diff options
| author | Julien Lancelot <julien.lancelot@gmail.com> | 2013-09-20 13:44:49 +0200 |
|---|---|---|
| committer | Julien Lancelot <julien.lancelot@gmail.com> | 2013-09-20 13:45:02 +0200 |
| commit | d96219c143aa41a5be020c850e45425c51c3d428 (patch) | |
| tree | ae823f1aaf75983ac74a3d307067600a4f183af5 /sonar-server/src/main | |
| parent | 8ac31c19cc3b6673207665e99956208ad4665400 (diff) | |
| download | sonarqube-d96219c143aa41a5be020c850e45425c51c3d428.tar.gz sonarqube-d96219c143aa41a5be020c850e45425c51c3d428.zip | |
SONAR-4537 Code Viewer permission should only prevent users from seeing the code, not from using any other feature
Diffstat (limited to 'sonar-server/src/main')
6 files changed, 103 insertions, 94 deletions
diff --git a/sonar-server/src/main/java/org/sonar/server/ui/DefaultPages.java b/sonar-server/src/main/java/org/sonar/server/ui/DefaultPages.java index f2f25d9c307..09d958c2176 100644 --- a/sonar-server/src/main/java/org/sonar/server/ui/DefaultPages.java +++ b/sonar-server/src/main/java/org/sonar/server/ui/DefaultPages.java @@ -42,7 +42,7 @@ public final class DefaultPages { @NavigationSection(NavigationSection.RESOURCE_TAB) @DefaultTab @ResourceQualifier({Qualifiers.FILE, Qualifiers.CLASS, Qualifiers.UNIT_TEST_FILE}) - @UserRole(UserRole.CODEVIEWER) + @UserRole(UserRole.USER) private static final class SourceTab implements RubyRailsPage { public String getTemplate() { return NOT_APPLICABLE; @@ -80,7 +80,7 @@ public final class DefaultPages { CoreMetrics.NEW_OVERALL_LINES_TO_COVER_KEY, CoreMetrics.NEW_OVERALL_BRANCH_COVERAGE_KEY, CoreMetrics.NEW_OVERALL_CONDITIONS_TO_COVER_KEY, CoreMetrics.NEW_OVERALL_UNCOVERED_CONDITIONS_KEY}) @RequiredMeasures(anyOf = {CoreMetrics.COVERAGE_KEY, CoreMetrics.IT_COVERAGE_KEY, CoreMetrics.OVERALL_COVERAGE_KEY}) - @UserRole(UserRole.CODEVIEWER) + @UserRole(UserRole.USER) private static final class CoverageTab implements RubyRailsPage { public String getTemplate() { return NOT_APPLICABLE; @@ -106,7 +106,7 @@ public final class DefaultPages { @ResourceQualifier( value = {Qualifiers.VIEW, Qualifiers.SUBVIEW, Qualifiers.PROJECT, Qualifiers.MODULE, Qualifiers.PACKAGE, Qualifiers.DIRECTORY, Qualifiers.FILE, Qualifiers.CLASS, Qualifiers.UNIT_TEST_FILE}) - @UserRole(UserRole.CODEVIEWER) + @UserRole(UserRole.USER) private static final class IssuesTab implements RubyRailsPage { public String getTemplate() { return NOT_APPLICABLE; @@ -124,7 +124,7 @@ public final class DefaultPages { @NavigationSection(NavigationSection.RESOURCE_TAB) @DefaultTab(metrics = {CoreMetrics.DUPLICATED_LINES_KEY, CoreMetrics.DUPLICATED_BLOCKS_KEY, CoreMetrics.DUPLICATED_FILES_KEY, CoreMetrics.DUPLICATED_LINES_DENSITY_KEY}) @ResourceQualifier({Qualifiers.FILE, Qualifiers.CLASS}) - @UserRole(UserRole.CODEVIEWER) + @UserRole(UserRole.USER) private static final class DuplicationsTab implements RubyRailsPage { public String getTemplate() { return NOT_APPLICABLE; diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/resource_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/resource_controller.rb index 6861d7c4748..285dfd37656 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/resource_controller.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/resource_controller.rb @@ -389,4 +389,4 @@ class ResourceController < ApplicationController render :partial => 'resource_deleted' end -end
\ No newline at end of file +end diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_duplications.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_duplications.html.erb index a9cf8d75b52..3760a8456b3 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_duplications.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_duplications.html.erb @@ -12,77 +12,82 @@ <div class="duplicationsMessage"><%= @duplication_group_warning -%></div> <% end %> - <table class="data duplications"> - <thead> - <tr> - <th class="thin nowrap"><%= message('duplications.blocks') -%></th> - <th class="thin nowrap"><%= message('duplications.number_of_lines') -%></th> - <th class="thin nowrap"><%= message('duplications.from_line') -%></th> - <th class="thin nowrap"><%= message('duplications.file') -%></th> - <th><%= message('duplications.details') -%></th> - </tr> - </thead> + <% if has_role?('codeviewer', @resource) %> + <table class="data duplications"> + <thead> + <tr> + <th class="thin nowrap"><%= message('duplications.blocks') -%></th> + <th class="thin nowrap"><%= message('duplications.number_of_lines') -%></th> + <th class="thin nowrap"><%= message('duplications.from_line') -%></th> + <th class="thin nowrap"><%= message('duplications.file') -%></th> + <th><%= message('duplications.details') -%></th> + </tr> + </thead> - <tbody> - <% - @duplication_groups.each_with_index do |group, group_index| - %> - <tr> - <td colspan="5" style="height: 10px"> </td> - </tr> - <tr id="duplGroup_<%= group_index -%>"> - <td class="item"> - <p><b><%= group.size() -%></b></p> - </td> + <tbody> + <% + @duplication_groups.each_with_index do |group, group_index| + %> + <tr> + <td colspan="5" style="height: 10px"> </td> + </tr> + <tr id="duplGroup_<%= group_index -%>"> + <td class="item"> + <p><b><%= group.size() -%></b></p> + </td> - <td class="item"> - <% group.each_with_index do |dup, index| %> - <p id="duplCount-<%= group_index -%>-<%= index -%>" class="<%= 'selected' if index==0 -%>"><%= dup[:lines_count].to_i -%></p> - <% end %> - </td> + <td class="item"> + <% group.each_with_index do |dup, index| %> + <p id="duplCount-<%= group_index -%>-<%= index -%>" class="<%= 'selected' if index==0 -%>"><%= dup[:lines_count].to_i -%></p> + <% end %> + </td> - <td class="item"> - <% group.each_with_index do |dup, index| %> - <p id="duplFrom-<%= group_index -%>-<%= index -%>" class="<%= 'selected' if index==0 -%>"><%= dup[:from_line].to_i -%></p> - <% end %> - </td> + <td class="item"> + <% group.each_with_index do |dup, index| %> + <p id="duplFrom-<%= group_index -%>-<%= index -%>" class="<%= 'selected' if index==0 -%>"><%= dup[:from_line].to_i -%></p> + <% end %> + </td> - <td class="fileItem"> - <% group.each_with_index do |dup, index| - resource = dup[:resource] - external = resource.root_id != @resource.root_id - lines_count = dup[:lines_count].to_i - from_line = dup[:from_line].to_i - included_to_line = from_line + [ResourceHelper::DUPLICATION_SNIPPET_DEFAULT_NB_OF_LINES, lines_count].min - 1 - lines_count = dup[:lines_count].to_i - update_snippet_script = "updateDuplicationLines('#{url_for :action => :show_duplication_snippet, :params => {:id => resource.id, :original_resource_id => @resource.id}}',#{group_index}, #{index}, #{lines_count}, #{from_line}, #{included_to_line});" - %> - <p id="duplName-<%= group_index -%>-<%= index -%>" class="<%= 'selected' if index==0 -%>"> - <a href="#" onclick="return <%= update_snippet_script -%>;"><%= h resource.name -%></a> - <%= image_tag "links/external.png" if external -%> - </p> - <% end %> + <td class="fileItem"> + <% group.each_with_index do |dup, index| + resource = dup[:resource] + external = resource.root_id != @resource.root_id + lines_count = dup[:lines_count].to_i + from_line = dup[:from_line].to_i + included_to_line = from_line + [ResourceHelper::DUPLICATION_SNIPPET_DEFAULT_NB_OF_LINES, lines_count].min - 1 + lines_count = dup[:lines_count].to_i + update_snippet_script = "updateDuplicationLines('#{url_for :action => :show_duplication_snippet, :params => {:id => resource.id, :original_resource_id => @resource.id}}',#{group_index}, #{index}, #{lines_count}, #{from_line}, #{included_to_line});" + %> + <p id="duplName-<%= group_index -%>-<%= index -%>" class="<%= 'selected' if index==0 -%>"> + <a href="#" onclick="return <%= update_snippet_script -%>;"><%= h resource.name -%></a> + <%= image_tag "links/external.png" if external -%> + </p> + <% end %> - </td> + </td> - <td class="sourceItem"> - <% - duplication = group[0] - resource = duplication[:resource] - from_line = duplication[:from_line].to_i - lines_count = duplication[:lines_count].to_i - external = resource.root_id != @resource.root_id - included_to_line = from_line + [ResourceHelper::DUPLICATION_SNIPPET_DEFAULT_NB_OF_LINES, lines_count].min - 1 - %> - <div id="source-<%= group_index -%>"> - <%= render :partial => 'duplications_source_snippet', :locals => {:resource => resource, :original_resource => @resource, :from_line => from_line, :to_line => included_to_line, :lines_count => lines_count, :external => external, :group_index => group_index} -%> - </div> - </td> - </tr> - <% - end - %> - </tbody> + <td class="sourceItem"> + <% + duplication = group[0] + resource = duplication[:resource] + from_line = duplication[:from_line].to_i + lines_count = duplication[:lines_count].to_i + external = resource.root_id != @resource.root_id + included_to_line = from_line + [ResourceHelper::DUPLICATION_SNIPPET_DEFAULT_NB_OF_LINES, lines_count].min - 1 + %> + <div id="source-<%= group_index -%>"> + <%= render :partial => 'duplications_source_snippet', :locals => {:resource => resource, :original_resource => @resource, :from_line => from_line, :to_line => included_to_line, :lines_count => lines_count, :external => external, :group_index => group_index} -%> + </div> + </td> + </tr> + <% + end + %> + </tbody> - </table> -<% end %>
\ No newline at end of file + </table> + <% else %> + <div class="note" style="margin: 5px;"><%= message('code_viewer.no_source_code_displayed_due_to_security') -%></div> + <% end %> + + <% end %> diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_index.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_index.html.erb index eea1aa3371f..624ad76e79e 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_index.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_index.html.erb @@ -15,19 +15,23 @@ <% end %> <% if @lines && @lines.size>0 %> - <%= render :partial => "shared/source_display", :locals => { :display_manual_violation_form => @display_manual_violation_form, \ - :scm_available => @scm_available, \ - :display_coverage => @display_coverage, \ - :lines => @lines, \ - :expanded => @expanded, \ - :display_violations => @display_violations, \ - :display_issues => @display_issues, \ - :has_global_issues => @global_issues && @global_issues.size>0, \ - :resource => @resource, \ - :snapshot => @snapshot, \ - :review_screens_by_vid => @review_screens_by_vid, \ - :filtered => @filtered} - %> + <% if has_role?('codeviewer', @resource) %> + <%= render :partial => "shared/source_display", :locals => { :display_manual_violation_form => @display_manual_violation_form, + :scm_available => @scm_available, + :display_coverage => @display_coverage, + :lines => @lines, + :expanded => @expanded, + :display_violations => @display_violations, + :display_issues => @display_issues, + :has_global_issues => @global_issues && @global_issues.size>0, + :resource => @resource, + :snapshot => @snapshot, + :review_screens_by_vid => @review_screens_by_vid, + :filtered => @filtered}%> + + <% else %> + <div class="note" style="margin: 5px;"><%= message('code_viewer.no_source_code_displayed_due_to_security') -%></div> + <% end %> <% end %> <% if @duplication_groups %> diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_options.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_options.html.erb index 8d7706cdf9b..2f2901c8369 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_options.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/resource/_options.html.erb @@ -1,4 +1,4 @@ -<% display_options = @scm_available || @expandable || @filtered || @display_issues +<% display_options = (@scm_available || @expandable || @filtered || @display_issues) && has_role?('codeviewer', @resource) if display_options %> diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/shared/_source_display.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/shared/_source_display.erb index e48fcafaa35..d24cae1a30e 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/shared/_source_display.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/shared/_source_display.erb @@ -76,9 +76,9 @@ <tr class="row pos<%= index+1 -%>"> <% if display_manual_violation_form %> - <%= render :partial => "shared/source_issue_form", :locals => { :resource_id => resource.id, \ - :index => index, \ - :gray_colspan => gray_colspan, \ + <%= render :partial => "shared/source_issue_form", :locals => { :resource_id => resource.id, + :index => index, + :gray_colspan => gray_colspan, :white_colspan => white_colspan} %> <% end %> @@ -99,9 +99,9 @@ <%= render :partial => "shared/source_line_numbers", :locals => {:index => line.id} %> <% if display_coverage %> - <%= render :partial => "shared/source_coverage", :locals => {:line => line, \ - :statuses => {:hits => hits_status, :conditions => conditions_status}, \ - :index => index, \ + <%= render :partial => "shared/source_coverage", :locals => {:line => line, + :statuses => {:hits => hits_status, :conditions => conditions_status}, + :index => index, :resource_key => snapshot.resource.key} %> <% end %> @@ -110,8 +110,8 @@ </tr> <% if display_issues && line.issues? %> - <%= render :partial => "shared/source_issues", :locals => { :line => line, \ - :display_manual_violation_form => display_manual_violation_form, \ + <%= render :partial => "shared/source_issues", :locals => { :line => line, + :display_manual_violation_form => display_manual_violation_form, :scm_available => scm_available} %> <% end %> |