Merge remote-tracking branch 'origin/branch-4.5'

Conflicts:
	plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java
	sonar-application/src/main/assembly/conf/sonar.properties
	sonar-application/src/test/java/org/sonar/application/JdbcSettingsTest.java
	sonar-core/src/main/java/org/sonar/core/persistence/DatabaseVersion.java
	sonar-core/src/main/resources/org/sonar/core/persistence/rows-h2.sql

7 files changed, 101 insertions, 48 deletions

diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/components_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/components_controller.rb
index a080bc1881d..410d59f601f 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/components_controller.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/api/components_controller.rb
@@ -27,9 +27,13 @@ class Api::ComponentsController < Api::ApiController
     search = params[:s]
     bad_request("Minimum search is #{ResourceIndex::MIN_SEARCH_SIZE} characters") if search.empty? || search.to_s.size<ResourceIndex::MIN_SEARCH_SIZE
 
+    # SONAR-5198 Escape '_' on Oracle and MsSQL
+    dialect = java_facade.getDatabase().getDialect().getId()
+    additional_escape = dialect == 'oracle' || dialect == 'mssql' ? "ESCAPE '\\'" : ''
+
     key = escape_like(search).downcase
     results = ResourceIndex.all(:select => 'distinct(resource_id),root_project_id,qualifier,name_size', # optimization to not load unused columns like 'kee'
-                                :conditions => ['kee like ?', key + '%'],
+                                :conditions => ['kee like ? ' + additional_escape, key + '%'],
                                 :order => 'name_size')
 
     results = select_authorized(:user, results)
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/issues_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/issues_controller.rb
index 9f1be3c76b2..887e8e63797 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/issues_controller.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/issues_controller.rb
@@ -170,7 +170,7 @@ class IssuesController < ApplicationController
     new_params = params.clone
     new_params.delete('controller')
     new_params.delete('action')
-    translate_unassigned(new_params)
+    new_params
   end
 
   def init_params
@@ -181,16 +181,6 @@ class IssuesController < ApplicationController
     Internal.issues.sanitizeFilterQuery(params).to_hash
   end
 
-  def translate_unassigned(issues_query_params)
-    if issues_query_params.has_key?(:assignees) && issues_query_params[:assignees] == '<unassigned>'
-      issues_query_params.delete(:assignees)
-      issues_query_params[:assigned] = false
-    else
-      issues_query_params[:assigned] = nil
-    end
-    issues_query_params
-  end
-
   def issues_query_params_from_filter(filter)
     Internal.issues.deserializeFilterQuery(filter).to_hash
   end
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/profiles_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/profiles_controller.rb
index b6a5ba9f4e2..6956a1287eb 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/profiles_controller.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/profiles_controller.rb
@@ -71,10 +71,9 @@ class ProfilesController < ApplicationController
         end
       end
       profile_name = Java::OrgSonarServerQualityprofile::QProfileName.new(params[:language], params[:name])
-      Internal.qprofile_service.create(profile_name)
-      # TODO use files_by_key
-      #flash[:notice] = message('quality_profiles.profile_x_created', :params => result.profile.name)
-      #flash_result(result)
+      result = Internal.qprofile_service.create(profile_name, files_by_key)
+      flash[:notice] = message('quality_profiles.profile_x_created', :params => result.profile().getName())
+      flash_result(result)
     end
     redirect_to :action => 'index'
   end
@@ -530,7 +529,7 @@ class ProfilesController < ApplicationController
   def flash_result(result)
     # only 4 messages are kept each time to avoid cookie overflow.
     unless result.infos.empty?
-      flash[:notice] += result.infos.to_a[0...4].join('<br/>')
+      flash[:notice] += '<br/>' + result.infos.to_a[0...4].join('<br/>')
     end
     unless result.warnings.empty?
       flash[:warning] = result.warnings.to_a[0...4].join('<br/>')
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/profiles/_create_form.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/profiles/_create_form.html.erb
index 328e2af6add..a003c054478 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/profiles/_create_form.html.erb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/profiles/_create_form.html.erb
@@ -1,6 +1,6 @@
 <%
    language = controller.java_facade.getLanguages().find { |l| l.getKey()==language_key }
-   importers = Internal.component(Java::OrgSonarServerQualityprofile::QProfileRepositoryExporter.java_class).getProfileImportersForLanguage(language_key)
+   importers = Internal.component(Java::OrgSonarServerQualityprofile::QProfileExporters.java_class).findProfileImportersForLanguage(language_key)
 %>
 <form id="create-profile-form" action="profiles/create" enctype="multipart/form-data" method="POST">
   <fieldset>
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/config/environment.rb b/server/sonar-web/src/main/webapp/WEB-INF/config/environment.rb
index 81f897e66a3..62d3e809416 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/config/environment.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/config/environment.rb
@@ -261,3 +261,9 @@ DatabaseVersion.automatic_setup
 # All these changes are prefixed by the comment #sonar
 #
 #
+
+# Increase size of form parameters
+# See http://jira.codehaus.org/browse/SONAR-5577
+Rack::Utils.key_space_limit = 262144 # 4 times the default size
+
+
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/602_remove_duplication_in_group_roles.rb b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/602_remove_duplication_in_group_roles.rb
new file mode 100644
index 00000000000..168fa378ebb
--- /dev/null
+++ b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/602_remove_duplication_in_group_roles.rb
@@ -0,0 +1,44 @@
+#
+# SonarQube, open source software quality management tool.
+# Copyright (C) 2008-2014 SonarSource
+# mailto:contact AT sonarsource DOT com
+#
+# SonarQube is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 3 of the License, or (at your option) any later version.
+#
+# SonarQube is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+#
+
+#
+# SonarQube 4.5
+# SONAR-4950 Unique constraint cannot be created because it would be on resource_id that is nullable
+#
+class RemoveDuplicationInGroupRoles < ActiveRecord::Migration
+
+  class GroupRole < ActiveRecord::Base
+  end
+
+  def self.up
+    GroupRole.reset_column_information
+
+    duplicated_ids = ActiveRecord::Base.connection.select_rows('select group_id,resource_id,role from group_roles group by group_id,resource_id,role having count(*) > 1')
+    say_with_time "Remove #{duplicated_ids.size} duplicated group roles" do
+      duplicated_ids.each do |fields|
+        rows = GroupRole.find(:all, :conditions => {:group_id => fields[0], :resource_id => fields[1], :role => fields[2]})
+        # delete all rows except the last one
+        rows[0...-1].each do |row|
+          GroupRole.delete(row.id)
+        end
+      end
+    end
+  end
+end
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/lib/need_authentication.rb b/server/sonar-web/src/main/webapp/WEB-INF/lib/need_authentication.rb
index 400ccbad2f1..61b266fc66d 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/lib/need_authentication.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/lib/need_authentication.rb
@@ -64,6 +64,10 @@ class PluginRealm
     result = nil
     if !username.blank? && !password.blank?
       user = User.find_active_by_login(username)
+      # SONAR-4950 Use a transaction to prevent multiple insertion of same groups
+      User.transaction do
+        user.save(false)
+      end
       result = user if user && user.authenticated?(password)
     end
     result
@@ -117,40 +121,46 @@ class PluginRealm
   def synchronize(username, password, details)
     username=details.getName() if username.blank? && details
     user = User.find_by_login(username)
-    if !user
-      # No such user in Sonar database
-      return nil if !Api::Utils.java_facade.getSettings().getBoolean('sonar.authenticator.createUsers')
-      # Automatically create a user in the sonar db if authentication has been successfully done
-      user = User.new(:login => username, :name => username, :email => '')
-      if details
-        user.name = details.getName()
-        user.email = details.getEmail()
-      end
-      default_group_name = Api::Utils.java_facade.getSettings().getString('sonar.defaultGroup')
-      default_group = Group.find_by_name(default_group_name)
-      if default_group
-        user.groups << default_group
+
+    # SONAR-4950 Use a transaction to prevent multiple insertion of same groups
+    User.transaction do
+      if !user
+        # No such user in Sonar database
+        return nil if !Api::Utils.java_facade.getSettings().getBoolean('sonar.authenticator.createUsers')
+        # Automatically create a user in the sonar db if authentication has been successfully done
+        user = User.new(:login => username, :name => username, :email => '')
+        if details
+          user.name = details.getName()
+          user.email = details.getEmail()
+        end
+        default_group_name = Api::Utils.java_facade.getSettings().getString('sonar.defaultGroup')
+        default_group = Group.find_by_name(default_group_name)
+        if default_group
+          user.groups << default_group
+        else
+          Rails.logger.error("The default user group does not exist: #{default_group_name}. Please check the parameter 'Default user group' in general settings.")
+        end
       else
-        Rails.logger.error("The default user group does not exist: #{default_group_name}. Please check the parameter 'Default user group' in general settings.")
+        # Existing user
+        if details && Api::Utils.java_facade.getSettings().getBoolean('sonar.security.updateUserAttributes')
+          user.name = details.getName()
+          user.email = details.getEmail()
+        end
       end
-    else
-      # Existing user
-      if details && Api::Utils.java_facade.getSettings().getBoolean('sonar.security.updateUserAttributes')
-        user.name = details.getName()
-        user.email = details.getEmail()
+      if @save_password
+        user.password = password
+        user.password_confirmation = password
       end
+
+      # A user that is synchronized with an external system is always set to 'active' (see SONAR-3258 for the deactivation concept)
+      user.active=true
+      # Note that validation disabled
+      user.save(false)
+
+      synchronize_groups(user)
+      user.notify_creation_handlers
+      user
     end
-    if @save_password
-      user.password = password
-      user.password_confirmation = password
-    end
-    synchronize_groups(user)
-    # A user that is synchronized with an external system is always set to 'active' (see SONAR-3258 for the deactivation concept)
-    user.active=true
-    # Note that validation disabled
-    user.save(false)
-    user.notify_creation_handlers
-    user
   end
 
   def synchronize_groups(user)