diff options
| author | Simon Brandhof <simon.brandhof@sonarsource.com> | 2016-11-02 17:01:24 +0100 |
|---|---|---|
| committer | Simon Brandhof <simon.brandhof@sonarsource.com> | 2016-11-03 13:57:46 +0100 |
| commit | 5e53506d7357b7b7eb0d22d6b50bf4eb6a652325 (patch) | |
| tree | d6644d3b458500cab696d56e6c096d634b200abb /server | |
| parent | 463f2a004f54afa7a3bad73c0c3468223d22af12 (diff) | |
| download | sonarqube-5e53506d7357b7b7eb0d22d6b50bf4eb6a652325.tar.gz sonarqube-5e53506d7357b7b7eb0d22d6b50bf4eb6a652325.zip | |
SONAR-8260 fix conflict between project and org parameters
Diffstat (limited to 'server')
| -rw-r--r-- | server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java | 5 | ||||
| -rw-r--r-- | server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java | 16 |
2 files changed, 20 insertions, 1 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java index 08325de06da..42ab1e18073 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/AddUserAction.java @@ -33,6 +33,7 @@ import org.sonar.server.permission.UserId; import org.sonar.server.permission.UserPermissionChange; import org.sonar.server.user.UserSession; +import static com.google.common.base.Preconditions.checkArgument; import static java.util.Arrays.asList; import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin; import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createOrganizationParameter; @@ -80,7 +81,9 @@ public class AddUserAction implements PermissionsWsAction { try (DbSession dbSession = dbClient.openSession(false)) { UserId user = support.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN)); Optional<ProjectId> projectId = support.findProject(dbSession, request); - OrganizationDto org = support.findOrganization(dbSession, request.param(PARAM_ORGANIZATION_KEY)); + String organizationKey = request.param(PARAM_ORGANIZATION_KEY); + checkArgument(!projectId.isPresent() || organizationKey == null, "Organization must not be set when project is set."); + OrganizationDto org = support.findOrganization(dbSession, organizationKey); checkProjectAdmin(userSession, org.getUuid(), projectId); diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java index 4a135b3b6f9..ead2f1cf17d 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java @@ -318,6 +318,22 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { db.rootFlag().verify(rootByGroupPermissionUser, true); } + @Test + public void organization_parameter_must_not_be_set_on_project_permissions() { + ComponentDto project = db.components().insertProject(); + loginAsAdminOnDefaultOrganization(); + + expectedException.expect(IllegalArgumentException.class); + expectedException.expectMessage("Organization must not be set when project is set."); + + newRequest() + .setParam(PARAM_USER_LOGIN, user.getLogin()) + .setParam(PARAM_PROJECT_KEY, project.getKey()) + .setParam(PARAM_ORGANIZATION_KEY, "an_org") + .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .execute(); + } + private void executeRequest(UserDto userDto, String permission) throws Exception { executeRequest(userDto, permission, null); } |