SONAR-11106 Restrict scope of api/issues/authors

* SONAR-11106 Sanitize api/issues/authors - Return PROTO and JSON response - Set max value to PAGE_SIZE parameter * SONAR-11106 Return only allowed authors * Remove no more needed IssueQuery#checkAuthorization * SONAR-11106 Add 'organization' to api/issues/authors - Return only authors from issues belonging to given organization - Check organization membership * SONAR-11106 Add 'project' to api/issues/authors * Move Muppet rule in the BillingTestSuite * SONAR-11106 Improve IT
author: Julien Lancelot <julien.lancelot@sonarsource.com> 2018-08-13 13:58:27 +0200
committer: SonarTech <sonartech@sonarsource.com> 2018-08-21 20:21:02 +0200
commit: c9d8fb12afc55512508c55f4026fbad3797c0439 (patch)
tree: b6772c112144af1dcd5ea86d15675bd7d4748f69 /sonar-ws
parent: 20a8ceffbe12771dea8f9186a408aabbab32a8d7 (diff)
download: sonarqube-c9d8fb12afc55512508c55f4026fbad3797c0439.tar.gz
sonarqube-c9d8fb12afc55512508c55f4026fbad3797c0439.zip
3 files changed, 40 insertions, 13 deletions
diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/AuthorsRequest.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/AuthorsRequest.java
index 4550b151952..1d14755927e 100644
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/AuthorsRequest.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/AuthorsRequest.java
@@ -19,7 +19,6 @@
  */
 package org.sonarqube.ws.client.issues;
 
-import java.util.List;
 import javax.annotation.Generated;
 
 /**
@@ -31,11 +30,38 @@ import javax.annotation.Generated;
 @Generated("sonar-ws-generator")
 public class AuthorsRequest {
 
+  private String organization;
+  private String project;
   private String ps;
   private String q;
 
   /**
-   * Example value: "25"
+   * This is part of the internal API.
+   * Example value: "my-org"
+   */
+  public AuthorsRequest setOrganization(String organization) {
+    this.organization = organization;
+    return this;
+  }
+
+  public String getOrganization() {
+    return organization;
+  }
+
+  /**
+   * Example value: "my_project"
+   */
+  public AuthorsRequest setProject(String project) {
+    this.project = project;
+    return this;
+  }
+
+  public String getProject() {
+    return project;
+  }
+
+  /**
+   * Example value: "20"
    */
   public AuthorsRequest setPs(String ps) {
     this.ps = ps;
diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/IssuesService.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/IssuesService.java
index d80a8bba836..f7a997434e9 100644
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/IssuesService.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/issues/IssuesService.java
@@ -21,11 +21,6 @@ package org.sonarqube.ws.client.issues;
 
 import java.util.stream.Collectors;
 import javax.annotation.Generated;
-import org.sonarqube.ws.MediaTypes;
-import org.sonarqube.ws.client.BaseService;
-import org.sonarqube.ws.client.GetRequest;
-import org.sonarqube.ws.client.PostRequest;
-import org.sonarqube.ws.client.WsConnector;
 import org.sonarqube.ws.Issues.AddCommentResponse;
 import org.sonarqube.ws.Issues.AssignResponse;
 import org.sonarqube.ws.Issues.AuthorsResponse;
@@ -38,6 +33,11 @@ import org.sonarqube.ws.Issues.SetSeverityResponse;
 import org.sonarqube.ws.Issues.SetTagsResponse;
 import org.sonarqube.ws.Issues.SetTypeResponse;
 import org.sonarqube.ws.Issues.TagsResponse;
+import org.sonarqube.ws.MediaTypes;
+import org.sonarqube.ws.client.BaseService;
+import org.sonarqube.ws.client.GetRequest;
+import org.sonarqube.ws.client.PostRequest;
+import org.sonarqube.ws.client.WsConnector;
 
 /**
  * @see <a href="https://next.sonarqube.com/sonarqube/web_api/api/issues">Further information about this web service online</a>
@@ -90,6 +90,8 @@ public class IssuesService extends BaseService {
   public AuthorsResponse authors(AuthorsRequest request) {
     return call(
       new GetRequest(path("authors"))
+        .setParam("organization", request.getOrganization())
+        .setParam("project", request.getProject())
         .setParam("ps", request.getPs())
         .setParam("q", request.getQ()),
       AuthorsResponse.parser());
diff --git a/sonar-ws/src/main/protobuf/ws-issues.proto b/sonar-ws/src/main/protobuf/ws-issues.proto
index 863c1345be2..d74b89ded46 100644
--- a/sonar-ws/src/main/protobuf/ws-issues.proto
+++ b/sonar-ws/src/main/protobuf/ws-issues.proto
@@ -67,12 +67,6 @@ message AssignResponse {
   repeated sonarqube.ws.commons.Rule rules = 3;
   repeated Users.User users = 4;
 }
-message AuthorsResponse {
-  optional Issue issue = 1;
-  repeated Component components = 2;
-  repeated sonarqube.ws.commons.Rule rules = 3;
-  repeated Users.User users = 4;
-}
 message DeleteCommentResponse {
   optional Issue issue = 1;
   repeated Component components = 2;
@@ -282,5 +276,10 @@ message Users {
   }
 }
 
+// Response of GET api/issues/authors
+message AuthorsResponse {
+  repeated string authors = 1;
+}
+
author	Julien Lancelot <julien.lancelot@sonarsource.com>	2018-08-13 13:58:27 +0200
committer	SonarTech <sonartech@sonarsource.com>	2018-08-21 20:21:02 +0200
commit	c9d8fb12afc55512508c55f4026fbad3797c0439 (patch)
tree	b6772c112144af1dcd5ea86d15675bd7d4748f69 /sonar-ws
parent	20a8ceffbe12771dea8f9186a408aabbab32a8d7 (diff)
download	sonarqube-c9d8fb12afc55512508c55f4026fbad3797c0439.tar.gz sonarqube-c9d8fb12afc55512508c55f4026fbad3797c0439.zip