diff options
| author | Simon Brandhof <simon.brandhof@sonarsource.com> | 2016-09-23 11:24:15 +0200 |
|---|---|---|
| committer | Simon Brandhof <simon.brandhof@sonarsource.com> | 2016-09-28 17:36:48 +0200 |
| commit | 4cd20ab6fd2459a5c29483479c15d7c37119e90d (patch) | |
| tree | 6a596664797895eed85256358e83971a236edbc0 /server | |
| parent | db7601137d65cb0a7c0c8facf5693b5bfc7c593e (diff) | |
| download | sonarqube-4cd20ab6fd2459a5c29483479c15d7c37119e90d.tar.gz sonarqube-4cd20ab6fd2459a5c29483479c15d7c37119e90d.zip | |
SONAR-8173 drop global permission "shareDashboard"
Diffstat (limited to 'server')
28 files changed, 60 insertions, 135 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/issue/filter/IssueFilterService.java b/server/sonar-server/src/main/java/org/sonar/server/issue/filter/IssueFilterService.java index 9049f979533..8177f984c95 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/issue/filter/IssueFilterService.java +++ b/server/sonar-server/src/main/java/org/sonar/server/issue/filter/IssueFilterService.java @@ -204,11 +204,7 @@ public class IssueFilterService { } public boolean canShareFilter(UserSession userSession) { - if (userSession.isLoggedIn()) { - String user = userSession.getLogin(); - return hasUserSharingPermission(user); - } - return false; + return userSession.isLoggedIn(); } public String getLoggedLogin(UserSession userSession) { @@ -243,12 +239,6 @@ public class IssueFilterService { } } - private void verifyCurrentUserCanShareFilter(IssueFilterDto issueFilter, String user) { - if (issueFilter.isShared() && !hasUserSharingPermission(user)) { - throw new ForbiddenException("User cannot own this filter because of insufficient rights"); - } - } - private void validateFilter(final IssueFilterDto issueFilter) { List<IssueFilterDto> userFilters = selectUserIssueFilters(issueFilter.getUserLogin()); IssueFilterDto userFilterSameName = findFilterWithSameName(userFilters, issueFilter.getName()); @@ -261,7 +251,6 @@ public class IssueFilterService { if (sharedFilterWithSameName != null && !sharedFilterWithSameName.getId().equals(issueFilter.getId())) { throw new BadRequestException("Other users already share filters with the same name"); } - verifyCurrentUserCanShareFilter(issueFilter, issueFilter.getUserLogin()); } } @@ -322,10 +311,6 @@ public class IssueFilterService { return new IssueFilterResult(issues.getDocs(), paging); } - private boolean hasUserSharingPermission(String user) { - return permissionDao.selectGlobalPermissions(user).contains(GlobalPermissions.DASHBOARD_SHARING); - } - private boolean isFilterOwnedByUser(IssueFilterDto filter, String login) { String ownerLogin = filter.getUserLogin(); return ownerLogin != null && ownerLogin.equals(login); diff --git a/server/sonar-server/src/main/resources/org/sonar/server/permission/ws/search_global_permissions-example.json b/server/sonar-server/src/main/resources/org/sonar/server/permission/ws/search_global_permissions-example.json index d5e519ab599..6663b287091 100644 --- a/server/sonar-server/src/main/resources/org/sonar/server/permission/ws/search_global_permissions-example.json +++ b/server/sonar-server/src/main/resources/org/sonar/server/permission/ws/search_global_permissions-example.json @@ -22,13 +22,6 @@ "groupsCount": 0 }, { - "key": "shareDashboard", - "name": "Share Dashboards And Filters", - "description": "Ability to share dashboards, issue filters and measure filters.", - "usersCount": 0, - "groupsCount": 1 - }, - { "key": "scan", "name": "Execute Analysis", "description": "Ability to execute analyses, and to get all settings required to perform the analysis, even the secured ones like the scm account password, the jira account password, and so on.", diff --git a/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json b/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json index 57d6511b5f8..787861dc917 100644 --- a/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json +++ b/server/sonar-server/src/main/resources/org/sonar/server/user/ws/current-example.json @@ -18,7 +18,6 @@ "admin", "profileadmin", "gateadmin", - "shareDashboard", "scan", "provisioning" ] diff --git a/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java b/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java index edf310c5467..1de8f34a4bc 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java @@ -168,7 +168,7 @@ public class ReportSubmitterTest { @Test public void fail_with_forbidden_exception_when_no_scan_permission() { - userSession.setGlobalPermissions(GlobalPermissions.DASHBOARD_SHARING); + userSession.setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); thrown.expect(ForbiddenException.class); underTest.submit(PROJECT_KEY, null, PROJECT_NAME, IOUtils.toInputStream("{binary}")); diff --git a/server/sonar-server/src/test/java/org/sonar/server/issue/filter/IssueFilterServiceTest.java b/server/sonar-server/src/test/java/org/sonar/server/issue/filter/IssueFilterServiceTest.java index 38ba192702f..f26e51503f7 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/issue/filter/IssueFilterServiceTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/issue/filter/IssueFilterServiceTest.java @@ -217,7 +217,7 @@ public class IssueFilterServiceTest { @Test public void should_not_save_shared_filter_if_name_already_used_by_shared_filter() { - when(issueFilterDao.selectByUser(eq("john"))).thenReturn(Collections.<IssueFilterDto>emptyList()); + when(issueFilterDao.selectByUser(eq("john"))).thenReturn(Collections.emptyList()); when(issueFilterDao.selectSharedFilters()).thenReturn(newArrayList(new IssueFilterDto().setId(1L).setName("My Issue").setUserLogin("henry").setShared(true))); IssueFilterDto issueFilter = new IssueFilterDto().setName("My Issue").setShared(true); try { @@ -240,33 +240,7 @@ public class IssueFilterServiceTest { } @Test - public void should_have_permission_to_share_filter() { - when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); - when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Filter").setShared(false).setUserLogin("john")); - - IssueFilterDto result = underTest.update(new IssueFilterDto().setId(1L).setName("My Filter").setShared(true).setUserLogin("john"), userSession); - assertThat(result.isShared()).isTrue(); - - verify(issueFilterDao).update(any(IssueFilterDto.class)); - } - - @Test - public void should_not_share_filter_if_no_permission() { - when(permissionDao.selectGlobalPermissions("john")).thenReturn(Collections.<String>emptyList()); - when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Filter").setShared(false).setUserLogin("john")); - - try { - underTest.update(new IssueFilterDto().setId(1L).setName("My Filter").setShared(true).setUserLogin("john"), userSession); - fail(); - } catch (Exception e) { - assertThat(e).isInstanceOf(ForbiddenException.class).hasMessage("User cannot own this filter because of insufficient rights"); - } - verify(issueFilterDao, never()).update(any(IssueFilterDto.class)); - } - - @Test public void should_not_share_filter_if_filter_owner_is_platform() { - when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Filter").setShared(false)); try { @@ -321,9 +295,8 @@ public class IssueFilterServiceTest { } @Test - public void should_update_other_shared_filter_if_admin_and_if_filter_owner_has_sharing_permission() { + public void should_update_other_shared_filter_if_admin() { when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.SYSTEM_ADMIN)); - when(permissionDao.selectGlobalPermissions("arthur")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); when(issueFilterDao.selectById(1L)) .thenReturn(new IssueFilterDto().setId(1L).setName("My Old Filter").setDescription("Old description").setUserLogin("arthur").setShared(true)); @@ -336,9 +309,8 @@ public class IssueFilterServiceTest { } @Test - public void should_not_update_other_shared_filter_if_admin_and_if_filter_owner_has_no_sharing_permission() { - when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.SYSTEM_ADMIN)); - when(permissionDao.selectGlobalPermissions("arthur")).thenReturn(Collections.<String>emptyList()); + public void should_not_update_other_shared_filter_if_not_admin() { + when(permissionDao.selectGlobalPermissions("arthur")).thenReturn(Collections.emptyList()); when(issueFilterDao.selectById(1L)) .thenReturn(new IssueFilterDto().setId(1L).setName("My Old Filter").setDescription("Old description").setUserLogin("arthur").setShared(true)); @@ -346,7 +318,7 @@ public class IssueFilterServiceTest { underTest.update(new IssueFilterDto().setId(1L).setName("My New Filter").setDescription("New description").setShared(true).setUserLogin("arthur"), userSession); fail(); } catch (Exception e) { - assertThat(e).isInstanceOf(ForbiddenException.class).hasMessage("User cannot own this filter because of insufficient rights"); + assertThat(e).isInstanceOf(ForbiddenException.class).hasMessage("User is not authorized to modify this filter"); } verify(issueFilterDao, never()).update(any(IssueFilterDto.class)); } @@ -411,8 +383,6 @@ public class IssueFilterServiceTest { IssueFilterDto sharedFilter = new IssueFilterDto().setId(1L).setName("My filter").setUserLogin("former.owner").setShared(true); IssueFilterDto expectedDto = new IssueFilterDto().setName("My filter").setUserLogin("new.owner").setShared(true); - // New owner should have sharing perm in order to own the filter - when(permissionDao.selectGlobalPermissions("new.owner")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.SYSTEM_ADMIN)); when(issueFilterDao.selectById(1L)).thenReturn(sharedFilter); @@ -602,7 +572,7 @@ public class IssueFilterServiceTest { public void should_add_favourite_issue_filter_id() { when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Issues").setUserLogin("john").setData("componentRoots=struts")); // The filter is not in the favorite list --> add to favorite - when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.<IssueFilterFavouriteDto>emptyList()); + when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.emptyList()); ArgumentCaptor<IssueFilterFavouriteDto> issueFilterFavouriteDtoCaptor = ArgumentCaptor.forClass(IssueFilterFavouriteDto.class); boolean result = underTest.toggleFavouriteIssueFilter(1L, userSession); @@ -618,7 +588,7 @@ public class IssueFilterServiceTest { public void should_add_favourite_on_shared_filter() { when(issueFilterDao.selectById(1L)).thenReturn(new IssueFilterDto().setId(1L).setName("My Issues").setUserLogin("arthur").setShared(true)); // The filter is not in the favorite list --> add to favorite - when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.<IssueFilterFavouriteDto>emptyList()); + when(issueFilterFavouriteDao.selectByFilterId(1L)).thenReturn(Collections.emptyList()); ArgumentCaptor<IssueFilterFavouriteDto> issueFilterFavouriteDtoCaptor = ArgumentCaptor.forClass(IssueFilterFavouriteDto.class); boolean result = underTest.toggleFavouriteIssueFilter(1L, userSession); @@ -675,16 +645,11 @@ public class IssueFilterServiceTest { } @Test - public void user_can_share_filter_if_logged_and_own_sharing_permission() { - when(permissionDao.selectGlobalPermissions("john")).thenReturn(newArrayList(GlobalPermissions.DASHBOARD_SHARING)); + public void user_can_share_filter_if_logged() { UserSession userSession = new MockUserSession("john"); assertThat(underTest.canShareFilter(userSession)).isTrue(); assertThat(underTest.canShareFilter(new AnonymousMockUserSession())).isFalse(); - - when(permissionDao.selectGlobalPermissions("john")).thenReturn(Collections.<String>emptyList()); - userSession = new MockUserSession("john"); - assertThat(underTest.canShareFilter(userSession)).isFalse(); } @Test diff --git a/server/sonar-server/src/test/java/org/sonar/server/license/ws/ListActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/license/ws/ListActionTest.java index d616f8ee46d..d4b70365646 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/license/ws/ListActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/license/ws/ListActionTest.java @@ -34,6 +34,7 @@ import org.sonar.api.config.PropertyDefinition; import org.sonar.api.config.PropertyDefinitions; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.property.PropertyDbTester; @@ -50,7 +51,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Java6Assertions.entry; import static org.sonar.api.CoreProperties.PERMANENT_SERVER_ID; import static org.sonar.api.PropertyType.LICENSE; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.property.PropertyTesting.newGlobalPropertyDto; @@ -260,7 +260,7 @@ public class ListActionTest { @Test public void fail_when_not_system_admin() throws Exception { - userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); definitions.addComponent(PropertyDefinition.builder("foo").build()); expectedException.expect(ForbiddenException.class); diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java index eba2589f434..eef7b38ce6f 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/PermissionChangeTest.java @@ -117,7 +117,7 @@ public class PermissionChangeTest { PermissionChange query = PermissionChange.buildFromParams(inconsistentParams); thrown.expect(BadRequestException.class); - thrown.expectMessage("Invalid global permission key invalid. Valid values are [admin, profileadmin, gateadmin, shareDashboard, scan, provisioning]"); + thrown.expectMessage("Invalid global permission key invalid. Valid values are [admin, profileadmin, gateadmin, scan, provisioning]"); query.validate(); } diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java index 170d092bddf..035408d2f50 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java @@ -40,7 +40,6 @@ import org.sonarqube.ws.MediaTypes; import org.sonarqube.ws.WsPermissions; import static org.assertj.core.api.Assertions.assertThat; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; @@ -75,7 +74,6 @@ public class SearchGlobalPermissionsActionTest { insertGroupRole(newGroupRole(SCAN_EXECUTION, userGroup.getId())); insertGroupRole(newGroupRole(SYSTEM_ADMIN, adminGroup.getId())); insertGroupRole(newGroupRole(PROVISIONING, userGroup.getId())); - insertGroupRole(newGroupRole(DASHBOARD_SHARING, null)); UserDto user = insertUser(newUserDto("user", "user-name")); UserDto adminUser = insertUser(newUserDto("admin", "admin-name")); @@ -126,8 +124,6 @@ public class SearchGlobalPermissionsActionTest { i18n.put("global_permissions.profileadmin.desc", "Ability to perform any action on the quality profiles."); i18n.put("global_permissions.gateadmin", "Administer Quality Gates"); i18n.put("global_permissions.gateadmin.desc", "Ability to perform any action on the quality gates."); - i18n.put("global_permissions.shareDashboard", "Share Dashboards And Filters"); - i18n.put("global_permissions.shareDashboard.desc", "Ability to share dashboards, issue filters and measure filters."); i18n.put("global_permissions.scan", "Execute Analysis"); i18n.put("global_permissions.scan.desc", "Ability to execute analyses, and to get all settings required to perform the analysis, " + "even the secured ones like the scm account password, the jira account password, and so on."); diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/TemplateGroupsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/TemplateGroupsActionTest.java index 4998a9a70b8..88f418ccad8 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/TemplateGroupsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/TemplateGroupsActionTest.java @@ -27,6 +27,7 @@ import org.junit.Test; import org.junit.rules.ExpectedException; import org.sonar.api.resources.Qualifiers; import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; @@ -52,7 +53,6 @@ import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.CODEVIEWER; import static org.sonar.api.web.UserRole.ISSUE_ADMIN; import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto; import static org.sonar.db.user.GroupTesting.newGroupDto; @@ -374,7 +374,7 @@ public class TemplateGroupsActionTest { expectedException.expect(BadRequestException.class); ws.newRequest() - .setParam(PARAM_PERMISSION, DASHBOARD_SHARING) + .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) .setParam(PARAM_TEMPLATE_ID, template1.getUuid()) .execute(); } diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java index 8d36f1a3e0d..2dd90b8fbad 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java @@ -126,7 +126,7 @@ public class AddProjectCreatorToTemplateActionTest { expectedException.expect(BadRequestException.class); call(ws.newRequest() - .setParam(PARAM_PERMISSION, GlobalPermissions.DASHBOARD_SHARING) + .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) .setParam(PARAM_TEMPLATE_ID, template.getUuid())); } diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java index 079297945f0..1f144dc03e2 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java @@ -128,7 +128,7 @@ public class RemoveProjectCreatorFromTemplateActionTest { expectedException.expect(BadRequestException.class); call(ws.newRequest() - .setParam(PARAM_PERMISSION, GlobalPermissions.DASHBOARD_SHARING) + .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) .setParam(PARAM_TEMPLATE_ID, template.getUuid())); } diff --git a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/AvailableActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/AvailableActionTest.java index 28d1d1f5dc8..c7ea194826a 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/AvailableActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/AvailableActionTest.java @@ -20,13 +20,12 @@ package org.sonar.server.plugins.ws; import com.google.common.base.Optional; - -import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.DateUtils; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.tester.UserSessionRule; import org.sonar.server.ws.WsTester; @@ -39,7 +38,6 @@ import static com.google.common.collect.ImmutableList.of; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.Matchers.anyBoolean; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.test.JsonAssert.assertJson; import static org.sonar.updatecenter.common.PluginUpdate.Status.COMPATIBLE; @@ -147,7 +145,7 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio @Test public void fail_when_user_is_not_admin() throws Exception { - userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); expectedException.expect(ForbiddenException.class); underTest.handle(request, response); diff --git a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/InstalledActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/InstalledActionTest.java index 96d8c30655c..b23a8401c54 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/InstalledActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/InstalledActionTest.java @@ -29,6 +29,7 @@ import org.junit.rules.TemporaryFolder; import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.WebService; import org.sonar.api.server.ws.WebService.Param; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.platform.PluginInfo; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.plugins.ServerPluginRepository; @@ -46,7 +47,6 @@ import static org.mockito.Mockito.RETURNS_DEEP_STUBS; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verifyZeroInteractions; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.test.JsonAssert.assertJson; @@ -270,7 +270,7 @@ public class InstalledActionTest { @Test public void fail_when_user_is_not_sys_admin() throws Exception { - userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); expectedException.expect(ForbiddenException.class); underTest.handle(request, response); diff --git a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/PendingActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/PendingActionTest.java index 233af975e3f..af83425e32e 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/PendingActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/PendingActionTest.java @@ -27,6 +27,7 @@ import org.junit.Test; import org.junit.rules.ExpectedException; import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.WebService; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.platform.PluginInfo; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.plugins.PluginDownloader; @@ -43,7 +44,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.Mockito.RETURNS_DEEP_STUBS; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.test.JsonAssert.assertJson; @@ -92,8 +92,7 @@ public class PendingActionTest { " \"installing\": []," + " \"removing\": []," + " \"updating\": []" + - "}" - ); + "}"); } @Test @@ -108,8 +107,7 @@ public class PendingActionTest { " \"installing\": []," + " \"removing\": []," + " \"updating\": []" + - "}" - ); + "}"); } @Test @@ -140,8 +138,7 @@ public class PendingActionTest { " ]," + " \"removing\": []," + " \"updating\": []" + - "}" - ); + "}"); } @Test @@ -170,8 +167,7 @@ public class PendingActionTest { " \"implementationBuild\": \"9ce9d330c313c296fab051317cc5ad4b26319e07\"" + " }" + " ]" + - "}" - ); + "}"); } @Test @@ -193,8 +189,7 @@ public class PendingActionTest { " \"key\": \"scmgit\"" + " }" + " ]" + - "}" - ); + "}"); } @Test @@ -231,8 +226,7 @@ public class PendingActionTest { " \"key\": \"java\"" + " }" + " ]" + - "}" - ); + "}"); } @Test @@ -241,8 +235,7 @@ public class PendingActionTest { when(pluginDownloader.getDownloadedPlugins()).thenReturn(of( newPluginInfo(0).setName("Foo"), newPluginInfo(3).setName("Bar"), - newPluginInfo(2).setName("Bar") - )); + newPluginInfo(2).setName("Bar"))); underTest.handle(request, response); @@ -265,8 +258,7 @@ public class PendingActionTest { " ]," + " \"removing\": []," + " \"updating\": []" + - "}" - ); + "}"); } @Test @@ -275,8 +267,7 @@ public class PendingActionTest { when(serverPluginRepository.getUninstalledPlugins()).thenReturn(of( newPluginInfo(0).setName("Foo"), newPluginInfo(3).setName("Bar"), - newPluginInfo(2).setName("Bar") - )); + newPluginInfo(2).setName("Bar"))); underTest.handle(request, response); @@ -299,13 +290,12 @@ public class PendingActionTest { " \"name\": \"Foo\"," + " }" + " ]" + - "}" - ); + "}"); } @Test public void fail_when_user_is_not_sys_admin() throws Exception { - userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); expectedException.expect(ForbiddenException.class); underTest.handle(request, response); diff --git a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/UpdatesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/UpdatesActionTest.java index 8fc66f8ac1d..60d52ef0588 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/UpdatesActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/plugins/ws/UpdatesActionTest.java @@ -24,6 +24,7 @@ import org.junit.Test; import org.junit.rules.ExpectedException; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.DateUtils; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.tester.UserSessionRule; import org.sonar.server.ws.WsTester; @@ -33,7 +34,6 @@ import org.sonar.updatecenter.common.Release; import static com.google.common.collect.ImmutableList.of; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.test.JsonAssert.assertJson; import static org.sonar.updatecenter.common.PluginUpdate.Status.COMPATIBLE; @@ -184,7 +184,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT @Test public void fail_when_user_is_not_sys_admin() throws Exception { - userSession.login("user").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("user").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); expectedException.expect(ForbiddenException.class); underTest.handle(request, response); diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java index 993810ecb84..c4c29438eb8 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java @@ -25,6 +25,7 @@ import org.junit.Rule; import org.junit.Test; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; @@ -40,7 +41,6 @@ import static org.sonar.api.measures.Metric.ValueType.DISTRIB; import static org.sonar.api.measures.Metric.ValueType.INT; import static org.sonar.api.measures.Metric.ValueType.RATING; import static org.sonar.api.measures.Metric.ValueType.WORK_DUR; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; import static org.sonar.db.metric.MetricTesting.newMetricDto; import static org.sonar.test.JsonAssert.assertJson; @@ -170,7 +170,7 @@ public class AppActionTest { @Test public void return_edit_to_false_when_not_quality_gate_permission() throws Exception { - userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); AppWsResponse response = executeRequest(); diff --git a/server/sonar-server/src/test/java/org/sonar/server/serverid/ws/ShowActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/serverid/ws/ShowActionTest.java index e534a183738..87a280fcf70 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/serverid/ws/ShowActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/serverid/ws/ShowActionTest.java @@ -30,6 +30,7 @@ import org.junit.Test; import org.junit.rules.ExpectedException; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.property.PropertyDbTester; @@ -45,7 +46,6 @@ import org.sonarqube.ws.ServerId.ShowWsResponse; import static org.assertj.core.api.Java6Assertions.assertThat; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.property.PropertyTesting.newGlobalPropertyDto; import static org.sonarqube.ws.MediaTypes.JSON; @@ -141,7 +141,7 @@ public class ShowActionTest { @Test public void fail_when_not_system_admin() throws Exception { - userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); expectedException.expect(ForbiddenException.class); diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java index 4a7530bb845..eab1e9a817b 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java @@ -33,6 +33,7 @@ import org.sonar.api.config.PropertyDefinitions; import org.sonar.api.config.PropertyFieldDefinition; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; @@ -53,7 +54,6 @@ import static org.sonar.api.resources.Qualifiers.MODULE; import static org.sonar.api.resources.Qualifiers.PROJECT; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newProjectDto; import static org.sonarqube.ws.MediaTypes.JSON; @@ -329,7 +329,7 @@ public class ListDefinitionsActionTest { @Test public void fail_when_not_system_admin() throws Exception { - userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build()); expectedException.expect(ForbiddenException.class); diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ResetActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ResetActionTest.java index d3c0722bf55..27f9a9cea0c 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ResetActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ResetActionTest.java @@ -29,6 +29,7 @@ import org.sonar.api.config.PropertyDefinition; import org.sonar.api.config.PropertyDefinitions; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; @@ -54,7 +55,6 @@ import static org.sonar.api.resources.Qualifiers.PROJECT; import static org.sonar.api.resources.Qualifiers.VIEW; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newProjectDto; import static org.sonar.db.property.PropertyTesting.newComponentPropertyDto; @@ -225,7 +225,7 @@ public class ResetActionTest { @Test public void fail_when_not_system_admin() throws Exception { - userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); definitions.addComponent(PropertyDefinition.builder("foo").build()); expectedException.expect(ForbiddenException.class); diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java index f32885cca81..944783bf48a 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java @@ -35,6 +35,7 @@ import org.sonar.api.config.PropertyDefinitions; import org.sonar.api.config.PropertyFieldDefinition; import org.sonar.api.server.ws.WebService; import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; @@ -54,7 +55,6 @@ import static java.util.Arrays.asList; import static org.assertj.core.api.Java6Assertions.assertThat; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newModuleDto; import static org.sonar.db.component.ComponentTesting.newProjectDto; @@ -501,7 +501,7 @@ public class ValuesActionTest { @Test public void fail_when_not_system_admin() throws Exception { - userSession.login("not-admin").setGlobalPermissions(DASHBOARD_SHARING); + userSession.login("not-admin").setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN); definitions.addComponent(PropertyDefinition.builder("foo").build()); expectedException.expect(ForbiddenException.class); diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java index 0960740dee0..3c43cb13048 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java @@ -39,7 +39,7 @@ import org.sonar.db.user.UserDto; import org.sonar.server.exceptions.ForbiddenException; import static org.assertj.core.api.Assertions.assertThat; -import static org.sonar.core.permission.GlobalPermissions.DASHBOARD_SHARING; +import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.user.UserTesting.newUserDto; @@ -83,7 +83,7 @@ public class ServerUserSessionTest { assertThat(session.hasPermission(QUALITY_PROFILE_ADMIN)).isTrue(); assertThat(session.hasPermission(SYSTEM_ADMIN)).isTrue(); - assertThat(session.hasPermission(DASHBOARD_SHARING)).isFalse(); + assertThat(session.hasPermission(QUALITY_GATE_ADMIN)).isFalse(); } @Test @@ -100,7 +100,7 @@ public class ServerUserSessionTest { UserSession session = newUserSession(userDto); expectedException.expect(ForbiddenException.class); - session.checkPermission(DASHBOARD_SHARING); + session.checkPermission(QUALITY_GATE_ADMIN); } @Test @@ -216,7 +216,7 @@ public class ServerUserSessionTest { assertThat(session.hasGlobalPermission(QUALITY_PROFILE_ADMIN)).isTrue(); assertThat(session.hasGlobalPermission(SYSTEM_ADMIN)).isTrue(); - assertThat(session.hasGlobalPermission(DASHBOARD_SHARING)).isFalse(); + assertThat(session.hasGlobalPermission(QUALITY_GATE_ADMIN)).isFalse(); } @Test @@ -251,7 +251,7 @@ public class ServerUserSessionTest { assertThat(session.hasPermission(GlobalPermissions.QUALITY_PROFILE_ADMIN)).isTrue(); assertThat(session.hasPermission(GlobalPermissions.SYSTEM_ADMIN)).isTrue(); - assertThat(session.hasPermission(GlobalPermissions.DASHBOARD_SHARING)).isFalse(); + assertThat(session.hasPermission(GlobalPermissions.QUALITY_GATE_ADMIN)).isFalse(); } @Test diff --git a/server/sonar-web/src/main/js/apps/permissions/global/components/AllHoldersList.js b/server/sonar-web/src/main/js/apps/permissions/global/components/AllHoldersList.js index fe97b7c3233..bb7b24fd24b 100644 --- a/server/sonar-web/src/main/js/apps/permissions/global/components/AllHoldersList.js +++ b/server/sonar-web/src/main/js/apps/permissions/global/components/AllHoldersList.js @@ -44,7 +44,6 @@ const PERMISSIONS_ORDER = [ 'admin', 'profileadmin', 'gateadmin', - 'shareDashboard', 'scan', 'provisioning' ]; diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/dashboards_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/dashboards_controller.rb index a7029e3bc09..7baf8e59600 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/dashboards_controller.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/dashboards_controller.rb @@ -180,7 +180,7 @@ class DashboardsController < ApplicationController def load_dashboard_from_params(dashboard) dashboard.name = params[:name] dashboard.description = params[:description] - dashboard.shared = params[:shared].present? && has_role?(:shareDashboard) + dashboard.shared = params[:shared].present? dashboard.column_layout = Dashboard::DEFAULT_LAYOUT if !dashboard.column_layout dashboard.user = User.find_active_by_login(params[:owner]) unless params[:owner].nil? end diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb index de7a8665353..4d4ea18e494 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/app/controllers/measures_controller.rb @@ -92,7 +92,7 @@ class MeasuresController < ApplicationController end @filter.name=params[:name] @filter.description=params[:description] - @filter.shared=(params[:shared]=='true') && has_role?(:shareDashboard) + @filter.shared=(params[:shared]=='true') @filter.data=URI.unescape(params[:data]) if @filter.save current_user.favourited_measure_filters<<@filter if add_to_favourites @@ -145,7 +145,7 @@ class MeasuresController < ApplicationController @filter.name=params[:name] @filter.description=params[:description] - @filter.shared=(params[:shared]=='true') && has_role?(:shareDashboard) + @filter.shared=(params[:shared]=='true') if has_role?(:admin) && params[:owner] @filter.user = User.find_by_login(params[:owner]) end @@ -181,7 +181,7 @@ class MeasuresController < ApplicationController target.name=params[:name] target.description=params[:description] target.user_id=current_user.id - target.shared=(params[:shared]=='true') && has_role?(:shareDashboard) + target.shared=(params[:shared]=='true') target.data=source.data if target.save current_user.favourited_measure_filters << target diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/models/dashboard.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/models/dashboard.rb index d735bf86d0e..1dcbfbd7b44 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/app/models/dashboard.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/app/models/dashboard.rb @@ -45,7 +45,7 @@ class Dashboard < ActiveRecord::Base end def user_rights_consistency - if shared? && user && !user.has_role?(:shareDashboard) + if shared? && !user errors.add(:user, "cannot own this dashboard because of insufficient rights") end end @@ -79,7 +79,7 @@ class Dashboard < ActiveRecord::Base end def can_be_shared_by(user) - owner?(user) && user.has_role?(:shareDashboard) + owner?(user) end def can_be_reassigned_by(user) diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/models/measure_filter.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/models/measure_filter.rb index e7d07a86d11..46fcb766648 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/app/models/measure_filter.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/app/models/measure_filter.rb @@ -361,7 +361,7 @@ class MeasureFilter < ActiveRecord::Base errors.add_to_base('Other users already share filters with the same name') if count>0 # Verify filter owner has sharing permission - if user && !user.has_role?(:shareDashboard) + if !user errors.add(:user, "cannot own this filter because of insufficient rights") end elsif system? diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboards/_create_form.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboards/_create_form.html.erb index c79ab4b210f..c139061537b 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboards/_create_form.html.erb +++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/dashboards/_create_form.html.erb @@ -18,7 +18,7 @@ <label for="description"><%= h message('description') -%></label> <input id="description" name="description" type="text" size="50" maxlength="4000" value="<%= h @dashboard.description -%>"/> </div> - <% if has_role?(:shareDashboard) %> + <% if logged_in? %> <div class="modal-field"> <label for="shared"><%= h message('shared') -%></label> <input id="shared" name="shared" type="checkbox" value="true" <%= 'checked' if @dashboard.shared -%>/> diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/views/measures/_shared_form.html.erb b/server/sonar-web/src/main/webapp/WEB-INF/app/views/measures/_shared_form.html.erb index b670d2655fd..c53de5eab58 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/app/views/measures/_shared_form.html.erb +++ b/server/sonar-web/src/main/webapp/WEB-INF/app/views/measures/_shared_form.html.erb @@ -17,7 +17,7 @@ <%= user_select_tag('owner', :html_id => 'select-filter-owner', :selected_user => @filter.user) -%> </div> <% end %> - <% if has_role?(:shareDashboard) %> + <% if logged_in? %> <% if @filter.user_id.nil? || @filter.user_id == current_user.id %> <div class="modal-field"> <label for="shared"><%= h message('measure_filter.shared_with_all_users') -%></label> @@ -27,4 +27,4 @@ <input id="shared" name="shared" type="hidden" value="<%= @filter.shared -%>"/> <% end %> <% end %> -</div>
\ No newline at end of file +</div> |