aboutsummaryrefslogtreecommitdiffstats
path: root/server
diff options
context:
space:
mode:
authorSébastien Lesaint <sebastien.lesaint@sonarsource.com>2016-01-11 12:51:26 +0100
committerSébastien Lesaint <sebastien.lesaint@sonarsource.com>2016-01-13 18:06:35 +0100
commit2b881f44742dbb0ff5b8f651f81ced85e2bebed1 (patch)
tree08d033d549a84b9529bef48a8bec003a72c8a550 /server
parentc767a191af48e919aa5bcb40e80e15ae80a47595 (diff)
downloadsonarqube-2b881f44742dbb0ff5b8f651f81ced85e2bebed1.tar.gz
sonarqube-2b881f44742dbb0ff5b8f651f81ced85e2bebed1.zip
SONAR-6283 add global permission gatesadmin and use it
Diffstat (limited to 'server')
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java4
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CopyAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeleteConditionAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeselectAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DestroyAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SetAsDefaultAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UnsetDefaultAction.java2
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java2
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java2
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java9
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/qualitygate/QualityGatesTest.java2
-rw-r--r--server/sonar-server/src/test/resources/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest/search_global_permissions-example.json11
-rw-r--r--server/sonar-server/src/test/resources/org/sonar/server/user/ws/CurrentActionTest/authenticated.json2
-rw-r--r--server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_controller.rb2
-rw-r--r--server/sonar-web/test/json/permissions/global-permissions.json11
-rw-r--r--server/sonar-web/test/json/quality-profiles/user-admin.json1
20 files changed, 43 insertions, 23 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
index 1d22c590f5e..91d69f7a494 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
@@ -361,12 +361,12 @@ public class QualityGates {
}
private void checkPermission() {
- userSession.checkPermission(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSession.checkPermission(GlobalPermissions.QUALITY_GATE_ADMIN);
}
private void checkPermission(Long projectId, DbSession session) {
ComponentDto project = componentDao.selectOrFailById(session, projectId);
- if (!userSession.hasPermission(GlobalPermissions.QUALITY_PROFILE_ADMIN) && !userSession.hasComponentPermission(UserRole.ADMIN, project.key())) {
+ if (!userSession.hasPermission(GlobalPermissions.QUALITY_GATE_ADMIN) && !userSession.hasComponentPermission(UserRole.ADMIN, project.key())) {
throw new ForbiddenException("Insufficient privileges");
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CopyAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CopyAction.java
index 8e7c8dc7516..a18f1bb8b69 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CopyAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CopyAction.java
@@ -37,7 +37,7 @@ public class CopyAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("copy")
- .setDescription("Copy a Quality Gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Copy a Quality Gate. Require Administer Quality Gates permission")
.setPost(true)
.setSince("4.3")
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
index 53be51684d3..0413a9d8bea 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
@@ -37,7 +37,7 @@ public class CreateAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("create")
- .setDescription("Create a Quality Gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Create a Quality Gate. Require Administer Quality Gates permission")
.setSince("4.3")
.setPost(true)
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
index 1fcc97c332a..fc77616ba0b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
@@ -35,7 +35,7 @@ public class CreateConditionAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction createCondition = controller.createAction("create_condition")
- .setDescription("Add a new condition to a quality gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Add a new condition to a quality gate. Require Administer Quality Gates permission")
.setPost(true)
.setSince("4.3")
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeleteConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeleteConditionAction.java
index 77f9f8483a1..ac01a7868b8 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeleteConditionAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeleteConditionAction.java
@@ -35,7 +35,7 @@ public class DeleteConditionAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction createCondition = controller.createAction("delete_condition")
- .setDescription("Delete a condition from a quality gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Delete a condition from a quality gate. Require Administer Quality Gates permission")
.setPost(true)
.setSince("4.3")
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeselectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeselectAction.java
index 678562d6313..059bbd35d6f 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeselectAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DeselectAction.java
@@ -35,7 +35,7 @@ public class DeselectAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("deselect")
- .setDescription("Remove the association of a project from a quality gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Remove the association of a project from a quality gate. Require Administer Quality Gates permission")
.setPost(true)
.setSince("4.3")
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DestroyAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DestroyAction.java
index ad7f5c564cc..27c234a36d3 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DestroyAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/DestroyAction.java
@@ -35,7 +35,7 @@ public class DestroyAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("destroy")
- .setDescription("Delete a Quality Gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Delete a Quality Gate. Require Administer Quality Gates permission")
.setSince("4.3")
.setPost(true)
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java
index 61d0fe84e68..51b807fd2ab 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/RenameAction.java
@@ -37,7 +37,7 @@ public class RenameAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("rename")
- .setDescription("Rename a Quality Gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Rename a Quality Gate. Require Administer Quality Gates permission")
.setSince("4.3")
.setPost(true)
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
index f6ba613b2e7..16aea9680de 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
@@ -35,7 +35,7 @@ public class SelectAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("select")
- .setDescription("Associate a project to a quality gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Associate a project to a quality gate. Require Administer Quality Gates permission")
.setPost(true)
.setSince("4.3")
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SetAsDefaultAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SetAsDefaultAction.java
index 8b81a32aea3..276b7a1c2e9 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SetAsDefaultAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SetAsDefaultAction.java
@@ -35,7 +35,7 @@ public class SetAsDefaultAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("set_as_default")
- .setDescription("Set a quality gate as the default quality gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Set a quality gate as the default quality gate. Require Administer Quality Gates permission")
.setSince("4.3")
.setPost(true)
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UnsetDefaultAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UnsetDefaultAction.java
index 6ad1be323ee..0747a23d64b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UnsetDefaultAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UnsetDefaultAction.java
@@ -35,7 +35,7 @@ public class UnsetDefaultAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction action = controller.createAction("unset_default")
- .setDescription("Unset a quality gate as the default quality gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Unset a quality gate as the default quality gate. Require Administer Quality Gates permission")
.setSince("4.3")
.setPost(true)
.setHandler(this);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
index ec65a2321fc..16eb81dbc6d 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
@@ -35,7 +35,7 @@ public class UpdateConditionAction implements QGateWsAction {
@Override
public void define(WebService.NewController controller) {
WebService.NewAction createCondition = controller.createAction("update_condition")
- .setDescription("Update a condition attached to a quality gate. Require Administer Quality Profiles and Gates permission")
+ .setDescription("Update a condition attached to a quality gate. Require Administer Quality Gates permission")
.setPost(true)
.setSince("4.3")
.setHandler(this);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java
index a2f12996a90..61c07bb6b29 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java
@@ -117,7 +117,7 @@ public class PermissionChangeTest {
PermissionChange query = PermissionChange.buildFromParams(inconsistentParams);
thrown.expect(BadRequestException.class);
- thrown.expectMessage("Invalid global permission key invalid. Valid values are [admin, profileadmin, shareDashboard, scan, dryRunScan, provisioning]");
+ thrown.expectMessage("Invalid global permission key invalid. Valid values are [admin, profileadmin, gateadmin, shareDashboard, scan, dryRunScan, provisioning]");
query.validate();
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java
index ca17791b752..2102f5b9fcf 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java
@@ -45,6 +45,7 @@ import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING;
import static org.sonar.core.permission.GlobalPermissions.PREVIEW_EXECUTION;
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.test.JsonAssert.assertJson;
@@ -84,6 +85,8 @@ public class SearchGlobalPermissionsActionTest {
insertUserRole(newUserRoleDto(PROVISIONING, user.getId()));
insertUserRole(newUserRoleDto(QUALITY_PROFILE_ADMIN, user.getId()));
insertUserRole(newUserRoleDto(QUALITY_PROFILE_ADMIN, adminUser.getId()));
+ insertUserRole(newUserRoleDto(QUALITY_GATE_ADMIN, user.getId()));
+ insertUserRole(newUserRoleDto(QUALITY_GATE_ADMIN, adminUser.getId()));
insertUserRole(newUserRoleDto(PREVIEW_EXECUTION, adminUser.getId()));
insertUserRole(newUserRoleDto(PREVIEW_EXECUTION, user.getId()));
@@ -123,8 +126,10 @@ public class SearchGlobalPermissionsActionTest {
i18n.put("global_permissions.admin", "Administer System");
i18n.put("global_permissions.admin.desc", "Ability to perform all administration functions for the instance: " +
"global configuration and personalization of default dashboards.");
- i18n.put("global_permissions.profileadmin", "Administer Quality Profiles and Gates");
- i18n.put("global_permissions.profileadmin.desc", "Ability to perform any action on the quality profiles and gates.");
+ i18n.put("global_permissions.profileadmin", "Administer Quality Profiles");
+ i18n.put("global_permissions.profileadmin.desc", "Ability to perform any action on the quality profiles.");
+ i18n.put("global_permissions.gateadmin", "Administer Quality Gates");
+ i18n.put("global_permissions.gateadmin.desc", "Ability to perform any action on the quality gates.");
i18n.put("global_permissions.shareDashboard", "Share Dashboards And Filters");
i18n.put("global_permissions.shareDashboard.desc", "Ability to share dashboards, issue filters and measure filters.");
i18n.put("global_permissions.scan", "Execute Analysis");
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/QualityGatesTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/QualityGatesTest.java
index 59abcd57e4a..889e9dda4a4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/QualityGatesTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/QualityGatesTest.java
@@ -102,7 +102,7 @@ public class QualityGatesTest {
static final String PROJECT_KEY = "SonarQube";
- UserSession authorizedProfileAdminUserSession = new MockUserSession("gaudol").setName("Olivier").setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ UserSession authorizedProfileAdminUserSession = new MockUserSession("gaudol").setName("Olivier").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN);
UserSession authorizedProjectAdminUserSession = new MockUserSession("gaudol").setName("Olivier").addProjectPermissions(UserRole.ADMIN, PROJECT_KEY);
UserSession unauthorizedUserSession = new MockUserSession("polop").setName("Polop");
UserSession unauthenticatedUserSession = AnonymousUserSession.INSTANCE;
diff --git a/server/sonar-server/src/test/resources/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest/search_global_permissions-example.json b/server/sonar-server/src/test/resources/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest/search_global_permissions-example.json
index f51c5230f9d..3a2a854cbf7 100644
--- a/server/sonar-server/src/test/resources/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest/search_global_permissions-example.json
+++ b/server/sonar-server/src/test/resources/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest/search_global_permissions-example.json
@@ -9,8 +9,15 @@
},
{
"key": "profileadmin",
- "name": "Administer Quality Profiles and Gates",
- "description": "Ability to perform any action on the quality profiles and gates.",
+ "name": "Administer Quality Profiles",
+ "description": "Ability to perform any action on the quality profiles.",
+ "usersCount": 2,
+ "groupsCount": 0
+ },
+ {
+ "key": "gateadmin",
+ "name": "Administer Quality Gates",
+ "description": "Ability to perform any action on the quality gates.",
"usersCount": 2,
"groupsCount": 0
},
diff --git a/server/sonar-server/src/test/resources/org/sonar/server/user/ws/CurrentActionTest/authenticated.json b/server/sonar-server/src/test/resources/org/sonar/server/user/ws/CurrentActionTest/authenticated.json
index ae2de7f3f69..dbd6bd50c8f 100644
--- a/server/sonar-server/src/test/resources/org/sonar/server/user/ws/CurrentActionTest/authenticated.json
+++ b/server/sonar-server/src/test/resources/org/sonar/server/user/ws/CurrentActionTest/authenticated.json
@@ -3,6 +3,6 @@
"login": "obiwan.kenobi",
"name": "Obiwan Kenobi",
"permissions": {
- "global": ["admin", "profileadmin", "shareDashboard", "scan", "dryRunScan", "provisioning"]
+ "global": ["admin", "profileadmin", "gateadmin", "shareDashboard", "scan", "dryRunScan", "provisioning"]
}
}
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_controller.rb
index 8601e579f68..08d49de7b9c 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_controller.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/project_controller.rb
@@ -118,7 +118,7 @@ class ProjectController < ApplicationController
def qualitygate
require_parameters :id
@project_id = Api::Utils.project_id(params[:id])
- access_denied unless (is_admin?(@project_id) || has_role?(:profileadmin))
+ access_denied unless (is_admin?(@project_id) || has_role?(:gateadmin))
# Need to display breadcrumb
@project = Project.by_key(@project_id)
diff --git a/server/sonar-web/test/json/permissions/global-permissions.json b/server/sonar-web/test/json/permissions/global-permissions.json
index 3ee0d8bed14..d98935ead1c 100644
--- a/server/sonar-web/test/json/permissions/global-permissions.json
+++ b/server/sonar-web/test/json/permissions/global-permissions.json
@@ -9,8 +9,15 @@
},
{
"key": "profileadmin",
- "name": "Administer Quality Profiles and Gates",
- "description": "Ability to perform any action on the quality profiles and gates.",
+ "name": "Administer Quality Profiles",
+ "description": "Ability to perform any action on the quality profiles.",
+ "usersCount": 1,
+ "groupsCount": 0
+ },
+ {
+ "key": "gateadmin",
+ "name": "Administer Quality Gates",
+ "description": "Ability to perform any action on the quality gates.",
"usersCount": 1,
"groupsCount": 0
},
diff --git a/server/sonar-web/test/json/quality-profiles/user-admin.json b/server/sonar-web/test/json/quality-profiles/user-admin.json
index d0d8417406f..0c189780380 100644
--- a/server/sonar-web/test/json/quality-profiles/user-admin.json
+++ b/server/sonar-web/test/json/quality-profiles/user-admin.json
@@ -9,6 +9,7 @@
"shareDashboard",
"scan",
"profileadmin",
+ "gateadmin",
"admin"
]
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-24 02:03:32 +0000