aboutsummaryrefslogtreecommitdiffstats
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java3
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java71
-rw-r--r--server/sonar-server/src/main/resources/org/sonar/server/organization/ws/example-search_my_organization.json6
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java2
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchMyOrganizationsActionTest.java186
5 files changed, 266 insertions, 2 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java
index a0ab7987ab6..35e805df8eb 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java
@@ -32,7 +32,8 @@ public class OrganizationsWsModule extends Module {
CreateAction.class,
SearchAction.class,
UpdateAction.class,
- DeleteAction.class);
+ DeleteAction.class,
+ SearchMyOrganizationsAction.class);
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
new file mode 100644
index 00000000000..cbea63906cc
--- /dev/null
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
@@ -0,0 +1,71 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.organization.ws;
+
+import org.sonar.api.server.ws.Request;
+import org.sonar.api.server.ws.Response;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.api.utils.text.JsonWriter;
+import org.sonar.db.DbClient;
+import org.sonar.db.DbSession;
+import org.sonar.server.user.UserSession;
+
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+
+public class SearchMyOrganizationsAction implements OrganizationsAction {
+ private static final String ACTION = "search_my_organizations";
+
+ private final UserSession userSession;
+ private final DbClient dbClient;
+
+ public SearchMyOrganizationsAction(UserSession userSession, DbClient dbClient) {
+ this.userSession = userSession;
+ this.dbClient = dbClient;
+ }
+
+ @Override
+ public void define(WebService.NewController context) {
+ context.createAction(ACTION)
+ .setPost(false)
+ .setDescription("List keys of the organizations for which the currently authenticated user has the System Administer permission for.")
+ .setResponseExample(getClass().getResource("example-search_my_organization.json"))
+ .setInternal(true)
+ .setSince("6.3")
+ .setHandler(this);
+ }
+
+ @Override
+ public void handle(Request request, Response response) throws Exception {
+ if (!userSession.isLoggedIn()) {
+ response.noContent();
+ return;
+ }
+
+ try (DbSession dbSession = dbClient.openSession(false);
+ JsonWriter jsonWriter = response.newJsonWriter()) {
+ jsonWriter.beginObject();
+ jsonWriter.name("organizations").beginArray();
+ dbClient.organizationDao().selectByPermission(dbSession, userSession.getUserId(), SYSTEM_ADMIN)
+ .forEach(dto -> jsonWriter.value(dto.getKey()));
+ jsonWriter.endArray();
+ jsonWriter.endObject();
+ }
+ }
+}
diff --git a/server/sonar-server/src/main/resources/org/sonar/server/organization/ws/example-search_my_organization.json b/server/sonar-server/src/main/resources/org/sonar/server/organization/ws/example-search_my_organization.json
new file mode 100644
index 00000000000..4d2fe03957c
--- /dev/null
+++ b/server/sonar-server/src/main/resources/org/sonar/server/organization/ws/example-search_my_organization.json
@@ -0,0 +1,6 @@
+{
+ "organizations": [
+ "my-org",
+ "foo-corp"
+ ]
+}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java
index 77f86e28501..fba235871c0 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java
@@ -33,7 +33,7 @@ public class OrganizationsWsModuleTest {
ComponentContainer container = new ComponentContainer();
underTest.configure(container);
assertThat(container.getPicoContainer().getComponentAdapters())
- .hasSize(COMPONENTS_IN_EMPTY_COMPONENT_CONTAINER + 6);
+ .hasSize(COMPONENTS_IN_EMPTY_COMPONENT_CONTAINER + 7);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchMyOrganizationsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchMyOrganizationsActionTest.java
new file mode 100644
index 00000000000..ec55b7f8a27
--- /dev/null
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchMyOrganizationsActionTest.java
@@ -0,0 +1,186 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.organization.ws;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.api.utils.System2;
+import org.sonar.core.permission.GlobalPermissions;
+import org.sonar.db.DbClient;
+import org.sonar.db.DbTester;
+import org.sonar.db.organization.OrganizationDto;
+import org.sonar.db.user.GroupDto;
+import org.sonar.db.user.UserDto;
+import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.ws.TestResponse;
+import org.sonar.server.ws.WsActionTester;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.test.JsonAssert.assertJson;
+
+public class SearchMyOrganizationsActionTest {
+ private static final String NO_ORGANIZATIONS_RESPONSE = "{\"organizations\": []}";
+
+ @Rule
+ public DbTester dbTester = DbTester.create(System2.INSTANCE);
+ @Rule
+ public UserSessionRule userSessionRule = UserSessionRule.standalone();
+
+ private DbClient dbClient = dbTester.getDbClient();
+
+ private WsActionTester underTest = new WsActionTester(new SearchMyOrganizationsAction(userSessionRule, dbClient));
+
+ @Test
+ public void verify_definition() {
+ WebService.Action def = underTest.getDef();
+
+ assertThat(def.key()).isEqualTo("search_my_organizations");
+ assertThat(def.isPost()).isFalse();
+ assertThat(def.isInternal()).isTrue();
+ assertThat(def.since()).isEqualTo("6.3");
+ assertThat(def.description()).isEqualTo("List keys of the organizations for which the currently authenticated user has the System Administer permission for.");
+ assertThat(def.responseExample()).isNotNull();
+
+ assertThat(def.params()).isEmpty();
+ }
+
+ @Test
+ public void verify_response_example() {
+ OrganizationDto organization1 = dbTester.organizations().insertForKey("my-org");
+ OrganizationDto organization2 = dbTester.organizations().insertForKey("foo-corp");
+
+ UserDto user = dbTester.users().insertUser();
+ dbTester.users().insertPermissionOnUser(organization1, user, SYSTEM_ADMIN);
+ dbTester.users().insertPermissionOnUser(organization2, user, SYSTEM_ADMIN);
+
+ userSessionRule.logIn(user);
+
+ TestResponse response = underTest.newRequest().execute();
+
+ assertJson(response.getInput()).isSimilarTo(underTest.getDef().responseExampleAsString());
+ }
+
+ @Test
+ public void returns_empty_response_when_user_is_not_logged_in() {
+ TestResponse response = underTest.newRequest().execute();
+
+ assertThat(response.getStatus()).isEqualTo(204);
+ assertThat(response.getInput()).isEmpty();
+ }
+
+ @Test
+ public void returns_empty_array_when_user_is_logged_in_and_has_no_permission_on_anything() {
+ userSessionRule.logIn();
+
+ TestResponse response = underTest.newRequest().execute();
+
+ assertJson(response.getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE);
+ }
+
+ @Test
+ public void returns_organizations_of_authenticated_user_when_user_has_ADMIN_user_permission_on_some_organization() {
+ UserDto user = dbTester.users().insertUser();
+ dbTester.users().insertPermissionOnUser(dbTester.getDefaultOrganization(), user, SYSTEM_ADMIN);
+ OrganizationDto organization1 = dbTester.organizations().insert();
+ dbTester.users().insertPermissionOnUser(organization1, user, SYSTEM_ADMIN);
+ UserDto otherUser = dbTester.users().insertUser();
+ OrganizationDto organization2 = dbTester.organizations().insert();
+ dbTester.users().insertPermissionOnUser(organization2, otherUser, SYSTEM_ADMIN);
+
+ userSessionRule.logIn(user);
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" +
+ "\"" + dbTester.getDefaultOrganization().getKey() + "\"," +
+ "\"" + organization1.getKey() + "\"" +
+ "]}");
+
+ userSessionRule.logIn(otherUser);
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" +
+ "\"" + organization2.getKey() + "\"" +
+ "]}");
+
+ userSessionRule.logIn();
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE);
+ }
+
+ @Test
+ public void returns_organizations_of_authenticated_user_when_user_has_ADMIN_group_permission_on_some_organization() {
+ UserDto user = dbTester.users().insertUser();
+ GroupDto defaultGroup = dbTester.users().insertGroup(dbTester.getDefaultOrganization());
+ dbTester.users().insertPermissionOnGroup(defaultGroup, SYSTEM_ADMIN);
+ dbTester.users().insertMember(defaultGroup, user);
+ OrganizationDto organization1 = dbTester.organizations().insert();
+ GroupDto group1 = dbTester.users().insertGroup(organization1);
+ dbTester.users().insertPermissionOnGroup(group1, SYSTEM_ADMIN);
+ dbTester.users().insertMember(group1, user);
+ UserDto otherUser = dbTester.users().insertUser();
+ OrganizationDto organization2 = dbTester.organizations().insert();
+ GroupDto group2 = dbTester.users().insertGroup(organization2);
+ dbTester.users().insertPermissionOnGroup(group2, SYSTEM_ADMIN);
+ dbTester.users().insertMember(group2, otherUser);
+
+ userSessionRule.logIn(user);
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" +
+ "\"" + dbTester.getDefaultOrganization().getKey() + "\"," +
+ "\"" + organization1.getKey() + "\"" +
+ "]}");
+
+ userSessionRule.logIn(otherUser);
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" +
+ "\"" + organization2.getKey() + "\"" +
+ "]}");
+
+ userSessionRule.logIn();
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE);
+ }
+
+ @Test
+ public void returns_organization_of_authenticated_user_only_for_ADMIN_permission() {
+ UserDto user = dbTester.users().insertUser();
+ OrganizationDto organization1 = dbTester.organizations().insert();
+ OrganizationDto organization2 = dbTester.organizations().insert();
+ GroupDto group = dbTester.users().insertGroup(organization2);
+ dbTester.users().insertMember(group, user);
+ GlobalPermissions.ALL.stream()
+ .filter(s -> !s.equals(SYSTEM_ADMIN))
+ .forEach(s -> {
+ dbTester.users().insertPermissionOnUser(organization1, user, s);
+ dbTester.users().insertPermissionOnGroup(group, s);
+ });
+
+ userSessionRule.logIn(user);
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE);
+ }
+
+ @Test
+ public void do_not_return_organization_twice_if_user_has_ADMIN_permission_twice_or_more() {
+ UserDto user = dbTester.users().insertUser();
+ OrganizationDto organization = dbTester.organizations().insert();
+ GroupDto group1 = dbTester.users().insertGroup(organization);
+ dbTester.users().insertPermissionOnGroup(group1, SYSTEM_ADMIN);
+ dbTester.users().insertPermissionOnUser(organization, user, SYSTEM_ADMIN);
+
+ userSessionRule.logIn(user);
+ assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" +
+ "\"" + organization.getKey() + "\"" +
+ "]}");
+ }
+}