SONAR-10945 Prevent access qgates and rules to none members of paid organization

* Add membership check for paid organization in api/qualitygates ws
* Add membership check for paid organization in api/rules ws
* Move membership check in UserSession
* Use UserSession#checkMemebership in QGates and Rules ws

1 files changed, 13 insertions, 2 deletions

diff --git a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
index 1d3126a4232..4dee6ad79fe 100644
--- a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
+++ b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
@@ -23,8 +23,8 @@ import java.util.Collection;
 import java.util.List;
 import org.sonar.db.component.ComponentDto;
 import org.sonar.db.organization.OrganizationDto;
-import org.sonar.db.user.GroupDto;
 import org.sonar.db.permission.OrganizationPermission;
+import org.sonar.db.user.GroupDto;
 import org.sonar.server.user.UserSession;
 
 /**
@@ -42,7 +42,8 @@ public class CeUserSession implements UserSession {
     throw notImplemented();
   }
 
-  @Override public String getUuid() {
+  @Override
+  public String getUuid() {
     throw notImplemented();
   }
 
@@ -136,6 +137,16 @@ public class CeUserSession implements UserSession {
     throw notImplemented();
   }
 
+  @Override
+  public boolean hasMembership(OrganizationDto organization) {
+    throw notImplemented();
+  }
+
+  @Override
+  public UserSession checkMembership(OrganizationDto organization) {
+    throw notImplemented();
+  }
+
   private static RuntimeException notImplemented() {
     throw new UnsupportedOperationException(UOE_MESSAGE);
   }