SONAR-15881 Filter unauthorized portfolio projects

author: Jacek <jacek.poreda@sonarsource.com> 2022-01-13 10:05:41 +0100
committer: sonartech <sonartech@sonarsource.com> 2022-01-20 20:02:44 +0000
commit: ba3f291e93f36f55ea22a60a47d229e0a60c4ea5 (patch)
tree: 791154d311f5b8c114349ff1256833c063b09f72
parent: 90a5b893f38dba0cea390bb44d18e334c53fa114 (diff)
download: sonarqube-ba3f291e93f36f55ea22a60a47d229e0a60c4ea5.tar.gz
sonarqube-ba3f291e93f36f55ea22a60a47d229e0a60c4ea5.zip
9 files changed, 56 insertions, 168 deletions
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java
index 61baa640090..29914eb211f 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java
@@ -174,15 +174,6 @@ public abstract class AbstractUserSession implements UserSession {
     return doKeepAuthorizedProjects(permission, projects);
   }
 
-  @Override
-  public List<ComponentDto> filterAuthorizedComponents(String permission, Collection<ComponentDto> components) {
-    if (isRoot()) {
-      return new ArrayList<>(components);
-    }
-
-    return doFilterAuthorizedComponents(permission, components);
-  }
-
   /**
    * Naive implementation, to be overridden if needed
    */
@@ -203,15 +194,6 @@ public abstract class AbstractUserSession implements UserSession {
       .collect(MoreCollectors.toList());
   }
 
-  /**
-   * Naive implementation, to be overridden if needed
-   */
-  protected List<ComponentDto> doFilterAuthorizedComponents(String permission, Collection<ComponentDto> components) {
-    return components.stream()
-      .filter(c -> (PUBLIC_PERMISSIONS.contains(permission) && !c.isPrivate()) || hasComponentPermission(permission, c))
-      .collect(MoreCollectors.toList());
-  }
-
   @Override
   public UserSession checkIsRoot() {
     if (!isRoot()) {
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
index c6115691643..78eb7e95344 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
@@ -26,6 +26,7 @@ import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
 import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -297,24 +298,40 @@ public class ServerUserSession extends AbstractUserSession {
       Set<String> projectUuids = components.stream()
         .map(c -> defaultIfEmpty(c.getMainBranchProjectUuid(), c.projectUuid()))
         .collect(MoreCollectors.toSet(components.size()));
-      Set<String> authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, projectUuids, getUuid(), permission);
+
+      Map<String, ComponentDto> originalComponents = findComponentsByCopyComponentUuid(components,
+          dbSession);
+
+      Set<String> originalComponentsProjectUuids = originalComponents.values().stream()
+          .map(c -> defaultIfEmpty(c.getMainBranchProjectUuid(), c.projectUuid()))
+          .collect(MoreCollectors.toSet(components.size()));
+
+      Set<String> allProjectUuids = new HashSet<>(projectUuids);
+      allProjectUuids.addAll(originalComponentsProjectUuids);
+
+      Set<String> authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, allProjectUuids, getUuid(), permission);
 
       return components.stream()
-        .filter(c -> authorizedProjectUuids.contains(c.projectUuid()) || authorizedProjectUuids.contains(c.getMainBranchProjectUuid()))
+        .filter(c -> {
+          if (c.getCopyComponentUuid() != null) {
+            var componentDto = originalComponents.get(c.getCopyComponentUuid());
+            return componentDto != null && authorizedProjectUuids.contains(defaultIfEmpty(componentDto.getMainBranchProjectUuid(), componentDto.projectUuid()));
+          }
+
+          return authorizedProjectUuids.contains(c.projectUuid()) || authorizedProjectUuids.contains(
+              c.getMainBranchProjectUuid());
+        })
         .collect(MoreCollectors.toList(components.size()));
     }
   }
 
-  @Override
-  protected List<ComponentDto> doFilterAuthorizedComponents(String permission, Collection<ComponentDto> components) {
-    if (permissionsByProjectUuid == null) {
-      permissionsByProjectUuid = new HashMap<>();
-    }
-
-    return components
-      .stream()
-      .filter(x -> hasPermission(permission, defaultIfEmpty(x.getCopyComponentUuid(), x.uuid())))
-      .collect(Collectors.toList());
+  private Map<String, ComponentDto> findComponentsByCopyComponentUuid(Collection<ComponentDto> components, DbSession dbSession) {
+    Set<String> copyComponentsUuid = components.stream()
+        .map(ComponentDto::getCopyComponentUuid)
+        .filter(Objects::nonNull)
+        .collect(MoreCollectors.toSet(components.size()));
+    return dbClient.componentDao().selectByUuids(dbSession, copyComponentsUuid).stream()
+        .collect(Collectors.toMap(ComponentDto::uuid, componentDto -> componentDto));
   }
 
   @Override
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
index bc613ae6332..35da6b16266 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
@@ -218,8 +218,4 @@ public class ThreadLocalUserSession implements UserSession {
     return get().keepAuthorizedProjects(permission, projects);
   }
 
-  @Override
-  public List<ComponentDto> filterAuthorizedComponents(String permission, Collection<ComponentDto> components) {
-    return get().filterAuthorizedComponents(permission, components);
-  }
 }
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
index e2d77c8d8d2..5350e578539 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
@@ -224,8 +224,6 @@ public interface UserSession {
 
   List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects);
 
-  List<ComponentDto> filterAuthorizedComponents(String permission, Collection<ComponentDto> components);
-
   /**
    * Ensures that {@link #hasComponentPermission(String, ComponentDto)} is {@code true},
    * otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}.
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
index 7c53df2434d..2c556e25f7b 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
@@ -20,6 +20,7 @@
 package org.sonar.server.user;
 
 import java.util.Arrays;
+import java.util.List;
 import javax.annotation.Nullable;
 import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
 import org.junit.Rule;
@@ -693,19 +694,6 @@ public class ServerUserSessionTest {
   }
 
   @Test
-  public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_logged_in_user() {
-    UserDto user = db.users().insertUser();
-    ComponentDto publicProject = db.components().insertPublicProject();
-    ComponentDto privateProject = db.components().insertPrivateProject();
-    db.users().insertProjectPermissionOnUser(user, ADMIN, privateProject);
-
-    UserSession underTest = newUserSession(user);
-
-    assertThat(underTest.keepAuthorizedComponents(ISSUE_ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty();
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).containsExactly(privateProject);
-  }
-
-  @Test
   public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_anonymous() {
     ComponentDto publicProject = db.components().insertPublicProject();
     ComponentDto privateProject = db.components().insertPrivateProject();
@@ -718,19 +706,6 @@ public class ServerUserSessionTest {
   }
 
   @Test
-  public void keepAuthorizedComponents_returns_all_specified_components_if_root() {
-    UserDto root = db.users().insertUser();
-    root = db.users().makeRoot(root);
-    ComponentDto publicProject = db.components().insertPublicProject();
-    ComponentDto privateProject = db.components().insertPrivateProject();
-
-    UserSession underTest = newUserSession(root);
-
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject)))
-      .containsExactly(privateProject, publicProject);
-  }
-
-  @Test
   public void keepAuthorizedComponents_on_branches() {
     UserDto user = db.users().insertUser();
     ComponentDto privateProject = db.components().insertPrivateProject();
@@ -744,17 +719,7 @@ public class ServerUserSessionTest {
   }
 
   @Test
-  public void filterAuthorizedComponents_returns_empty_list_if_no_permissions_are_granted() {
-    ComponentDto publicProject = db.components().insertPublicProject();
-    ComponentDto privateProject = db.components().insertPrivateProject();
-
-    UserSession underTest = newAnonymousSession();
-
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty();
-  }
-
-  @Test
-  public void filterAuthorizedComponents_filters_components_with_granted_permissions_for_logged_in_user() {
+  public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_logged_in_user() {
     ComponentDto project1 = db.components().insertPublicProject();
     ComponentDto project2 = db.components().insertPrivateProject();
     ComponentDto project3 = db.components().insertPrivateProject();
@@ -778,49 +743,49 @@ public class ServerUserSessionTest {
 
     // Add public project1 to private portfolio
     db.components().addPortfolioProject(portfolio, project1);
-    db.components().insertComponent(newProjectCopy(project1, portfolio));
+    var copyProject1 = db.components().insertComponent(newProjectCopy(project1, portfolio));
 
     // Add private project2 with USER permissions to private portfolio
     db.users().insertProjectPermissionOnUser(user, USER, project2);
     db.components().addPortfolioProject(portfolio, project2);
-    db.components().insertComponent(newProjectCopy(project2, portfolio));
+    var copyProject2 = db.components().insertComponent(newProjectCopy(project2, portfolio));
 
     // Add private project4 with USER permissions to sub-portfolio
     db.users().insertProjectPermissionOnUser(user, USER, project4);
     db.components().addPortfolioProject(subPortfolio, project4);
-    db.components().insertComponent(newProjectCopy(project4, subPortfolio));
+    var copyProject4 = db.components().insertComponent(newProjectCopy(project4, subPortfolio));
     db.components().addPortfolioReference(portfolio, subPortfolio.uuid());
 
     // Add private project3 without permissions to private portfolio
     db.components().addPortfolioProject(portfolio, project3);
-    db.components().insertComponent(newProjectCopy(project3, portfolio));
+    var copyProject3 = db.components().insertComponent(newProjectCopy(project3, portfolio));
 
     // Add private project5 with USER permissions to app
     db.users().insertProjectPermissionOnUser(user, USER, project5);
     db.components().addApplicationProject(app, project5);
-    db.components().insertComponent(newProjectCopy(project5, app));
+    var copyProject5 = db.components().insertComponent(newProjectCopy(project5, app));
     db.components().addPortfolioReference(portfolio, app.uuid());
 
     // Add private project6 to private app2
     db.components().addApplicationProject(app2, project6);
-    db.components().insertComponent(newProjectCopy(project6, app2));
+    var copyProject6 = db.components().insertComponent(newProjectCopy(project6, app2));
     db.components().addPortfolioReference(portfolio, app2.uuid());
 
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(portfolio))).isEmpty();
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(portfolio))).hasSize(1);
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(portfolio))).containsExactly(portfolio);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, List.of(portfolio))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(USER, List.of(portfolio))).containsExactly(portfolio);
 
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty();
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).hasSize(2);
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio);
 
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty();
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).hasSize(4);
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5);
+
+    assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(copyProject1, copyProject2, copyProject3, copyProject4, copyProject5, copyProject6)))
+        .containsExactly(copyProject1, copyProject2, copyProject4, copyProject5);
   }
 
   @Test
-  public void filterAuthorizedComponents_returns_all_specified_components_if_root() {
+  public void keepAuthorizedComponents_returns_all_specified_components_if_root() {
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
     UserSession underTest = newUserSession(root);
@@ -867,76 +832,14 @@ public class ServerUserSessionTest {
     db.components().insertComponent(newProjectCopy(project6, app2));
     db.components().addPortfolioReference(portfolio, app2.uuid());
 
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(portfolio))).hasSize(1);
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(portfolio))).containsExactly(portfolio);
-
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).hasSize(3);
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio, app2);
-
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).hasSize(6);
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project3, project4, project5, project6);
-  }
-
-  @Test
-  public void filterAuthorizedComponents_filters_components_with_granted_permissions_for_anonymous() {
-    UserSession underTest = newAnonymousSession();
-
-    ComponentDto project1 = db.components().insertPublicProject();
-    ComponentDto project2 = db.components().insertPrivateProject();
-    ComponentDto project3 = db.components().insertPrivateProject();
-    ComponentDto project4 = db.components().insertPrivateProject();
-    ComponentDto project5 = db.components().insertPrivateProject();
-    ComponentDto project6 = db.components().insertPrivateProject();
-
-    ComponentDto portfolio = db.components().insertPublicPortfolio();
-    db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, portfolio);
-
-    ComponentDto subPortfolio = db.components().insertComponent(newSubPortfolio(portfolio));
-    db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, subPortfolio);
-
-    ComponentDto app = db.components().insertPrivateApplication();
-
-    ComponentDto app2 = db.components().insertPublicApplication();
-    db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, app2);
-
-    // Add public project1 to portfolio
-    db.components().addPortfolioProject(portfolio, project1);
-    db.components().insertComponent(newProjectCopy(project1, portfolio));
-    db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, project1);
-
-    // Add private project2 to portfolio
-    db.components().addPortfolioProject(portfolio, project2);
-    db.components().insertComponent(newProjectCopy(project2, portfolio));
-
-    // Add private project4 to sub-portfolio
-    db.components().addPortfolioProject(subPortfolio, project4);
-    db.components().insertComponent(newProjectCopy(project4, subPortfolio));
-    db.components().addPortfolioReference(portfolio, subPortfolio.uuid());
-
-    // Add private project3 to portfolio
-    db.components().addPortfolioProject(portfolio, project3);
-    db.components().insertComponent(newProjectCopy(project3, portfolio));
-
-    // Add private project5 to app
-    db.components().addApplicationProject(app, project5);
-    db.components().insertComponent(newProjectCopy(project5, app));
-    db.components().addPortfolioReference(portfolio, app.uuid());
-
-    // Add private project6 to app2
-    db.components().addApplicationProject(app2, project6);
-    db.components().insertComponent(newProjectCopy(project6, app2));
-    db.components().addPortfolioReference(portfolio, app2.uuid());
-
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(portfolio))).isEmpty();
-    assertThat(underTest.filterAuthorizedComponents(ISSUE_ADMIN, Arrays.asList(portfolio))).hasSize(1);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(portfolio))).hasSize(1);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(portfolio))).containsExactly(portfolio);
 
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty();
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).hasSize(2);
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(subPortfolio, app2);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).hasSize(3);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio, app2);
 
-    assertThat(underTest.filterAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty();
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).hasSize(1);
-    assertThat(underTest.filterAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).hasSize(6);
+    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project3, project4, project5, project6);
   }
 
   @Test
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
index 9fdc9d6ae4e..6046ae0bc40 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
@@ -75,7 +75,6 @@ public class ThreadLocalUserSessionTest {
     assertThat(threadLocalUserSession.hasChildProjectsPermission(USER, new ProjectDto())).isFalse();
     assertThat(threadLocalUserSession.hasPortfolioChildProjectsPermission(USER, new ComponentDto())).isFalse();
     assertThat(threadLocalUserSession.hasProjectPermission(USER, new ProjectDto().getUuid())).isFalse();
-    assertThat(threadLocalUserSession.filterAuthorizedComponents(USER, Arrays.asList(new ComponentDto().setPrivate(true)))).isEmpty();
   }
 
   @Test
@@ -101,8 +100,6 @@ public class ThreadLocalUserSessionTest {
     assertThat(threadLocalUserSession.hasChildProjectsPermission(USER, new ProjectDto())).isTrue();
     assertThat(threadLocalUserSession.hasPortfolioChildProjectsPermission(USER, new ComponentDto())).isTrue();
     assertThat(threadLocalUserSession.hasProjectPermission(USER, new ProjectDto().getUuid())).isTrue();
-    assertThat(threadLocalUserSession.filterAuthorizedComponents(USER, Arrays.asList(new ComponentDto().setPrivate(true)))).hasSize(1);
-    assertThat(threadLocalUserSession.filterAuthorizedComponents(USER, Arrays.asList(new ComponentDto().setPrivate(true)))).containsExactly(new ComponentDto());
   }
 
   @Test
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
index c6ae4eec214..c762d013731 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
@@ -297,11 +297,6 @@ public class UserSessionRule implements TestRule, UserSession {
   }
 
   @Override
-  public List<ComponentDto> filterAuthorizedComponents(String permission, Collection<ComponentDto> components) {
-    return currentUserSession.filterAuthorizedComponents(permission, components);
-  }
-
-  @Override
   @CheckForNull
   public String getLogin() {
     return currentUserSession.getLogin();
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/component/ws/TreeAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/component/ws/TreeAction.java
index 357bafe70ae..21f58288941 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/component/ws/TreeAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/component/ws/TreeAction.java
@@ -191,7 +191,7 @@ public class TreeAction implements ComponentsWsAction {
   }
 
   private List<ComponentDto> filterAuthorizedComponents(List<ComponentDto> components) {
-    return userSession.filterAuthorizedComponents(UserRole.USER, components);
+    return userSession.keepAuthorizedComponents(UserRole.USER, components);
   }
 
   private ComponentDto loadComponent(DbSession dbSession, Request request) {
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java
index c6fc0f6501f..8b1dc32a8a7 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java
@@ -106,8 +106,8 @@ import static org.sonar.server.measure.ws.SnapshotDtoToWsPeriod.snapshotToWsPeri
 import static org.sonar.server.ws.KeyExamples.KEY_BRANCH_EXAMPLE_001;
 import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
 import static org.sonar.server.ws.KeyExamples.KEY_PULL_REQUEST_EXAMPLE_001;
-import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
 import static org.sonar.server.ws.WsParameterBuilder.createQualifiersParameter;
+import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
 import static org.sonar.server.ws.WsUtils.writeProtobuf;
 
 /**
@@ -576,7 +576,7 @@ public class ComponentTreeAction implements MeasuresWsAction {
   }
 
   private List<ComponentDto> filterAuthorizedComponents(List<ComponentDto> components) {
-    return userSession.filterAuthorizedComponents(UserRole.USER, components);
+    return userSession.keepAuthorizedComponents(UserRole.USER, components);
   }
 
   private static boolean componentWithMeasuresOnly(ComponentTreeRequest wsRequest) {
author	Jacek <jacek.poreda@sonarsource.com>	2022-01-13 10:05:41 +0100
committer	sonartech <sonartech@sonarsource.com>	2022-01-20 20:02:44 +0000
commit	ba3f291e93f36f55ea22a60a47d229e0a60c4ea5 (patch)
tree	791154d311f5b8c114349ff1256833c063b09f72
parent	90a5b893f38dba0cea390bb44d18e334c53fa114 (diff)
download	sonarqube-ba3f291e93f36f55ea22a60a47d229e0a60c4ea5.tar.gz sonarqube-ba3f291e93f36f55ea22a60a47d229e0a60c4ea5.zip