aboutsummaryrefslogtreecommitdiffstats
path: root/server
diff options
context:
space:
mode:
authorJulien Lancelot <julien.lancelot@sonarsource.com>2017-03-21 09:03:48 +0100
committerJulien Lancelot <julien.lancelot@sonarsource.com>2017-03-21 13:05:50 +0100
commitff0efa8afb8e47ae7dea5f0a190b1772ba59ec0e (patch)
treedaf3bccafa92f2ed91b465306a3e71d34b6e77b7 /server
parent0f85de84c352fa9098c64ad56ced340298c356df (diff)
downloadsonarqube-ff0efa8afb8e47ae7dea5f0a190b1772ba59ec0e.tar.gz
sonarqube-ff0efa8afb8e47ae7dea5f0a190b1772ba59ec0e.zip
SONAR-8968 Check page size in api/users/groups
Diffstat (limited to 'server')
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/user/ws/GroupsAction.java7
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/user/ws/GroupsActionTest.java13
2 files changed, 19 insertions, 1 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/GroupsAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/GroupsAction.java
index e6691c3a46e..731ce35540f 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/GroupsAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/GroupsAction.java
@@ -43,6 +43,7 @@ import org.sonarqube.ws.WsUsers.GroupsWsResponse;
import org.sonarqube.ws.WsUsers.GroupsWsResponse.Group;
import org.sonarqube.ws.client.user.GroupsRequest;
+import static com.google.common.base.Preconditions.checkArgument;
import static org.sonar.api.server.ws.WebService.Param.PAGE;
import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
import static org.sonar.api.server.ws.WebService.Param.SELECTED;
@@ -56,6 +57,8 @@ import static org.sonarqube.ws.client.user.UsersWsParameters.PARAM_ORGANIZATION;
public class GroupsAction implements UsersWsAction {
+ private static final int MAX_PAGE_SIZE = 500;
+
private final DbClient dbClient;
private final UserSession userSession;
private final DefaultOrganizationProvider defaultOrganizationProvider;
@@ -126,13 +129,15 @@ public class GroupsAction implements UsersWsAction {
}
private static GroupsRequest toGroupsRequest(Request request) {
+ int pageSize = request.mandatoryParamAsInt(PAGE_SIZE);
+ checkArgument(pageSize <= MAX_PAGE_SIZE, "The '%s' parameter must be less than %s", PAGE_SIZE, MAX_PAGE_SIZE);
return GroupsRequest.builder()
.setLogin(request.mandatoryParam(PARAM_LOGIN))
.setOrganization(request.param(PARAM_ORGANIZATION))
.setSelected(request.mandatoryParam(SELECTED))
.setQuery(request.param(TEXT_QUERY))
.setPage(request.mandatoryParamAsInt(PAGE))
- .setPageSize(request.mandatoryParamAsInt(PAGE_SIZE))
+ .setPageSize(pageSize)
.build();
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ws/GroupsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ws/GroupsActionTest.java
index 205d54bce0b..3f50988aa37 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/user/ws/GroupsActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/ws/GroupsActionTest.java
@@ -226,6 +226,19 @@ public class GroupsActionTest {
}
@Test
+ public void fail_when_page_size_is_greater_than_500() throws Exception {
+ UserDto user = insertUser();
+
+ expectedException.expect(IllegalArgumentException.class);
+ expectedException.expectMessage("The 'ps' parameter must be less than 500");
+
+ call(ws.newRequest()
+ .setParam("login", user.getLogin())
+ .setParam(Param.PAGE_SIZE, "501")
+ );
+ }
+
+ @Test
public void fail_on_missing_permission() throws Exception {
OrganizationDto organizationDto = db.organizations().insert();
userSession.logIn().addPermission(ADMINISTER, organizationDto);