diff options
Diffstat (limited to 'server')
5 files changed, 266 insertions, 2 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java index a0ab7987ab6..35e805df8eb 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java +++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/OrganizationsWsModule.java @@ -32,7 +32,8 @@ public class OrganizationsWsModule extends Module { CreateAction.class, SearchAction.class, UpdateAction.class, - DeleteAction.class); + DeleteAction.class, + SearchMyOrganizationsAction.class); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java new file mode 100644 index 00000000000..cbea63906cc --- /dev/null +++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java @@ -0,0 +1,71 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.server.organization.ws; + +import org.sonar.api.server.ws.Request; +import org.sonar.api.server.ws.Response; +import org.sonar.api.server.ws.WebService; +import org.sonar.api.utils.text.JsonWriter; +import org.sonar.db.DbClient; +import org.sonar.db.DbSession; +import org.sonar.server.user.UserSession; + +import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; + +public class SearchMyOrganizationsAction implements OrganizationsAction { + private static final String ACTION = "search_my_organizations"; + + private final UserSession userSession; + private final DbClient dbClient; + + public SearchMyOrganizationsAction(UserSession userSession, DbClient dbClient) { + this.userSession = userSession; + this.dbClient = dbClient; + } + + @Override + public void define(WebService.NewController context) { + context.createAction(ACTION) + .setPost(false) + .setDescription("List keys of the organizations for which the currently authenticated user has the System Administer permission for.") + .setResponseExample(getClass().getResource("example-search_my_organization.json")) + .setInternal(true) + .setSince("6.3") + .setHandler(this); + } + + @Override + public void handle(Request request, Response response) throws Exception { + if (!userSession.isLoggedIn()) { + response.noContent(); + return; + } + + try (DbSession dbSession = dbClient.openSession(false); + JsonWriter jsonWriter = response.newJsonWriter()) { + jsonWriter.beginObject(); + jsonWriter.name("organizations").beginArray(); + dbClient.organizationDao().selectByPermission(dbSession, userSession.getUserId(), SYSTEM_ADMIN) + .forEach(dto -> jsonWriter.value(dto.getKey())); + jsonWriter.endArray(); + jsonWriter.endObject(); + } + } +} diff --git a/server/sonar-server/src/main/resources/org/sonar/server/organization/ws/example-search_my_organization.json b/server/sonar-server/src/main/resources/org/sonar/server/organization/ws/example-search_my_organization.json new file mode 100644 index 00000000000..4d2fe03957c --- /dev/null +++ b/server/sonar-server/src/main/resources/org/sonar/server/organization/ws/example-search_my_organization.json @@ -0,0 +1,6 @@ +{ + "organizations": [ + "my-org", + "foo-corp" + ] +} diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java index 77f86e28501..fba235871c0 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/OrganizationsWsModuleTest.java @@ -33,7 +33,7 @@ public class OrganizationsWsModuleTest { ComponentContainer container = new ComponentContainer(); underTest.configure(container); assertThat(container.getPicoContainer().getComponentAdapters()) - .hasSize(COMPONENTS_IN_EMPTY_COMPONENT_CONTAINER + 6); + .hasSize(COMPONENTS_IN_EMPTY_COMPONENT_CONTAINER + 7); } } diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchMyOrganizationsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchMyOrganizationsActionTest.java new file mode 100644 index 00000000000..ec55b7f8a27 --- /dev/null +++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/SearchMyOrganizationsActionTest.java @@ -0,0 +1,186 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.server.organization.ws; + +import org.junit.Rule; +import org.junit.Test; +import org.sonar.api.server.ws.WebService; +import org.sonar.api.utils.System2; +import org.sonar.core.permission.GlobalPermissions; +import org.sonar.db.DbClient; +import org.sonar.db.DbTester; +import org.sonar.db.organization.OrganizationDto; +import org.sonar.db.user.GroupDto; +import org.sonar.db.user.UserDto; +import org.sonar.server.tester.UserSessionRule; +import org.sonar.server.ws.TestResponse; +import org.sonar.server.ws.WsActionTester; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; +import static org.sonar.test.JsonAssert.assertJson; + +public class SearchMyOrganizationsActionTest { + private static final String NO_ORGANIZATIONS_RESPONSE = "{\"organizations\": []}"; + + @Rule + public DbTester dbTester = DbTester.create(System2.INSTANCE); + @Rule + public UserSessionRule userSessionRule = UserSessionRule.standalone(); + + private DbClient dbClient = dbTester.getDbClient(); + + private WsActionTester underTest = new WsActionTester(new SearchMyOrganizationsAction(userSessionRule, dbClient)); + + @Test + public void verify_definition() { + WebService.Action def = underTest.getDef(); + + assertThat(def.key()).isEqualTo("search_my_organizations"); + assertThat(def.isPost()).isFalse(); + assertThat(def.isInternal()).isTrue(); + assertThat(def.since()).isEqualTo("6.3"); + assertThat(def.description()).isEqualTo("List keys of the organizations for which the currently authenticated user has the System Administer permission for."); + assertThat(def.responseExample()).isNotNull(); + + assertThat(def.params()).isEmpty(); + } + + @Test + public void verify_response_example() { + OrganizationDto organization1 = dbTester.organizations().insertForKey("my-org"); + OrganizationDto organization2 = dbTester.organizations().insertForKey("foo-corp"); + + UserDto user = dbTester.users().insertUser(); + dbTester.users().insertPermissionOnUser(organization1, user, SYSTEM_ADMIN); + dbTester.users().insertPermissionOnUser(organization2, user, SYSTEM_ADMIN); + + userSessionRule.logIn(user); + + TestResponse response = underTest.newRequest().execute(); + + assertJson(response.getInput()).isSimilarTo(underTest.getDef().responseExampleAsString()); + } + + @Test + public void returns_empty_response_when_user_is_not_logged_in() { + TestResponse response = underTest.newRequest().execute(); + + assertThat(response.getStatus()).isEqualTo(204); + assertThat(response.getInput()).isEmpty(); + } + + @Test + public void returns_empty_array_when_user_is_logged_in_and_has_no_permission_on_anything() { + userSessionRule.logIn(); + + TestResponse response = underTest.newRequest().execute(); + + assertJson(response.getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE); + } + + @Test + public void returns_organizations_of_authenticated_user_when_user_has_ADMIN_user_permission_on_some_organization() { + UserDto user = dbTester.users().insertUser(); + dbTester.users().insertPermissionOnUser(dbTester.getDefaultOrganization(), user, SYSTEM_ADMIN); + OrganizationDto organization1 = dbTester.organizations().insert(); + dbTester.users().insertPermissionOnUser(organization1, user, SYSTEM_ADMIN); + UserDto otherUser = dbTester.users().insertUser(); + OrganizationDto organization2 = dbTester.organizations().insert(); + dbTester.users().insertPermissionOnUser(organization2, otherUser, SYSTEM_ADMIN); + + userSessionRule.logIn(user); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" + + "\"" + dbTester.getDefaultOrganization().getKey() + "\"," + + "\"" + organization1.getKey() + "\"" + + "]}"); + + userSessionRule.logIn(otherUser); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" + + "\"" + organization2.getKey() + "\"" + + "]}"); + + userSessionRule.logIn(); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE); + } + + @Test + public void returns_organizations_of_authenticated_user_when_user_has_ADMIN_group_permission_on_some_organization() { + UserDto user = dbTester.users().insertUser(); + GroupDto defaultGroup = dbTester.users().insertGroup(dbTester.getDefaultOrganization()); + dbTester.users().insertPermissionOnGroup(defaultGroup, SYSTEM_ADMIN); + dbTester.users().insertMember(defaultGroup, user); + OrganizationDto organization1 = dbTester.organizations().insert(); + GroupDto group1 = dbTester.users().insertGroup(organization1); + dbTester.users().insertPermissionOnGroup(group1, SYSTEM_ADMIN); + dbTester.users().insertMember(group1, user); + UserDto otherUser = dbTester.users().insertUser(); + OrganizationDto organization2 = dbTester.organizations().insert(); + GroupDto group2 = dbTester.users().insertGroup(organization2); + dbTester.users().insertPermissionOnGroup(group2, SYSTEM_ADMIN); + dbTester.users().insertMember(group2, otherUser); + + userSessionRule.logIn(user); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" + + "\"" + dbTester.getDefaultOrganization().getKey() + "\"," + + "\"" + organization1.getKey() + "\"" + + "]}"); + + userSessionRule.logIn(otherUser); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" + + "\"" + organization2.getKey() + "\"" + + "]}"); + + userSessionRule.logIn(); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE); + } + + @Test + public void returns_organization_of_authenticated_user_only_for_ADMIN_permission() { + UserDto user = dbTester.users().insertUser(); + OrganizationDto organization1 = dbTester.organizations().insert(); + OrganizationDto organization2 = dbTester.organizations().insert(); + GroupDto group = dbTester.users().insertGroup(organization2); + dbTester.users().insertMember(group, user); + GlobalPermissions.ALL.stream() + .filter(s -> !s.equals(SYSTEM_ADMIN)) + .forEach(s -> { + dbTester.users().insertPermissionOnUser(organization1, user, s); + dbTester.users().insertPermissionOnGroup(group, s); + }); + + userSessionRule.logIn(user); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE); + } + + @Test + public void do_not_return_organization_twice_if_user_has_ADMIN_permission_twice_or_more() { + UserDto user = dbTester.users().insertUser(); + OrganizationDto organization = dbTester.organizations().insert(); + GroupDto group1 = dbTester.users().insertGroup(organization); + dbTester.users().insertPermissionOnGroup(group1, SYSTEM_ADMIN); + dbTester.users().insertPermissionOnUser(organization, user, SYSTEM_ADMIN); + + userSessionRule.logIn(user); + assertJson(underTest.newRequest().execute().getInput()).isSimilarTo("{\"organizations\": [" + + "\"" + organization.getKey() + "\"" + + "]}"); + } +} |