonar.server.component.ComponentFinder.ParamNames.PROJECT_ID_AND_PROJECT;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
public class DeleteAction implements ProjectsWsAction {
private static final String ACTION = "delete";
- public static final String PARAM_ID = "id";
- public static final String PARAM_KEY = "key";
-
private final ComponentCleanerService componentCleanerService;
private final ComponentFinder componentFinder;
private final DbClient dbClient;
@@ -57,18 +56,21 @@ public class DeleteAction implements ProjectsWsAction {
WebService.NewAction action = context
.createAction(ACTION)
.setPost(true)
- .setDescription("Delete a project.<br /> Requires 'Administer System' permission or 'Administer' permission on the project.")
+ .setDescription("Delete a project.<br> " +
+ "Requires 'Administer System' permission or 'Administer' permission on the project.")
.setSince("5.2")
.setHandler(this);
action
- .createParam(PARAM_ID)
- .setDescription("Project id")
+ .createParam(PARAM_PROJECT_ID)
+ .setDescription("Project ID")
+ .setDeprecatedKey("id", "6.4")
.setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d");
action
- .createParam(PARAM_KEY)
+ .createParam(PARAM_PROJECT)
.setDescription("Project key")
+ .setDeprecatedKey("key", "6.4")
.setExampleValue(KEY_PROJECT_EXAMPLE_001);
}
@@ -76,11 +78,11 @@ public class DeleteAction implements ProjectsWsAction {
public void handle(Request request, Response response) throws Exception {
// fail-fast if not logged in
userSession.checkLoggedIn();
- String uuid = request.param(PARAM_ID);
- String key = request.param(PARAM_KEY);
+ String uuid = request.param(PARAM_PROJECT_ID);
+ String key = request.param(PARAM_PROJECT);
try (DbSession dbSession = dbClient.openSession(false)) {
- ComponentDto project = componentFinder.getByUuidOrKey(dbSession, uuid, key, ID_AND_KEY);
+ ComponentDto project = componentFinder.getByUuidOrKey(dbSession, uuid, key, PROJECT_ID_AND_PROJECT);
checkPermission(project);
componentCleanerService.delete(dbSession, project);
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java
index fb1a9b7eaa1..917a73ab2f1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java
@@ -48,7 +48,7 @@ import static org.sonarqube.ws.client.project.ProjectsWsParameters.ACTION_INDEX;
*/
public class IndexAction implements ProjectsWsAction {
- private static final String PARAM_KEY = "key";
+ private static final String PARAM_PROJECT = "project";
private static final String PARAM_SEARCH = "search";
private static final String PARAM_SUB_PROJECTS = "subprojects";
private static final String PARAM_FORMAT = "format";
@@ -69,9 +69,12 @@ public class IndexAction implements ProjectsWsAction {
.setDeprecatedSince("6.3")
.setHandler(this)
.setResponseExample(Resources.getResource(this.getClass(), "index-example.json"));
- action.createParam(PARAM_KEY)
- .setDescription("key or id of the project")
+
+ action.createParam(PARAM_PROJECT)
+ .setDescription("key or ID of the project")
+ .setDeprecatedKey("key", "6.4")
.setExampleValue(KEY_PROJECT_EXAMPLE_001);
+
action.createParam(PARAM_SEARCH)
.setDescription("Substring of project name, case insensitive. Ignored if the parameter key is set")
.setExampleValue("Sonar");
@@ -79,9 +82,11 @@ public class IndexAction implements ProjectsWsAction {
.setDescription("Load sub-projects. Ignored if the parameter key is set")
.setDefaultValue("false")
.setBooleanPossibleValues();
+
action.createParam(PARAM_FORMAT)
.setDescription("Only json response format is available")
.setPossibleValues("json");
+
addRemovedParameter("desc", action);
addRemovedParameter("views", action);
addRemovedParameter("libs", action);
@@ -112,7 +117,7 @@ public class IndexAction implements ProjectsWsAction {
}
private List<ComponentDto> searchComponents(DbSession dbSession, Request request) {
- String projectKey = request.param(PARAM_KEY);
+ String projectKey = request.param(PARAM_PROJECT);
List<ComponentDto> projects = new ArrayList<>();
if (projectKey != null) {
getProjectByKeyOrId(dbSession, projectKey).ifPresent(projects::add);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
index 9b963650094..ec202da02bb 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
@@ -43,9 +43,9 @@ import static org.mockito.Matchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.server.project.ws.DeleteAction.PARAM_ID;
-import static org.sonar.server.project.ws.DeleteAction.PARAM_KEY;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.CONTROLLER;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
public class DeleteActionTest {
@@ -82,7 +82,7 @@ public class DeleteActionTest {
ComponentDto project = componentDbTester.insertProject();
userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
- WsTester.TestRequest request = newRequest().setParam(PARAM_ID, project.uuid());
+ WsTester.TestRequest request = newRequest().setParam(PARAM_PROJECT_ID, project.uuid());
call(request);
assertThat(verifyDeletedKey()).isEqualTo(project.key());
@@ -93,7 +93,7 @@ public class DeleteActionTest {
ComponentDto project = componentDbTester.insertProject();
userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
- call(newRequest().setParam(PARAM_KEY, project.key()));
+ call(newRequest().setParam(PARAM_PROJECT, project.key()));
assertThat(verifyDeletedKey()).isEqualTo(project.key());
}
@@ -109,7 +109,7 @@ public class DeleteActionTest {
ComponentDto project = componentDbTester.insertProject();
userSessionRule.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
- call(newRequest().setParam(PARAM_ID, project.uuid()));
+ call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
assertThat(verifyDeletedKey()).isEqualTo(project.key());
}
@@ -119,7 +119,7 @@ public class DeleteActionTest {
ComponentDto project = componentDbTester.insertProject();
userSessionRule.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
- call(newRequest().setParam(PARAM_KEY, project.key()));
+ call(newRequest().setParam(PARAM_PROJECT, project.key()));
assertThat(verifyDeletedKey()).isEqualTo(project.key());
}
@@ -131,7 +131,7 @@ public class DeleteActionTest {
userSessionRule.logIn().addProjectUuidPermissions(project.uuid(), UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.USER);
expectedException.expect(ForbiddenException.class);
- call(newRequest().setParam(PARAM_ID, project.uuid()));
+ call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
}
@Test
@@ -141,7 +141,7 @@ public class DeleteActionTest {
userSessionRule.anonymous();
expectedException.expect(UnauthorizedException.class);
- call(newRequest().setParam(PARAM_ID, project.uuid()));
+ call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
}
private WsTester.TestRequest newRequest() {
diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java
index 616ed5814f3..713618cbdba 100644
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java
@@ -27,6 +27,7 @@ public class ProjectsWsParameters {
public static final String ACTION_INDEX = "index";
public static final String PARAM_PROJECT = "project";
+ public static final String PARAM_PROJECT_ID = "projectId";
public static final String PARAM_NAME = "name";
public static final String PARAM_BRANCH = "branch";