From 456f46662f89717382a910f192df1f44cd8b8fd4 Mon Sep 17 00:00:00 2001
From: Simon Brandhof
Date: Sun, 19 Feb 2017 15:35:37 +0100
Subject: [PATCH] Use the methods UserSession accepting OrganizationPermission
param
---
.../java/org/sonar/ce/user/CeUserSession.java | 4 +-
.../sonar/server/batch/ProjectDataLoader.java | 3 +-
.../org/sonar/server/ce/ws/TaskAction.java | 6 +--
.../computation/queue/ReportSubmitter.java | 14 +++---
.../server/organization/ws/DeleteAction.java | 4 +-
.../organization/ws/EnableSupportAction.java | 4 +-
.../ws/SearchMyOrganizationsAction.java | 5 +-
.../server/organization/ws/UpdateAction.java | 4 +-
.../PermissionPrivilegeChecker.java | 5 +-
.../server/project/ws/BulkDeleteAction.java | 4 +-
.../sonar/server/project/ws/CreateAction.java | 4 +-
.../sonar/server/project/ws/DeleteAction.java | 4 +-
.../sonar/server/project/ws/GhostsAction.java | 4 +-
.../server/project/ws/ProvisionedAction.java | 4 +-
.../sonar/server/project/ws/SearchAction.java | 4 +-
.../server/qualitygate/QualityGates.java | 4 +-
.../server/qualitygate/ws/AppAction.java | 4 +-
.../server/qualitygate/ws/CreateAction.java | 4 +-
.../qualitygate/ws/CreateConditionAction.java | 4 +-
.../server/qualitygate/ws/SelectAction.java | 4 +-
.../qualitygate/ws/UpdateConditionAction.java | 4 +-
.../QProfileProjectOperations.java | 4 +-
.../qualityprofile/QProfileService.java | 5 +-
.../qualityprofile/ws/QProfileWsSupport.java | 5 +-
.../org/sonar/server/rule/ws/AppAction.java | 5 +-
.../sonar/server/rule/ws/RuleWsSupport.java | 5 +-
.../server/setting/ws/SettingsWsSupport.java | 11 +++--
.../sonar/server/ui/ws/ComponentAction.java | 16 +++----
.../server/ui/ws/OrganizationAction.java | 11 ++---
.../server/user/AbstractUserSession.java | 17 +++----
.../org/sonar/server/user/DoPrivileged.java | 3 +-
.../sonar/server/user/ServerUserSession.java | 3 +-
.../server/user/ThreadLocalUserSession.java | 22 ++++-----
.../org/sonar/server/user/UserSession.java | 1 -
.../sonar/server/user/ws/CurrentAction.java | 9 ++--
.../server/user/ws/DeactivateAction.java | 7 +--
.../server/usergroups/ws/AddUserAction.java | 4 +-
.../server/usergroups/ws/CreateAction.java | 4 +-
.../server/usergroups/ws/DeleteAction.java | 6 +--
.../usergroups/ws/RemoveUserAction.java | 6 +--
.../server/usergroups/ws/SearchAction.java | 4 +-
.../server/usergroups/ws/UpdateAction.java | 4 +-
.../server/usergroups/ws/UsersAction.java | 4 +-
.../server/batch/ProjectDataLoaderTest.java | 3 +-
.../sonar/server/ce/ws/TaskActionTest.java | 5 +-
.../queue/ReportSubmitterTest.java | 11 +++--
.../organization/ws/DeleteActionTest.java | 4 +-
.../ws/EnableSupportActionTest.java | 5 +-
.../organization/ws/UpdateActionTest.java | 6 +--
.../permission/ws/AddGroupActionTest.java | 3 +-
.../permission/ws/BasePermissionWsTest.java | 6 +--
...AddProjectCreatorToTemplateActionTest.java | 3 +-
.../template/AddUserToTemplateActionTest.java | 4 +-
.../ws/template/ApplyTemplateActionTest.java | 4 +-
.../ws/template/CreateTemplateActionTest.java | 4 +-
.../ws/template/DeleteTemplateActionTest.java | 4 +-
.../RemoveGroupFromTemplateActionTest.java | 4 +-
.../template/SearchTemplatesActionTest.java | 6 +--
.../ws/template/TemplateUsersActionTest.java | 4 +-
.../ws/template/UpdateTemplateActionTest.java | 4 +-
.../project/ws/BulkDeleteActionTest.java | 6 +--
.../server/project/ws/CreateActionTest.java | 12 ++---
.../server/project/ws/DeleteActionTest.java | 6 +--
.../server/project/ws/GhostsActionTest.java | 35 +++++++-------
.../project/ws/ProvisionedActionTest.java | 47 ++++++++++---------
.../server/project/ws/SearchActionTest.java | 34 +++++++-------
.../server/qualitygate/ws/AppActionTest.java | 4 +-
.../qualitygate/ws/CreateActionTest.java | 7 ++-
.../ws/CreateConditionActionTest.java | 7 ++-
.../qualitygate/ws/DeselectActionTest.java | 4 +-
.../qualitygate/ws/SelectActionTest.java | 4 +-
.../ws/UpdateConditionActionTest.java | 7 ++-
.../QProfileServiceMediumTest.java | 4 +-
.../ws/AddProjectActionTest.java | 4 +-
.../ws/ChangeParentActionMediumTest.java | 4 +-
.../qualityprofile/ws/CopyActionTest.java | 4 +-
.../qualityprofile/ws/CreateActionTest.java | 4 +-
.../qualityprofile/ws/DeleteActionTest.java | 4 +-
.../qualityprofile/ws/RenameActionTest.java | 4 +-
.../qualityprofile/ws/RestoreActionTest.java | 4 +-
.../ws/RestoreBuiltInActionTest.java | 4 +-
.../ws/SetDefaultActionTest.java | 4 +-
.../server/rule/RegisterRulesMediumTest.java | 4 +-
.../sonar/server/rule/ws/AppActionTest.java | 4 +-
.../server/rule/ws/DeleteActionTest.java | 4 +-
.../server/rule/ws/ShowActionMediumTest.java | 4 +-
.../rule/ws/UpdateActionMediumTest.java | 4 +-
.../setting/ws/ListDefinitionsActionTest.java | 8 ++--
.../server/setting/ws/ValuesActionTest.java | 7 +--
.../tester/AbstractMockUserSession.java | 23 ++++-----
.../sonar/server/tester/UserSessionRule.java | 40 ++++++++--------
.../server/ui/ws/ComponentActionTest.java | 12 ++---
.../server/ui/ws/OrganizationActionTest.java | 15 +++---
.../server/user/ServerUserSessionTest.java | 43 +++++++++--------
.../server/user/ws/CurrentActionTest.java | 10 ++--
.../usergroups/ws/AddUserActionTest.java | 4 +-
.../usergroups/ws/CreateActionTest.java | 4 +-
.../usergroups/ws/DeleteActionTest.java | 4 +-
.../usergroups/ws/RemoveUserActionTest.java | 3 +-
.../usergroups/ws/SearchActionTest.java | 6 +--
.../usergroups/ws/UpdateActionTest.java | 4 +-
.../server/usergroups/ws/UsersActionTest.java | 4 +-
102 files changed, 380 insertions(+), 373 deletions(-)
diff --git a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
index 9ef58ff8d960..9a045b346ddf 100644
--- a/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
+++ b/server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java
@@ -87,12 +87,12 @@ public boolean hasOrganizationPermission(String organizationUuid, String permiss
}
@Override
- public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
+ public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
throw notImplemented();
}
@Override
- public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
throw notImplemented();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
index fab76d2bb552..5b2b8ce604ca 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectDataLoader.java
@@ -38,6 +38,7 @@
import org.sonar.scanner.protocol.input.ProjectRepositories;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static com.google.common.collect.Lists.newArrayList;
@@ -68,7 +69,7 @@ public ProjectRepositories load(ProjectDataQuery query) {
}
boolean hasScanPerm = userSession.hasComponentPermission(SCAN_EXECUTION, module) ||
- userSession.hasOrganizationPermission(module.getOrganizationUuid(), SCAN_EXECUTION);
+ userSession.hasPermission(OrganizationPermission.SCAN, module.getOrganizationUuid());
boolean hasBrowsePerm = userSession.hasComponentPermission(USER, module);
checkPermission(query.isIssuesMode(), hasScanPerm, hasBrowsePerm);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java b/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java
index b59b991a7faf..aa52c814cf58 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java
@@ -38,12 +38,12 @@
import org.sonar.db.ce.CeActivityDto;
import org.sonar.db.ce.CeQueueDto;
import org.sonar.db.component.ComponentDto;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.ws.WsUtils;
import org.sonarqube.ws.WsCe;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
@@ -118,8 +118,8 @@ private Optional loadComponent(DbSession dbSession, @Nullable Stri
private void checkPermission(Optional component) {
if (component.isPresent()) {
String orgUuid = component.get().getOrganizationUuid();
- if (!userSession.hasOrganizationPermission(orgUuid, SYSTEM_ADMIN) &&
- !userSession.hasOrganizationPermission(orgUuid, SCAN_EXECUTION) &&
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER, orgUuid) &&
+ !userSession.hasPermission(OrganizationPermission.SCAN, orgUuid) &&
!userSession.hasComponentPermission(SCAN_EXECUTION, component.get())) {
throw insufficientPrivilegesException();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java b/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java
index d0a4679963b8..7febecaf5d46 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/computation/queue/ReportSubmitter.java
@@ -37,12 +37,12 @@
import org.sonar.server.component.ComponentUpdater;
import org.sonar.server.component.NewComponent;
import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.permission.PermissionTemplateService;
import org.sonar.server.user.UserSession;
import static com.google.common.base.Preconditions.checkArgument;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.server.component.NewComponent.newComponentBuilder;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
@@ -75,7 +75,7 @@ public CeTask submit(String organizationKey, String projectKey, @Nullable String
OrganizationDto organizationDto = getOrganizationDtoOrFail(dbSession, organizationKey);
Optional opt = dbClient.componentDao().selectByKey(dbSession, effectiveProjectKey);
ensureOrganizationIsConsistent(opt, organizationDto);
- ComponentDto project = opt.or(() -> createProject(dbSession, organizationDto.getUuid(), projectKey, projectBranch, projectName));
+ ComponentDto project = opt.or(() -> createProject(dbSession, organizationDto, projectKey, projectBranch, projectName));
checkScanPermission(project);
return submitReport(dbSession, reportInput, project);
}
@@ -88,7 +88,7 @@ private void checkScanPermission(ComponentDto project) {
// That means that dropping the permission on the project does not have any effects
// if user has still the permission on the organization
if (!userSession.hasComponentPermission(SCAN_EXECUTION, project) &&
- !userSession.hasOrganizationPermission(project.getOrganizationUuid(), SCAN_EXECUTION)) {
+ !userSession.hasPermission(OrganizationPermission.SCAN, project.getOrganizationUuid())) {
throw insufficientPrivilegesException();
}
}
@@ -106,18 +106,18 @@ private static void ensureOrganizationIsConsistent(Optional projec
}
}
- private ComponentDto createProject(DbSession dbSession, String organizationUuid, String projectKey, @Nullable String projectBranch, @Nullable String projectName) {
- userSession.checkOrganizationPermission(organizationUuid, PROVISIONING);
+ private ComponentDto createProject(DbSession dbSession, OrganizationDto organization, String projectKey, @Nullable String projectBranch, @Nullable String projectName) {
+ userSession.checkPermission(OrganizationPermission.PROVISION_PROJECTS, organization);
Integer userId = userSession.getUserId();
boolean wouldCurrentUserHaveScanPermission = permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(
- dbSession, organizationUuid, userId, projectBranch, projectKey, Qualifiers.PROJECT);
+ dbSession, organization.getUuid(), userId, projectBranch, projectKey, Qualifiers.PROJECT);
if (!wouldCurrentUserHaveScanPermission) {
throw insufficientPrivilegesException();
}
NewComponent newProject = newComponentBuilder()
- .setOrganizationUuid(organizationUuid)
+ .setOrganizationUuid(organization.getUuid())
.setKey(projectKey)
.setName(StringUtils.defaultIfBlank(projectName, projectKey))
.setBranch(projectBranch)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
index 5fea4d459646..65a4f3a70988 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
@@ -34,8 +34,8 @@
import org.sonar.server.user.UserSession;
import static com.google.common.base.Preconditions.checkArgument;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
public class DeleteAction implements OrganizationsAction {
@@ -90,7 +90,7 @@ public void handle(Request request, Response response) throws Exception {
if (organizationDto.isGuarded()) {
userSession.checkIsSystemAdministrator();
} else {
- userSession.checkOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, organizationDto);
}
deleteProjects(dbSession, organizationDto.getUuid());
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java
index 60427f8cb937..ec596176b795 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/EnableSupportAction.java
@@ -26,10 +26,10 @@
import org.sonar.db.DbSession;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.organization.OrganizationFlags;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static java.util.Objects.requireNonNull;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
public class EnableSupportAction implements OrganizationsAction {
private static final String ACTION = "enable_support";
@@ -73,7 +73,7 @@ public void handle(Request request, Response response) throws Exception {
}
private void verifySystemAdministrator() {
- userSession.checkLoggedIn().checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkPermission(OrganizationPermission.ADMINISTER, defaultOrganizationProvider.get().getUuid());
}
private boolean isSupportDisabled(DbSession dbSession) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
index 52bbc0440a72..128a4f9010b1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/SearchMyOrganizationsAction.java
@@ -25,10 +25,9 @@
import org.sonar.api.utils.text.JsonWriter;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-
public class SearchMyOrganizationsAction implements OrganizationsAction {
private static final String ACTION = "search_my_organizations";
@@ -62,7 +61,7 @@ public void handle(Request request, Response response) throws Exception {
JsonWriter jsonWriter = response.newJsonWriter()) {
jsonWriter.beginObject();
jsonWriter.name("organizations").beginArray();
- dbClient.organizationDao().selectByPermission(dbSession, userSession.getUserId(), SYSTEM_ADMIN)
+ dbClient.organizationDao().selectByPermission(dbSession, userSession.getUserId(), OrganizationPermission.ADMINISTER.getKey())
.forEach(dto -> jsonWriter.value(dto.getKey()));
jsonWriter.endArray();
jsonWriter.endObject();
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java
index ac51fe383fcb..4ec8e70b7e26 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/UpdateAction.java
@@ -34,12 +34,12 @@
import org.sonarqube.ws.Organizations;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_AVATAR_URL;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_DESCRIPTION;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_NAME;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_URL;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
public class UpdateAction implements OrganizationsAction {
@@ -93,7 +93,7 @@ public void handle(Request request, Response response) throws Exception {
OrganizationDto dto = getDto(dbSession, key);
- userSession.checkOrganizationPermission(dto.getUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, dto);
dto.setName(updateRequest.getName().or(dto::getName))
.setDescription(updateRequest.getDescription().or(dto::getDescription))
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java
index bce14f0dd9be..6c152c60f07b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java
@@ -23,7 +23,6 @@
import org.sonar.api.web.UserRole;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
public class PermissionPrivilegeChecker {
@@ -34,7 +33,7 @@ private PermissionPrivilegeChecker() {
public static void checkGlobalAdmin(UserSession userSession, String organizationUuid) {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(organizationUuid, SYSTEM_ADMIN);
+ .checkPermission(OrganizationPermission.ADMINISTER, organizationUuid);
}
/**
@@ -45,7 +44,7 @@ public static void checkGlobalAdmin(UserSession userSession, String organization
public static void checkProjectAdmin(UserSession userSession, String organizationUuid, Optional projectId) {
userSession.checkLoggedIn();
- if (userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN)) {
+ if (userSession.hasPermission(OrganizationPermission.ADMINISTER, organizationUuid)) {
return;
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
index e8d367668f42..65f33bac3116 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
@@ -25,7 +25,6 @@
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
@@ -33,6 +32,7 @@
import org.sonar.server.component.ComponentCleanerService;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
public class BulkDeleteAction implements ProjectsWsAction {
@@ -104,7 +104,7 @@ private Optional loadOrganizationByKey(DbSession dbSession, @Nu
return Optional.empty();
}
OrganizationDto org = support.getOrganization(dbSession, orgKey);
- userSession.checkOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, org);
return Optional.of(org);
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java
index 183378521952..641c3e544b53 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/CreateAction.java
@@ -35,8 +35,8 @@
import static java.util.Optional.ofNullable;
import static org.sonar.api.resources.Qualifiers.PROJECT;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.server.component.NewComponent.newComponentBuilder;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonar.server.project.ws.ProjectsWsSupport.PARAM_ORGANIZATION;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
@@ -109,7 +109,7 @@ private CreateWsResponse doHandle(CreateRequest request) {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.getOrganization(dbSession, ofNullable(request.getOrganization())
.orElseGet(defaultOrganizationProvider.get()::getKey));
- userSession.checkOrganizationPermission(organization.getUuid(), PROVISIONING);
+ userSession.checkPermission(PROVISION_PROJECTS, organization);
ComponentDto componentDto = componentUpdater.create(dbSession, newComponentBuilder()
.setOrganizationUuid(organization.getUuid())
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
index 9af482443a20..4174ccb637d5 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
@@ -23,12 +23,12 @@
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
import org.sonar.server.component.ComponentCleanerService;
import org.sonar.server.component.ComponentFinder;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static org.sonar.server.component.ComponentFinder.ParamNames.PROJECT_ID_AND_PROJECT;
@@ -92,7 +92,7 @@ public void handle(Request request, Response response) throws Exception {
private void checkPermission(ComponentDto project) {
if (!userSession.hasComponentPermission(UserRole.ADMIN, project)) {
- userSession.checkOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, project.getOrganizationUuid());
}
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java
index 3378d587852f..372972e07783 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/GhostsAction.java
@@ -29,7 +29,6 @@
import org.sonar.api.server.ws.WebService;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.api.web.UserRole;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
@@ -40,6 +39,7 @@
import static com.google.common.collect.Sets.newHashSet;
import static org.sonar.server.es.SearchOptions.MAX_LIMIT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
public class GhostsAction implements ProjectsWsAction {
@@ -89,7 +89,7 @@ public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = getOrganization(dbSession, request);
- userSession.checkOrganizationPermission(organization.getUuid(), UserRole.ADMIN);
+ userSession.checkPermission(ADMINISTER, organization);
long nbOfProjects = dbClient.componentDao().countGhostProjects(dbSession, organization.getUuid(), query);
List projects = dbClient.componentDao().selectGhostProjects(dbSession, organization.getUuid(), query,
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java
index 0c3070917811..dd37366e6c8d 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/ProvisionedAction.java
@@ -30,7 +30,6 @@
import org.sonar.api.server.ws.WebService;
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
@@ -41,6 +40,7 @@
import static com.google.common.collect.Sets.newHashSet;
import static org.sonar.server.es.SearchOptions.MAX_LIMIT;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonar.server.project.ws.ProjectsWsSupport.PARAM_ORGANIZATION;
public class ProvisionedAction implements ProjectsWsAction {
@@ -90,7 +90,7 @@ public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.getOrganization(dbSession,
request.getParam(PARAM_ORGANIZATION).or(defaultOrganizationProvider.get()::getKey));
- userSession.checkOrganizationPermission(organization.getUuid(), GlobalPermissions.PROVISIONING);
+ userSession.checkPermission(PROVISION_PROJECTS, organization);
RowBounds rowBounds = new RowBounds(options.getOffset(), options.getLimit());
List projects = dbClient.componentDao().selectProvisioned(dbSession, organization.getUuid(), query, QUALIFIERS_FILTER, rowBounds);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java
index 3ca4f103486b..72b4889dd480 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/project/ws/SearchAction.java
@@ -31,6 +31,7 @@
import org.sonar.db.component.ComponentQuery;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsProjects.SearchWsResponse;
import org.sonarqube.ws.client.project.SearchWsRequest;
@@ -39,7 +40,6 @@
import static java.util.Optional.ofNullable;
import static org.sonar.api.resources.Qualifiers.PROJECT;
import static org.sonar.api.resources.Qualifiers.VIEW;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.WsProjects.SearchWsResponse.Component;
import static org.sonarqube.ws.WsProjects.SearchWsResponse.newBuilder;
@@ -98,7 +98,7 @@ private static SearchWsRequest toSearchWsRequest(Request request) {
private SearchWsResponse doHandle(SearchWsRequest request) {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.getOrganization(dbSession, ofNullable(request.getOrganization()).orElseGet(defaultOrganizationProvider.get()::getKey));
- userSession.checkOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, organization);
ComponentQuery query = buildQuery(request);
Paging paging = buildPaging(dbSession, request, organization, query);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
index f260216f69c2..ebec7083a15a 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java
@@ -41,10 +41,10 @@
import org.sonar.server.exceptions.Errors;
import org.sonar.server.exceptions.Message;
import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.util.Validation;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
/**
@@ -248,7 +248,7 @@ private void checkIsSystemAdministrator() {
}
private void checkProjectAdmin(ComponentDto project) {
- if (!userSession.hasOrganizationPermission(project.getOrganizationUuid(), QUALITY_GATE_ADMIN)
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, project.getOrganizationUuid())
&& !userSession.hasComponentPermission(UserRole.ADMIN, project)) {
throw insufficientPrivilegesException();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java
index 4a066f11b2f5..dbcc50aee0ac 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/AppAction.java
@@ -28,12 +28,12 @@
import org.sonar.db.DbSession;
import org.sonar.db.metric.MetricDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsQualityGates.AppWsResponse.Metric;
import static org.sonar.api.measures.CoreMetrics.ALERT_STATUS_KEY;
import static org.sonar.api.measures.Metric.ValueType.RATING;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.server.qualitygate.ValidRatingMetrics.isCoreRatingMetric;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.WsQualityGates.AppWsResponse;
@@ -63,7 +63,7 @@ public void define(WebService.NewController controller) {
@Override
public void handle(Request request, Response response) {
writeProtobuf(AppWsResponse.newBuilder()
- .setEdit(userSession.hasOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_GATE_ADMIN))
+ .setEdit(userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid()))
.addAllMetrics(loadMetrics()
.stream()
.map(AppAction::toMetric)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
index 05d28321462d..5ebe970af8b0 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateAction.java
@@ -22,11 +22,11 @@
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualitygate.QualityGateDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateUpdater;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsQualityGates.CreateWsResponse;
@@ -66,7 +66,7 @@ public void define(WebService.NewController controller) {
@Override
public void handle(Request request, Response response) {
- userSession.checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid());
try (DbSession dbSession = dbClient.openSession(false)) {
QualityGateDto newQualityGate = qualityGateUpdater.create(dbSession, request.mandatoryParam(PARAM_NAME));
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
index c5fdba691f4a..b1a00da23657 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/CreateConditionAction.java
@@ -26,12 +26,12 @@
import org.sonar.db.DbSession;
import org.sonar.db.qualitygate.QualityGateConditionDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateConditionsUpdater;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsQualityGates.CreateConditionWsResponse;
import org.sonarqube.ws.client.qualitygate.CreateConditionRequest;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.core.util.Protobuf.setNullable;
import static org.sonar.server.qualitygate.ws.QualityGatesWs.addConditionParams;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
@@ -77,7 +77,7 @@ public void define(WebService.NewController controller) {
@Override
public void handle(Request request, Response response) {
- userSession.checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid());
try (DbSession dbSession = dbClient.openSession(false)) {
writeProtobuf(doHandle(toWsRequest(request), dbSession), request, response);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
index f08093f5c51f..5f4f6c777dcf 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/SelectAction.java
@@ -25,7 +25,6 @@
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.util.Uuids;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
@@ -33,6 +32,7 @@
import org.sonar.db.property.PropertyDto;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.component.ComponentFinder.ParamNames;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.qualitygate.SelectWsRequest;
@@ -115,7 +115,7 @@ private ComponentDto getProject(DbSession dbSession, @Nullable String projectId,
ComponentDto project = selectProjectById(dbSession, projectId)
.or(() -> componentFinder.getByUuidOrKey(dbSession, projectId, projectKey, ParamNames.PROJECT_ID_AND_KEY));
- if (!userSession.hasOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.QUALITY_GATE_ADMIN) &&
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, project.getOrganizationUuid()) &&
!userSession.hasComponentPermission(UserRole.ADMIN, project)) {
throw insufficientPrivilegesException();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
index eefeb8f334cb..7768ef5eea53 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualitygate/ws/UpdateConditionAction.java
@@ -31,8 +31,8 @@
import org.sonarqube.ws.WsQualityGates.UpdateConditionWsResponse;
import org.sonarqube.ws.client.qualitygate.UpdateConditionRequest;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.core.util.Protobuf.setNullable;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.server.qualitygate.ws.QualityGatesWs.addConditionParams;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.ACTION_UPDATE_CONDITION;
@@ -77,7 +77,7 @@ public void define(WebService.NewController controller) {
@Override
public void handle(Request request, Response response) {
- userSession.checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.checkPermission(ADMINISTER_QUALITY_GATES, defaultOrganizationProvider.get().getUuid());
try (DbSession dbSession = dbClient.openSession(false)) {
writeProtobuf(doHandle(toWsRequest(request), dbSession), request, response);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java
index 83597a76e628..c372563b0e2e 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileProjectOperations.java
@@ -21,12 +21,12 @@
import org.sonar.api.server.ServerSide;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.exceptions.ForbiddenException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.ws.WsUtils;
@@ -78,7 +78,7 @@ private QualityProfileDto selectProfileByKey(DbSession session, String profileKe
}
private void checkAdminOnProject(ComponentDto project) {
- if (!userSession.hasOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN) &&
+ if (!userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid()) &&
!userSession.hasComponentPermission(UserRole.ADMIN, project)) {
throw new ForbiddenException("Insufficient privileges");
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java
index 998ae3f9549c..bd46ecbfc28f 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/QProfileService.java
@@ -23,7 +23,6 @@
import java.util.List;
import javax.annotation.Nullable;
import org.sonar.api.server.ServerSide;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleKey;
@@ -32,6 +31,8 @@
import org.sonar.server.rule.index.RuleQuery;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+
@ServerSide
public class QProfileService {
@@ -96,6 +97,6 @@ public void backup(String profileKey, Writer writer) {
private void verifyAdminPermission() {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .checkPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java
index 371ec76a1c20..e4d940f8e55e 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/qualityprofile/ws/QProfileWsSupport.java
@@ -20,10 +20,11 @@
package org.sonar.server.qualityprofile.ws;
import org.sonar.api.server.ServerSide;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+
@ServerSide
public class QProfileWsSupport {
@@ -38,6 +39,6 @@ public QProfileWsSupport(UserSession userSession, DefaultOrganizationProvider de
public void checkQProfileAdminPermission() {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .checkPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java
index 0f2bbb0a79bb..5f5be8c1759b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/AppAction.java
@@ -32,10 +32,9 @@
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-
public class AppAction implements RulesWsAction {
private final Languages languages;
@@ -78,7 +77,7 @@ public void handle(Request request, Response response) throws Exception {
}
private void addPermissions(JsonWriter json) {
- boolean canWrite = userSession.hasOrganizationPermission(defaultOrganizationProvider.get().getUuid(), QUALITY_PROFILE_ADMIN);
+ boolean canWrite = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
json.prop("canWrite", canWrite);
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java
index 4de9d4fb9159..7c84bc528bc2 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java
@@ -20,10 +20,11 @@
package org.sonar.server.rule.ws;
import org.sonar.api.server.ServerSide;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+
@ServerSide
public class RuleWsSupport {
private final UserSession userSession;
@@ -37,6 +38,6 @@ public RuleWsSupport(UserSession userSession, DefaultOrganizationProvider defaul
public void checkQProfileAdminPermission() {
userSession
.checkLoggedIn()
- .checkOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .checkPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java
index cbd71108547e..4ae159af80e2 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/setting/ws/SettingsWsSupport.java
@@ -26,6 +26,7 @@
import org.sonar.api.server.ServerSide;
import org.sonar.db.component.ComponentDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static org.sonar.api.PropertyType.LICENSE;
@@ -57,11 +58,11 @@ Predicate isDefinitionVisible(Optional compone
}
boolean isVisible(String key, @Nullable PropertyDefinition definition, Optional component) {
- return hasPermission(SCAN_EXECUTION, component) || (verifySecuredSetting(key, definition, component) && (verifyLicenseSetting(key, definition)));
+ return hasPermission(OrganizationPermission.SCAN, SCAN_EXECUTION, component) || (verifySecuredSetting(key, definition, component) && (verifyLicenseSetting(key, definition)));
}
private boolean verifySecuredSetting(String key, @Nullable PropertyDefinition definition, Optional component) {
- return isLicense(key, definition) || (!key.endsWith(DOT_SECURED) || hasPermission(ADMIN, component));
+ return isLicense(key, definition) || (!key.endsWith(DOT_SECURED) || hasPermission(OrganizationPermission.ADMINISTER, ADMIN, component));
}
private boolean verifyLicenseSetting(String key, @Nullable PropertyDefinition definition) {
@@ -72,12 +73,12 @@ private static boolean isLicense(String key, @Nullable PropertyDefinition defini
return key.endsWith(LICENSE_SUFFIX) || key.endsWith(LICENSE_HASH_SUFFIX) || (definition != null && definition.type() == LICENSE);
}
- private boolean hasPermission(String projectOrOrgPermission, Optional component) {
- if (userSession.hasOrganizationPermission(defaultOrganizationProvider.get().getUuid(), projectOrOrgPermission)) {
+ private boolean hasPermission(OrganizationPermission orgPermission, String projectPermission, Optional component) {
+ if (userSession.hasPermission(orgPermission, defaultOrganizationProvider.get().getUuid())) {
return true;
}
return component
- .map(c -> userSession.hasComponentPermission(projectOrOrgPermission, c))
+ .map(c -> userSession.hasComponentPermission(projectPermission, c))
.orElse(false);
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
index dd8839b82d56..f69cb16ec7c8 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/ComponentAction.java
@@ -50,6 +50,7 @@
import org.sonar.db.property.PropertyQuery;
import org.sonar.db.qualitygate.QualityGateDto;
import org.sonar.server.component.ComponentFinder;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateFinder;
import org.sonar.server.qualityprofile.QPMeasureData;
import org.sonar.server.qualityprofile.QualityProfile;
@@ -59,9 +60,8 @@
import static org.sonar.api.measures.CoreMetrics.QUALITY_PROFILES_KEY;
import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
@@ -142,8 +142,8 @@ public void handle(Request request, Response response) throws Exception {
writeProfiles(json, session, component);
writeQualityGate(json, session, component);
if (userSession.hasComponentPermission(ADMIN, component) ||
- userSession.hasOrganizationPermission(org.getUuid(), QUALITY_PROFILE_ADMIN) ||
- userSession.hasOrganizationPermission(org.getUuid(), QUALITY_GATE_ADMIN)) {
+ userSession.hasPermission(ADMINISTER_QUALITY_PROFILES, org) ||
+ userSession.hasPermission(ADMINISTER_QUALITY_GATES, org)) {
writeConfiguration(json, component);
}
writeBreadCrumbs(json, session, component);
@@ -229,9 +229,9 @@ private void writeConfiguration(JsonWriter json, ComponentDto component) {
private void writeConfigPageAccess(JsonWriter json, boolean isProjectAdmin, ComponentDto component) {
boolean isProject = Qualifiers.PROJECT.equals(component.qualifier());
boolean showManualMeasures = isProjectAdmin && !Qualifiers.DIRECTORY.equals(component.qualifier());
- boolean isQualityProfileAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
- boolean isQualityGateAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), QUALITY_GATE_ADMIN);
- boolean isOrganizationAdmin = userSession.hasOrganizationPermission(component.getOrganizationUuid(), SYSTEM_ADMIN);
+ boolean isQualityProfileAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, component.getOrganizationUuid());
+ boolean isQualityGateAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER_QUALITY_GATES, component.getOrganizationUuid());
+ boolean isOrganizationAdmin = userSession.hasPermission(OrganizationPermission.ADMINISTER, component.getOrganizationUuid());
json.prop("showSettings", isProjectAdmin && componentTypeHasProperty(component, PROPERTY_CONFIGURABLE));
json.prop("showQualityProfiles", isProject && (isProjectAdmin || isQualityProfileAdmin));
diff --git a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
index 2b66b7b9eb31..83e3a1d113d1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/ui/ws/OrganizationAction.java
@@ -23,14 +23,13 @@
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
public class OrganizationAction implements NavigationWsAction {
@@ -80,13 +79,13 @@ public void handle(Request request, Response response) throws Exception {
}
private void writeOrganization(JsonWriter json, OrganizationDto organization) {
- String organizationUuid = organization.getUuid();
json.name("organization")
.beginObject()
- .prop("canAdmin", userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN))
- .prop("canProvisionProjects", userSession.hasOrganizationPermission(organizationUuid, GlobalPermissions.PROVISIONING))
- .prop("canDelete", organization.isGuarded() ? userSession.isSystemAdministrator() : userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN))
+ .prop("canAdmin", userSession.hasPermission(OrganizationPermission.ADMINISTER, organization))
+ .prop("canProvisionProjects", userSession.hasPermission(OrganizationPermission.PROVISION_PROJECTS, organization))
+ .prop("canDelete", organization.isGuarded() ? userSession.isSystemAdministrator() : userSession.hasPermission(OrganizationPermission.ADMINISTER, organization))
.prop("isDefault", organization.getKey().equals(defaultOrganizationProvider.get().getKey()))
.endObject();
+
}
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java
index afd2ee8b80ca..51ab7daccfb8 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java
@@ -39,11 +39,6 @@ public final UserSession checkLoggedIn() {
return this;
}
- @Override
- public final boolean hasOrganizationPermission(String organizationUuid, String permission) {
- return hasPermission(OrganizationPermission.fromKey(permission), organizationUuid);
- }
-
@Override
public final boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
return hasPermission(permission, organization.getUuid());
@@ -67,12 +62,18 @@ public final UserSession checkPermission(OrganizationPermission permission, Stri
return this;
}
+ protected abstract boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid);
+
@Override
- public final UserSession checkOrganizationPermission(String organizationUuid, String permission) {
- return checkPermission(OrganizationPermission.fromKey(permission), organizationUuid);
+ public final boolean hasOrganizationPermission(String organizationUuid, String permission) {
+ return hasPermission(OrganizationPermission.fromKey(permission), organizationUuid);
}
- protected abstract boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid);
+ @Override
+ public final UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ checkPermission(OrganizationPermission.fromKey(permission), organizationUuid);
+ return this;
+ }
@Override
public final boolean hasComponentPermission(String permission, ComponentDto component) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java b/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java
index ab3f94a76369..ca665e9ac39d 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/DoPrivileged.java
@@ -22,12 +22,11 @@
import java.util.Collection;
import java.util.Collections;
import java.util.Optional;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.user.GroupDto;
import org.sonar.server.permission.OrganizationPermission;
/**
- * Allow code to be executed with the highest privileges possible, as if executed by a {@link GlobalPermissions#SYSTEM_ADMIN} account.
+ * Allow code to be executed with the highest privileges possible, as if executed by a {@link OrganizationPermission#ADMINISTER} account.
* @since 4.3
*/
public final class DoPrivileged {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java
index 262e5c72996f..5baea280a71d 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ServerUserSession.java
@@ -29,7 +29,6 @@
import java.util.Set;
import javax.annotation.CheckForNull;
import javax.annotation.Nullable;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.util.stream.Collectors;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
@@ -177,7 +176,7 @@ private boolean loadIsSystemAdministrator() {
try (DbSession dbSession = dbClient.openSession(false)) {
if (!organizationFlags.isEnabled(dbSession)) {
String uuidOfDefaultOrg = defaultOrganizationProvider.get().getUuid();
- return hasOrganizationPermission(uuidOfDefaultOrg, GlobalPermissions.SYSTEM_ADMIN);
+ return hasPermission(OrganizationPermission.ADMINISTER, uuidOfDefaultOrg);
}
// organization feature is enabled -> requires to be root
return false;
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
index 6fce68f3f6f3..63ab326985ba 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
@@ -104,6 +104,17 @@ public UserSession checkPermission(OrganizationPermission permission, String org
return this;
}
+ @Override
+ public boolean hasOrganizationPermission(String organizationUuid, String permission) {
+ return get().hasOrganizationPermission(organizationUuid, permission);
+ }
+
+ @Override
+ public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ get().checkOrganizationPermission(organizationUuid, permission);
+ return this;
+ }
+
@Override
public UserSession checkComponentPermission(String projectPermission, ComponentDto component) {
get().checkComponentPermission(projectPermission, component);
@@ -137,23 +148,12 @@ public boolean hasComponentUuidPermission(String permission, String componentUui
return get().hasComponentUuidPermission(permission, componentUuid);
}
- @Override
- public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
- get().checkOrganizationPermission(organizationUuid, permission);
- return this;
- }
-
@Override
public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
get().checkPermission(permission, organization);
return this;
}
- @Override
- public boolean hasOrganizationPermission(String organizationUuid, String permission) {
- return get().hasOrganizationPermission(organizationUuid, permission);
- }
-
@Override
public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
return get().hasPermission(permission, organization);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
index 163185312dc2..bf8c0053d798 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
@@ -113,7 +113,6 @@ public interface UserSession {
* component does not exist.
*
* If the permission is not granted, then the organization permission is _not_ checked.
- * There's _no_ automatic fallback on {@link #hasOrganizationPermission(String, String)}.
*
* @param component non-null component.
* @param permission project permission as defined by {@link org.sonar.core.permission.ProjectPermissions}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java
index 8e17b2ebd5d5..70a1a425a4c4 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CurrentAction.java
@@ -19,17 +19,18 @@
*/
package org.sonar.server.user.ws;
+import java.util.Arrays;
import java.util.Collection;
import java.util.Optional;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService.NewController;
import org.sonar.api.utils.text.JsonWriter;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static com.google.common.base.Strings.isNullOrEmpty;
@@ -140,9 +141,9 @@ private void writeGlobalPermissions(JsonWriter json) {
json.name("global").beginArray();
String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid();
- GlobalPermissions.ALL.stream()
- .filter(permission -> userSession.hasOrganizationPermission(defaultOrganizationUuid, permission))
- .forEach(json::value);
+ Arrays.stream(OrganizationPermission.values())
+ .filter(permission -> userSession.hasPermission(permission, defaultOrganizationUuid))
+ .forEach(permission -> json.value(permission.getKey()));
json.endArray();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
index 1dfbb350a72b..00e4d9639b52 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
@@ -35,12 +35,12 @@
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import org.sonar.server.user.index.UserIndexer;
import static java.lang.String.format;
import static java.util.Collections.singletonList;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.ws.WsUtils.checkFound;
import static org.sonar.server.ws.WsUtils.checkRequest;
@@ -135,10 +135,11 @@ private void ensureNotLastAdministrator(DbSession dbSession, UserDto user) {
private List selectOrganizationsWithNoMoreAdministrators(DbSession dbSession, UserDto user) {
Set organizationUuids = dbClient.authorizationDao().selectOrganizationUuidsOfUserWithGlobalPermission(
- dbSession, user.getId(), SYSTEM_ADMIN);
+ dbSession, user.getId(), OrganizationPermission.ADMINISTER.getKey());
List problematicOrganizations = new ArrayList<>();
for (String organizationUuid : organizationUuids) {
- int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, organizationUuid, SYSTEM_ADMIN, user.getId());
+ int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession,
+ organizationUuid, OrganizationPermission.ADMINISTER.getKey(), user.getId());
if (remaining == 0) {
problematicOrganizations.add(organizationUuid);
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
index ab5f8a6203ef..bf354cda4e3e 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
@@ -23,7 +23,6 @@
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.api.server.ws.WebService.NewController;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
@@ -31,6 +30,7 @@
import org.sonar.server.user.UserSession;
import static java.lang.String.format;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
@@ -69,7 +69,7 @@ public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId groupId = support.findGroup(dbSession, request);
- userSession.checkLoggedIn().checkOrganizationPermission(groupId.getOrganizationUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkPermission(ADMINISTER, groupId.getOrganizationUuid());
String login = request.mandatoryParam(PARAM_LOGIN);
UserDto user = dbClient.userDao().selectActiveUserByLogin(dbSession, login);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java
index e67b71596b25..63b21e2323f1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java
@@ -24,7 +24,6 @@
import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.api.server.ws.WebService.NewController;
import org.sonar.api.user.UserGroupValidation;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
@@ -33,6 +32,7 @@
import org.sonarqube.ws.WsUserGroups;
import static org.sonar.api.user.UserGroupValidation.GROUP_NAME_MAX_LENGTH;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.DESCRIPTION_MAX_LENGTH;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_DESCRIPTION;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
@@ -84,7 +84,7 @@ public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = support.findOrganizationByKey(dbSession, request.param(PARAM_ORGANIZATION_KEY));
- userSession.checkOrganizationPermission(organization.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, organization);
GroupDto group = new GroupDto()
.setOrganizationUuid(organization.getUuid())
.setName(request.mandatoryParam(PARAM_GROUP_NAME))
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
index 1a5ab10e85bb..8df8b811ab11 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
@@ -30,11 +30,11 @@
import org.sonar.db.DbSession;
import org.sonar.db.user.GroupDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static com.google.common.base.Preconditions.checkArgument;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.defineGroupWsParameters;
@@ -74,7 +74,7 @@ public void define(NewController context) {
public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId groupId = support.findGroup(dbSession, request);
- userSession.checkOrganizationPermission(groupId.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, groupId.getOrganizationUuid());
checkNotTryingToDeleteDefaultGroup(dbSession, groupId);
checkNotTryingToDeleteLastAdminGroup(dbSession, groupId);
@@ -105,7 +105,7 @@ private void checkNotTryingToDeleteDefaultGroup(DbSession dbSession, GroupId gro
private void checkNotTryingToDeleteLastAdminGroup(DbSession dbSession, GroupId group) {
int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession,
- group.getOrganizationUuid(), SYSTEM_ADMIN, group.getId());
+ group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId());
checkArgument(remaining > 0, "The last system admin group cannot be deleted");
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
index dc0e2b5da576..2a2f6286a44b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
@@ -27,10 +27,10 @@
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static java.lang.String.format;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
@@ -71,7 +71,7 @@ public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId group = support.findGroup(dbSession, request);
- userSession.checkOrganizationPermission(group.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, group.getOrganizationUuid());
String login = request.mandatoryParam(PARAM_LOGIN);
UserDto user = getUser(dbSession, login);
@@ -90,7 +90,7 @@ public void handle(Request request, Response response) throws Exception {
*/
private void ensureLastAdminIsNotRemoved(DbSession dbSession, GroupId group, UserDto user) {
int remainingAdmins = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroupMember(dbSession,
- group.getOrganizationUuid(), SYSTEM_ADMIN, group.getId(), user.getId());
+ group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId(), user.getId());
if (remainingAdmins == 0) {
throw new BadRequestException("The last administrator user cannot be removed");
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java
index 061951dff3c9..a027f606c7df 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/SearchAction.java
@@ -39,8 +39,8 @@
import org.sonar.server.user.UserSession;
import static org.apache.commons.lang.StringUtils.defaultIfBlank;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.es.SearchOptions.MAX_LIMIT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
public class SearchAction implements UserGroupsWsAction {
@@ -92,7 +92,7 @@ public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
OrganizationDto organization = groupWsSupport.findOrganizationByKey(dbSession, request.param(PARAM_ORGANIZATION_KEY));
- userSession.checkLoggedIn().checkOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.checkLoggedIn().checkPermission(ADMINISTER, organization);
int limit = dbClient.groupDao().countByQuery(dbSession, organization.getUuid(), query);
List groups = dbClient.groupDao().selectByQuery(dbSession, organization.getUuid(), query, options.getOffset(), pageSize);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java
index 4b0ba22e96c6..90105ddf23bf 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java
@@ -26,7 +26,6 @@
import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.api.server.ws.WebService.NewController;
import org.sonar.api.user.UserGroupValidation;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
@@ -40,6 +39,7 @@
import static org.sonar.api.CoreProperties.CORE_DEFAULT_GROUP;
import static org.sonar.api.user.UserGroupValidation.GROUP_NAME_MAX_LENGTH;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.DESCRIPTION_MAX_LENGTH;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_DESCRIPTION;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
@@ -100,7 +100,7 @@ public void handle(Request request, Response response) throws Exception {
checkFound(group, "Could not find a user group with id '%s'.", groupId);
Optional org = dbClient.organizationDao().selectByUuid(dbSession, group.getOrganizationUuid());
checkFoundWithOptional(org, "Could not find organization with id '%s'.", group.getOrganizationUuid());
- userSession.checkOrganizationPermission(org.get().getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.checkPermission(ADMINISTER, org.get());
boolean changed = false;
String newName = request.param(PARAM_GROUP_NAME);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java
index 85bb5af7a7e9..2f10a7db4fc1 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UsersAction.java
@@ -33,10 +33,10 @@
import org.sonar.db.user.GroupMembershipQuery;
import org.sonar.db.user.UserMembershipDto;
import org.sonar.db.user.UserMembershipQuery;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.user.UserSession;
import static org.sonar.api.utils.Paging.forPageIndex;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.defineGroupWsParameters;
public class UsersAction implements UserGroupsWsAction {
@@ -79,7 +79,7 @@ public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
GroupId group = support.findGroup(dbSession, request);
- userSession.checkOrganizationPermission(group.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSession.checkPermission(OrganizationPermission.ADMINISTER, group.getOrganizationUuid());
UserMembershipQuery query = UserMembershipQuery.builder()
.groupId(group.getId())
diff --git a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java
index 634f9a8af8c2..93e15fc2ffcc 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java
@@ -42,6 +42,7 @@
import static java.lang.String.format;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
public class ProjectDataLoaderTest {
@Rule
@@ -171,7 +172,7 @@ public void issues_mode_is_forbidden_if_user_doesnt_have_browse_permission() {
@Test
public void scan_permission_on_organization_is_enough_even_without_scan_permission_on_project() {
ComponentDto project = dbTester.components().insertProject();
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, project.getOrganizationUuid());
userSession.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
ProjectRepositories repositories = underTest.load(ProjectDataQuery.create().setModuleKey(project.key()).setIssuesMode(true));
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
index 44d02902e1e8..f54cbd1d2369 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
@@ -43,6 +43,7 @@
import static java.util.Collections.singleton;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.MediaTypes.PROTOBUF;
public class TaskActionTest {
@@ -249,7 +250,7 @@ public void get_project_queue_task_with_scan_permission_on_project() {
@Test
public void get_project_queue_task_with_scan_permission_on_organization_but_not_on_project() {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, project.getOrganizationUuid());
CeQueueDto task = createAndPersistQueueTask(project);
call(task.getUuid());
@@ -293,7 +294,7 @@ public void get_project_archived_task_with_scan_permission_on_project() {
@Test
public void get_project_archived_task_with_scan_permission_on_organization_but_not_on_project() {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), GlobalPermissions.SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, project.getOrganizationUuid());
CeActivityDto task = createAndPersistArchivedTask(project);
call(task.getUuid());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java b/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java
index 4c3155aa7d2f..413908fa1fbe 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/computation/queue/ReportSubmitterTest.java
@@ -55,9 +55,10 @@
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyZeroInteractions;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
public class ReportSubmitterTest {
@@ -137,7 +138,7 @@ public void provision_project_if_does_not_exist() throws Exception {
OrganizationDto organization = db.organizations().insert();
userSession
.addProjectUuidPermissions(SCAN_EXECUTION, PROJECT_UUID)
- .addOrganizationPermission(organization, PROVISIONING);
+ .addPermission(PROVISION_PROJECTS, organization);
mockSuccessfulPrepareSubmitCall();
ComponentDto createdProject = newProjectDto(organization, PROJECT_UUID).setKey(PROJECT_KEY);
@@ -168,7 +169,7 @@ public void describeTo(Description description) {
public void no_favorite_when_no_project_creator_permission_on_permission_template() {
userSession
.addProjectUuidPermissions(SCAN_EXECUTION, PROJECT_UUID)
- .addOrganizationPermission(db.getDefaultOrganization(), PROVISIONING);
+ .addPermission(PROVISION_PROJECTS, db.getDefaultOrganization());
mockSuccessfulPrepareSubmitCall();
ComponentDto createdProject = newProjectDto(db.getDefaultOrganization(), PROJECT_UUID).setKey(PROJECT_KEY);
@@ -187,7 +188,7 @@ public void no_favorite_when_no_project_creator_permission_on_permission_templat
public void submit_a_report_on_new_project_with_scan_permission_on_organization() {
userSession
.addProjectUuidPermissions(SCAN_EXECUTION, PROJECT_UUID)
- .addOrganizationPermission(db.getDefaultOrganization(), PROVISIONING);
+ .addPermission(PROVISION_PROJECTS, db.getDefaultOrganization());
mockSuccessfulPrepareSubmitCall();
ComponentDto project = newProjectDto(db.getDefaultOrganization(), PROJECT_UUID).setKey(PROJECT_KEY);
@@ -205,7 +206,7 @@ public void submit_a_report_on_new_project_with_scan_permission_on_organization(
public void user_with_scan_permission_on_organization_is_allowed_to_submit_a_report_on_existing_project() {
OrganizationDto org = db.organizations().insert();
ComponentDto project = db.components().insertProject(org);
- userSession.addOrganizationPermission(org, SCAN_EXECUTION);
+ userSession.addPermission(SCAN, org);
mockSuccessfulPrepareSubmitCall();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
index c33983050d4b..ff023924f06c 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
@@ -49,8 +49,8 @@
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_KEY;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class DeleteActionTest {
@@ -295,6 +295,6 @@ private void logInAsSystemAdministrator() {
}
private void logInAsAdministrator(OrganizationDto organization) {
- userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, organization);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java
index 6f03cc442e1b..72c1e5e88241 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/EnableSupportActionTest.java
@@ -29,7 +29,6 @@
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.OrganizationValidationImpl;
import org.sonar.server.organization.OrganizationFlags;
import org.sonar.server.organization.OrganizationFlagsImpl;
import org.sonar.server.organization.TestDefaultOrganizationProvider;
@@ -38,7 +37,7 @@
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class EnableSupportActionTest {
@@ -114,7 +113,7 @@ public void test_definition() {
}
private void logInAsSystemAdministrator(String login) {
- userSession.logIn(login).addOrganizationPermission(db.getDefaultOrganization().getUuid(), SYSTEM_ADMIN);
+ userSession.logIn(login).addPermission(ADMINISTER, db.getDefaultOrganization());
}
private void call() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java
index 08dc07629bb5..ef8682c20faf 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java
@@ -41,10 +41,10 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.STRING_257_CHARS_LONG;
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.STRING_65_CHARS_LONG;
import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.setParam;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class UpdateActionTest {
private static final String SOME_KEY = "key";
@@ -375,7 +375,7 @@ private void verifyResponseAndDb(Organizations.UpdateWsResponse response,
assertThat(newDto.getUpdatedAt()).isEqualTo(updateAt);
}
- private void logInAsAdministrator(OrganizationDto organizationDto) {
- userSession.logIn().addOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
+ private void logInAsAdministrator(OrganizationDto organization) {
+ userSession.logIn().addPermission(ADMINISTER, organization);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
index f93bdf80f9f8..3a6ac2f92305 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
@@ -36,6 +36,7 @@
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.ComponentTesting.newView;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
@@ -268,7 +269,7 @@ public void fail_when_project_uuid_and_project_key_are_provided() throws Excepti
public void adding_global_permission_fails_if_not_administrator_of_organization() throws Exception {
GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators");
// user is administrator of another organization
- userSession.logIn().addOrganizationPermission("anotherOrg", SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, "anotherOrg");
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
index 7cfa45aad6bd..877c19ecbc4e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
@@ -41,8 +41,8 @@
import org.sonar.server.ws.WsActionTester;
import static org.mockito.Mockito.mock;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public abstract class BasePermissionWsTest {
@@ -87,9 +87,9 @@ protected TestRequest newRequest() {
}
protected void loginAsAdmin(OrganizationDto org, OrganizationDto... otherOrgs) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
for (OrganizationDto otherOrg : otherOrgs) {
- userSession.addOrganizationPermission(otherOrg.getUuid(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, otherOrg);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java
index c2f50ead44a1..88319738ed3a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java
@@ -34,6 +34,7 @@
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
@@ -116,7 +117,7 @@ public void fail_if_permission_is_not_a_project_permission() throws Exception {
@Test
public void fail_if_not_admin_of_default_organization() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
index 426b836685ef..d0a4cb362268 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java
@@ -36,7 +36,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
@@ -100,7 +100,7 @@ public void fail_if_not_a_project_permission() throws Exception {
@Test
public void fail_if_not_admin_of_default_organization() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), QUALITY_PROFILE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java
index 1c5dd22c7582..2cfb1bdc701f 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java
@@ -41,7 +41,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
@@ -175,7 +175,7 @@ public void fail_when_project_uuid_and_key_not_provided() throws Exception {
@Test
public void fail_when_not_admin_of_organization() throws Exception {
- userSession.logIn().addOrganizationPermission("otherOrg", SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, "otherOrg");
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/CreateTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/CreateTemplateActionTest.java
index e0f373754e15..30e44bc34bab 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/CreateTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/CreateTemplateActionTest.java
@@ -31,7 +31,7 @@
import org.sonar.server.ws.TestResponse;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME;
@@ -122,7 +122,7 @@ public void fail_if_name_already_exists_in_database_case_insensitive() throws Ex
@Test
public void fail_if_not_admin() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), QUALITY_PROFILE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/DeleteTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/DeleteTemplateActionTest.java
index 4b0d337779d2..ad45b22d3586 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/DeleteTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/DeleteTemplateActionTest.java
@@ -53,7 +53,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.fail;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
@@ -383,7 +383,7 @@ public void fail_if_both_uuid_and_name_are_provided_with_views() throws Exceptio
// }
private UserSessionRule loginAsAdmin(OrganizationDto organization) {
- return userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ return userSession.logIn().addPermission(ADMINISTER, organization);
}
private void runOnAllUnderTests(ConsumerWithException consumer) throws Exception {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java
index 63ce8f422bf8..5016f1ab1556 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java
@@ -37,7 +37,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.security.DefaultGroups.ANYONE;
import static org.sonar.api.web.UserRole.CODEVIEWER;
-import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
@@ -120,7 +120,7 @@ public void fail_if_not_a_project_permission() throws Exception {
@Test
public void fail_if_insufficient_privileges() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SearchTemplatesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SearchTemplatesActionTest.java
index e68409f338a4..4fdd1fe9b6df 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SearchTemplatesActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SearchTemplatesActionTest.java
@@ -43,10 +43,10 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01;
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_02;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.test.JsonAssert.assertJson;
public class SearchTemplatesActionTest extends BasePermissionWsTest {
@@ -73,7 +73,7 @@ public void setUp() {
SearchTemplatesDataLoader dataLoaderWithViews = new SearchTemplatesDataLoader(dbClient, defaultTemplatesResolverWithViews);
underTestWithoutViews = new WsActionTester(new SearchTemplatesAction(dbClient, userSession, i18n, newPermissionWsSupport(), dataLoaderWithViews));
i18n.setProjectPermissions();
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, db.getDefaultOrganization());
}
@Test
@@ -178,7 +178,7 @@ public void search_in_organization() throws Exception {
PermissionTemplateDto templateInOrg = insertProjectTemplate(org);
insertProjectTemplate(db.getDefaultOrganization());
db.commit();
- userSession.addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, org);
WsPermissions.SearchTemplatesWsResponse result = WsPermissions.SearchTemplatesWsResponse.parseFrom(
newRequest(underTestWithoutViews)
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/TemplateUsersActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/TemplateUsersActionTest.java
index d48671953d76..b6f30621ed7b 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/TemplateUsersActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/TemplateUsersActionTest.java
@@ -40,9 +40,9 @@
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateUserDto;
import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.MediaTypes.PROTOBUF;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
@@ -275,7 +275,7 @@ public void fail_if_not_logged_in() throws Exception {
@Test
public void fail_if_insufficient_privileges() throws Exception {
PermissionTemplateDto template = addTemplateToDefaultOrganization();
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/UpdateTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/UpdateTemplateActionTest.java
index 32bd2bd68877..06c4767fb173 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/UpdateTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/UpdateTemplateActionTest.java
@@ -35,8 +35,8 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ID;
@@ -190,7 +190,7 @@ public void fail_if_not_logged_in() throws Exception {
@Test
public void fail_if_not_admin() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), SCAN_EXECUTION);
+ userSession.logIn().addPermission(SCAN, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/BulkDeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/BulkDeleteActionTest.java
index bfd741255e39..9b7846be0e68 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/BulkDeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/BulkDeleteActionTest.java
@@ -25,7 +25,6 @@
import org.junit.rules.ExpectedException;
import org.mockito.ArgumentCaptor;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -43,6 +42,7 @@
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyZeroInteractions;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class BulkDeleteActionTest {
@@ -117,7 +117,7 @@ public void projects_that_dont_exist_are_ignored_and_dont_break_bulk_deletion()
@Test
public void throw_ForbiddenException_if_organization_administrator_does_not_set_organization_parameter() throws Exception {
- userSession.logIn().addOrganizationPermission(org1.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org1);
ComponentDto project = db.components().insertProject(org1);
expectedException.expect(ForbiddenException.class);
@@ -132,7 +132,7 @@ public void throw_ForbiddenException_if_organization_administrator_does_not_set_
@Test
public void organization_administrator_deletes_projects_by_keys_in_his_organization() throws Exception {
- userSession.logIn().addOrganizationPermission(org1.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org1);
ComponentDto toDelete = db.components().insertProject(org1);
ComponentDto cantBeDeleted = db.components().insertProject(org2);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java
index b269d3cc1f8c..e00390897e3b 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java
@@ -52,8 +52,8 @@
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.util.Protobuf.setNullable;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonar.server.project.ws.ProjectsWsSupport.PARAM_ORGANIZATION;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.client.WsRequest.Method.POST;
@@ -85,7 +85,7 @@ public class CreateActionTest {
@Test
public void create_project() throws Exception {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), PROVISIONING);
+ userSession.addPermission(PROVISION_PROJECTS, db.getDefaultOrganization());
expectSuccessfulCallToComponentUpdater();
CreateWsResponse response = call(CreateRequest.builder()
@@ -100,7 +100,7 @@ public void create_project() throws Exception {
@Test
public void create_project_with_branch() throws Exception {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), PROVISIONING);
+ userSession.addPermission(PROVISION_PROJECTS, db.getDefaultOrganization());
call(CreateRequest.builder()
.setKey(DEFAULT_PROJECT_KEY)
@@ -116,7 +116,7 @@ public void create_project_with_branch() throws Exception {
@Test
public void create_project_with_deprecated_parameter() throws Exception {
OrganizationDto organization = db.organizations().insert();
- userSession.addOrganizationPermission(organization, PROVISIONING);
+ userSession.addPermission(PROVISION_PROJECTS, organization);
ws.newRequest()
.setMethod(POST.name())
@@ -134,7 +134,7 @@ public void create_project_with_deprecated_parameter() throws Exception {
public void fail_when_project_already_exists() throws Exception {
OrganizationDto organization = db.organizations().insert();
when(componentUpdater.create(any(DbSession.class), any(NewComponent.class), anyInt())).thenThrow(new BadRequestException("already exists"));
- userSession.addOrganizationPermission(organization, PROVISIONING);
+ userSession.addPermission(PROVISION_PROJECTS, organization);
expectedException.expect(BadRequestException.class);
@@ -170,7 +170,7 @@ public void fail_when_missing_create_project_permission() throws Exception {
@Test
public void test_example() {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), PROVISIONING);
+ userSession.addPermission(PROVISION_PROJECTS, db.getDefaultOrganization());
expectSuccessfulCallToComponentUpdater();
String result = ws.newRequest()
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
index ec202da02bb7..483c5f434edb 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
@@ -42,7 +42,7 @@
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
@@ -80,7 +80,7 @@ public void setUp() {
@Test
public void organization_administrator_deletes_project_by_id() throws Exception {
ComponentDto project = componentDbTester.insertProject();
- userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, project.getOrganizationUuid());
WsTester.TestRequest request = newRequest().setParam(PARAM_PROJECT_ID, project.uuid());
call(request);
@@ -91,7 +91,7 @@ public void organization_administrator_deletes_project_by_id() throws Exception
@Test
public void organization_administrator_deletes_project_by_key() throws Exception {
ComponentDto project = componentDbTester.insertProject();
- userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, project.getOrganizationUuid());
call(newRequest().setParam(PARAM_PROJECT, project.key()));
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/GhostsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/GhostsActionTest.java
index 98b27f263e77..0b1d3896a97a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/GhostsActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/GhostsActionTest.java
@@ -29,7 +29,6 @@
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.utils.DateUtils;
import org.sonar.api.utils.System2;
-import org.sonar.api.web.UserRole;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
@@ -46,9 +45,9 @@
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.SnapshotDto.STATUS_PROCESSED;
import static org.sonar.db.component.SnapshotDto.STATUS_UNPROCESSED;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.test.JsonAssert.assertJson;
public class GhostsActionTest {
@@ -86,7 +85,7 @@ public void ghost_projects_without_analyzed_projects() throws Exception {
ComponentDto ghost1 = insertGhostProject(organization);
ComponentDto ghost2 = insertGhostProject(organization);
ComponentDto activeProject = insertActiveProject(organization);
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -117,7 +116,7 @@ public void ghost_projects_with_correct_pagination() throws Exception {
int count = i;
insertGhostProject(organization, dto -> dto.setKey("ghost-key-" + count));
}
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -138,7 +137,7 @@ public void ghost_projects_with_correct_pagination() throws Exception {
public void ghost_projects_with_chosen_fields() throws Exception {
OrganizationDto organization = db.organizations().insert();
insertGhostProject(organization);
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -158,7 +157,7 @@ public void ghost_projects_with_partial_query_on_name() throws Exception {
insertGhostProject(organization, dto -> dto.setName("ghost-name-11"));
insertGhostProject(organization, dto -> dto.setName("ghost-name-20"));
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -175,7 +174,7 @@ public void ghost_projects_with_partial_query_on_key() throws Exception {
OrganizationDto organization = db.organizations().insert();
insertGhostProject(organization, dto -> dto.setKey("ghost-key-1"));
- userSessionRule.logIn().addOrganizationPermission(organization, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
.setParam("organization", organization.getKey())
@@ -188,15 +187,15 @@ public void ghost_projects_with_partial_query_on_key() throws Exception {
@Test
public void ghost_projects_base_on_json_example() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto hBaseProject = ComponentTesting.newProjectDto(organizationDto, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
+ OrganizationDto organization = db.organizations().insert();
+ ComponentDto hBaseProject = ComponentTesting.newProjectDto(organization, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
.setKey("org.apache.hbas:hbase")
.setName("HBase")
.setCreatedAt(DateUtils.parseDateTime("2015-03-04T23:03:44+0100"));
dbClient.componentDao().insert(db.getSession(), hBaseProject);
dbClient.snapshotDao().insert(db.getSession(), SnapshotTesting.newAnalysis(hBaseProject)
.setStatus(STATUS_UNPROCESSED));
- ComponentDto roslynProject = ComponentTesting.newProjectDto(organizationDto, "c526ef20-131b-4486-9357-063fa64b5079")
+ ComponentDto roslynProject = ComponentTesting.newProjectDto(organization, "c526ef20-131b-4486-9357-063fa64b5079")
.setKey("com.microsoft.roslyn:roslyn")
.setName("Roslyn")
.setCreatedAt(DateUtils.parseDateTime("2013-03-04T23:03:44+0100"));
@@ -204,22 +203,22 @@ public void ghost_projects_base_on_json_example() throws Exception {
dbClient.snapshotDao().insert(db.getSession(), SnapshotTesting.newAnalysis(roslynProject)
.setStatus(STATUS_UNPROCESSED));
db.getSession().commit();
- userSessionRule.logIn().addOrganizationPermission(organizationDto, SYSTEM_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER, organization);
TestResponse result = underTest.newRequest()
- .setParam("organization", organizationDto.getKey())
+ .setParam("organization", organization.getKey())
.execute();
assertJson(result.getInput())
.isSimilarTo(Resources.getResource(getClass(), "projects-example-ghosts.json"));
}
- @Test(expected = ForbiddenException.class)
- public void fail_if_does_not_have_sufficient_rights() throws Exception {
- userSessionRule.logIn()
- .addOrganizationPermission(db.getDefaultOrganization(), UserRole.USER)
- .addOrganizationPermission(db.getDefaultOrganization(), UserRole.ISSUE_ADMIN)
- .addOrganizationPermission(db.getDefaultOrganization(), UserRole.CODEVIEWER);
+ @Test
+ public void throws_ForbiddenException_if_not_administrator_of_organization() throws Exception {
+ userSessionRule.logIn();
+
+ expectedException.expect(ForbiddenException.class);
+ expectedException.expectMessage("Insufficient privileges");
underTest.newRequest().execute();
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java
index dc85c23db3cf..62bdff5caa12 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/ProvisionedActionTest.java
@@ -28,7 +28,6 @@
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.utils.DateUtils;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
@@ -44,6 +43,8 @@
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonar.test.JsonAssert.assertJson;
public class ProvisionedActionTest {
@@ -80,14 +81,14 @@ public void verify_definition() {
@Test
public void all_provisioned_projects_without_analyzed_projects() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto analyzedProject = ComponentTesting.newProjectDto(organizationDto, "analyzed-uuid-1");
- db.components().insertComponents(newProvisionedProject(organizationDto, "1"), newProvisionedProject(organizationDto, "2"), analyzedProject);
+ OrganizationDto org = db.organizations().insert();
+ ComponentDto analyzedProject = ComponentTesting.newProjectDto(org, "analyzed-uuid-1");
+ db.components().insertComponents(newProvisionedProject(org, "1"), newProvisionedProject(org, "2"), analyzedProject);
db.components().insertSnapshot(SnapshotTesting.newAnalysis(analyzedProject));
- userSessionRule.logIn().addOrganizationPermission(organizationDto, GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
TestResponse result = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.execute();
String json = result.getInput();
@@ -111,14 +112,14 @@ public void all_provisioned_projects_without_analyzed_projects() throws Exceptio
@Test
public void provisioned_projects_with_correct_pagination() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
+ OrganizationDto org = db.organizations().insert();
for (int i = 1; i <= 10; i++) {
- db.components().insertComponent(newProvisionedProject(organizationDto, String.valueOf(i)));
+ db.components().insertComponent(newProvisionedProject(org, String.valueOf(i)));
}
- userSessionRule.logIn().addOrganizationPermission(organizationDto, GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
TestRequest request = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.setParam(Param.PAGE, "3")
.setParam(Param.PAGE_SIZE, "4");
@@ -131,7 +132,7 @@ public void provisioned_projects_with_correct_pagination() throws Exception {
public void provisioned_projects_with_desired_fields() throws Exception {
OrganizationDto organization = db.organizations().insert();
db.components().insertComponent(newProvisionedProject(organization, "1"));
- userSessionRule.logIn().addOrganizationPermission(organization, GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, organization);
String jsonOutput = underTest.newRequest()
.setParam(PARAM_ORGANIZATION, organization.getKey())
@@ -145,12 +146,12 @@ public void provisioned_projects_with_desired_fields() throws Exception {
@Test
public void provisioned_projects_with_query() throws Exception {
- OrganizationDto organization = db.organizations().insert();
- db.components().insertComponents(newProvisionedProject(organization, "1"), newProvisionedProject(organization, "2"));
- userSessionRule.logIn().addOrganizationPermission(organization, GlobalPermissions.PROVISIONING);
+ OrganizationDto org = db.organizations().insert();
+ db.components().insertComponents(newProvisionedProject(org, "1"), newProvisionedProject(org, "2"));
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
String jsonOutput = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.setParam(Param.TEXT_QUERY, "PROVISIONED-name-2")
.execute().getInput();
@@ -161,20 +162,20 @@ public void provisioned_projects_with_query() throws Exception {
@Test
public void provisioned_projects_as_defined_in_the_example() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto hBaseProject = ComponentTesting.newProjectDto(organizationDto, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
+ OrganizationDto org = db.organizations().insert();
+ ComponentDto hBaseProject = ComponentTesting.newProjectDto(org, "ce4c03d6-430f-40a9-b777-ad877c00aa4d")
.setKey("org.apache.hbas:hbase")
.setName("HBase")
.setCreatedAt(DateUtils.parseDateTime("2015-03-04T23:03:44+0100"));
- ComponentDto roslynProject = ComponentTesting.newProjectDto(organizationDto, "c526ef20-131b-4486-9357-063fa64b5079")
+ ComponentDto roslynProject = ComponentTesting.newProjectDto(org, "c526ef20-131b-4486-9357-063fa64b5079")
.setKey("com.microsoft.roslyn:roslyn")
.setName("Roslyn")
.setCreatedAt(DateUtils.parseDateTime("2013-03-04T23:03:44+0100"));
db.components().insertComponents(hBaseProject, roslynProject);
- userSessionRule.logIn().addOrganizationPermission(organizationDto.getUuid(), GlobalPermissions.PROVISIONING);
+ userSessionRule.logIn().addPermission(PROVISION_PROJECTS, org);
TestResponse result = underTest.newRequest()
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, org.getKey())
.execute();
assertJson(result.getInput())
@@ -183,9 +184,9 @@ public void provisioned_projects_as_defined_in_the_example() throws Exception {
@Test
public void fail_when_not_enough_privileges() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- db.components().insertComponent(newProvisionedProject(organizationDto, "1"));
- userSessionRule.logIn().addOrganizationPermission(organizationDto.getUuid(), GlobalPermissions.SCAN_EXECUTION);
+ OrganizationDto organization = db.organizations().insert();
+ db.components().insertComponent(newProvisionedProject(organization, "1"));
+ userSessionRule.logIn().addPermission(SCAN, organization);
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java
index 1aa03aa609fa..8fe65742135c 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchActionTest.java
@@ -52,14 +52,14 @@
import static org.sonar.api.server.ws.WebService.Param.PAGE;
import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.core.util.Protobuf.setNullable;
import static org.sonar.db.component.ComponentTesting.newDirectory;
import static org.sonar.db.component.ComponentTesting.newFileDto;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.ComponentTesting.newView;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.MediaTypes.PROTOBUF;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_ORGANIZATION;
@@ -85,7 +85,7 @@ public class SearchActionTest {
@Test
public void search_by_key_query() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey("project-_%-key"),
newProjectDto(db.getDefaultOrganization()).setKey("project-key-without-escaped-characters"));
@@ -97,7 +97,7 @@ public void search_by_key_query() throws IOException {
@Test
public void search_projects_when_no_qualifier_set() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
newView(db.getDefaultOrganization()));
@@ -109,7 +109,7 @@ public void search_projects_when_no_qualifier_set() throws IOException {
@Test
public void search_projects() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
ComponentDto project = newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1);
ComponentDto module = newModuleDto(project);
ComponentDto directory = newDirectory(module, "dir");
@@ -126,7 +126,7 @@ public void search_projects() throws IOException {
@Test
public void search_views() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
newView(db.getDefaultOrganization()).setKey("view1"));
@@ -138,7 +138,7 @@ public void search_views() throws IOException {
@Test
public void search_projects_and_views() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
newView(db.getDefaultOrganization()).setKey("view1"));
@@ -150,7 +150,7 @@ public void search_projects_and_views() throws IOException {
@Test
public void search_on_default_organization_when_no_organization_set() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
OrganizationDto otherOrganization = db.organizations().insert();
db.components().insertComponents(
newProjectDto(db.getDefaultOrganization()).setKey(PROJECT_KEY_1),
@@ -166,7 +166,7 @@ public void search_on_default_organization_when_no_organization_set() throws IOE
public void search_for_projects_on_given_organization() throws IOException {
OrganizationDto organization1 = db.organizations().insert();
OrganizationDto organization2 = db.organizations().insert();
- userSession.addOrganizationPermission(organization1, SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, organization1);
ComponentDto project1 = newProjectDto(organization1);
ComponentDto project2 = newProjectDto(organization1);
ComponentDto project3 = newProjectDto(organization2);
@@ -179,7 +179,7 @@ public void search_for_projects_on_given_organization() throws IOException {
@Test
public void result_is_paginated() throws IOException {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, db.getDefaultOrganization());
List componentDtoList = new ArrayList<>();
for (int i = 1; i <= 9; i++) {
componentDtoList.add(newProjectDto(db.getDefaultOrganization(), "project-uuid-" + i).setKey("project-key-" + i).setName("Project Name " + i));
@@ -193,7 +193,7 @@ public void result_is_paginated() throws IOException {
@Test
public void fail_when_not_system_admin() throws Exception {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), QUALITY_PROFILE_ADMIN);
+ userSession.addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
expectedException.expect(ForbiddenException.class);
call(SearchWsRequest.builder().build());
@@ -208,7 +208,7 @@ public void fail_on_unknown_organization() throws Exception {
@Test
public void fail_on_invalid_qualifier() throws Exception {
- userSession.addOrganizationPermission(db.getDefaultOrganization(), QUALITY_PROFILE_ADMIN);
+ userSession.addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
expectedException.expect(IllegalArgumentException.class);
expectedException.expectMessage("Value of parameter 'qualifiers' (BRC) must be one of: [TRK, VW]");
@@ -256,15 +256,15 @@ public void verify_define() {
@Test
public void verify_response_example() throws URISyntaxException, IOException {
- OrganizationDto organizationDto = db.organizations().insertForKey("my-org-1");
- userSession.addOrganizationPermission(organizationDto, SYSTEM_ADMIN);
+ OrganizationDto organization = db.organizations().insertForKey("my-org-1");
+ userSession.addPermission(ADMINISTER, organization);
db.components().insertComponents(
- newProjectDto(organizationDto, "project-uuid-1").setName("Project Name 1").setKey("project-key-1"),
- newProjectDto(organizationDto, "project-uuid-2").setName("Project Name 1").setKey("project-key-2"));
+ newProjectDto(organization, "project-uuid-1").setName("Project Name 1").setKey("project-key-1"),
+ newProjectDto(organization, "project-uuid-2").setName("Project Name 1").setKey("project-key-2"));
String response = ws.newRequest()
.setMediaType(MediaTypes.JSON)
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
+ .setParam(PARAM_ORGANIZATION, organization.getKey())
.execute().getInput();
assertJson(response).isSimilarTo(ws.getDef().responseExampleAsString());
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java
index 083ac36bf40d..e20120cf37d0 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/AppActionTest.java
@@ -43,8 +43,8 @@
import static org.sonar.api.measures.Metric.ValueType.INT;
import static org.sonar.api.measures.Metric.ValueType.RATING;
import static org.sonar.api.measures.Metric.ValueType.WORK_DUR;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.MediaTypes.JSON;
@@ -173,7 +173,7 @@ public void return_edit_to_false_when_not_quality_gate_permission() throws Excep
@Test
public void return_edit_to_true_when_quality_gate_permission() throws Exception {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
AppWsResponse response = executeRequest();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java
index 0c546cc9debf..d64bba04fc10 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateActionTest.java
@@ -25,7 +25,6 @@
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -41,7 +40,7 @@
import org.sonarqube.ws.WsQualityGates.CreateWsResponse;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
public class CreateActionTest {
@@ -88,7 +87,7 @@ public void throw_ForbiddenException_if_not_gate_administrator_of_default_organi
// as long as organizations don't support Quality gates, the global permission
// is defined on the default organization
OrganizationDto org = db.organizations().insert();
- userSession.logIn().addOrganizationPermission(org, GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, org);
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@@ -118,7 +117,7 @@ private CreateWsResponse executeRequest(String name) {
}
private void logInAsQualityGateAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization().getUuid(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java
index c1f2de41ab10..2161ca4056d2 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/CreateConditionActionTest.java
@@ -29,7 +29,6 @@
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -48,9 +47,9 @@
import org.sonarqube.ws.WsQualityGates.CreateConditionWsResponse;
import static org.assertj.core.api.Java6Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
import static org.sonar.server.computation.task.projectanalysis.metric.Metric.MetricType.PERCENT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_ERROR;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_GATE_ID;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_METRIC;
@@ -132,7 +131,7 @@ public void throw_ForbiddenException_if_not_gate_administrator_of_default_organi
// as long as organizations don't support Quality gates, the global permission
// is defined on the default organization
OrganizationDto org = db.organizations().insert();
- userSession.logIn().addOrganizationPermission(org, GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, org);
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@@ -205,6 +204,6 @@ private CreateConditionWsResponse executeRequest(long qualityProfileId, String m
}
private void logInAsQualityGateAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
index 4b6df910f965..2e841707d305 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
@@ -41,7 +41,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.qualitygate.QualityGates.SONAR_QUALITYGATE_PROPERTY;
public class DeselectActionTest {
@@ -173,7 +173,7 @@ public void fail_when_not_project_admin() throws Exception {
public void fail_when_not_quality_gates_admin() throws Exception {
String gateId = String.valueOf(gate.getId());
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid());
expectedException.expect(ForbiddenException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java
index eccbc6af3a25..158eb1d261da 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java
@@ -37,7 +37,7 @@
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.server.qualitygate.QualityGates.SONAR_QUALITYGATE_PROPERTY;
public class SelectActionTest {
@@ -109,7 +109,7 @@ public void project_admin() throws Exception {
@Test
public void gate_administrator_can_associate_a_gate_to_a_project() throws Exception {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, project.getOrganizationUuid());
String gateId = String.valueOf(gate.getId());
callByKey(gateId, project.getKey());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java
index 85b05684e82b..1b961f033b97 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/UpdateConditionActionTest.java
@@ -29,7 +29,6 @@
import org.junit.rules.ExpectedException;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -48,9 +47,9 @@
import org.sonarqube.ws.WsQualityGates.CreateConditionWsResponse;
import static org.assertj.core.api.Java6Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
import static org.sonar.server.computation.task.projectanalysis.metric.Metric.MetricType.PERCENT;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_ERROR;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_ID;
import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM_METRIC;
@@ -140,7 +139,7 @@ public void throw_ForbiddenException_if_not_gate_administrator_of_default_organi
// as long as organizations don't support Quality gates, the global permission
// is defined on the default organization
OrganizationDto org = db.organizations().insert();
- userSession.logIn().addOrganizationPermission(org, GlobalPermissions.QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, org);
expectedException.expect(ForbiddenException.class);
expectedException.expectMessage("Insufficient privileges");
@@ -213,7 +212,7 @@ private CreateConditionWsResponse executeRequest(long conditionId, String metric
}
private void logInAsQualityGateAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), QUALITY_GATE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES, db.getDefaultOrganization());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java
index 80035a363c8f..19bc21cc4c44 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/QProfileServiceMediumTest.java
@@ -36,7 +36,6 @@
import org.sonar.api.rules.Rule;
import org.sonar.api.rules.RulePriority;
import org.sonar.api.utils.ValidationMessages;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.rule.RuleDto;
@@ -54,6 +53,7 @@
import static org.sonar.db.rule.RuleTesting.newXooX1;
import static org.sonar.db.rule.RuleTesting.newXooX2;
import static org.sonar.db.rule.RuleTesting.newXooX3;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.qualityprofile.QProfileTesting.XOO_P1_KEY;
import static org.sonar.server.qualityprofile.QProfileTesting.XOO_P2_KEY;
@@ -226,6 +226,6 @@ public RulesProfile importProfile(Reader reader, ValidationMessages messages) {
}
private void logInAsQProfileAdministrator() {
- userSessionRule.logIn().addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java
index ab22b08a54ae..ee89b268100d 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/AddProjectActionTest.java
@@ -41,7 +41,7 @@
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.qualityprofile.QProfileTesting.newQProfileDto;
public class AddProjectActionTest {
@@ -121,7 +121,7 @@ private void assertProjectIsAssociatedToProfile(String projectKey, String langua
}
private void setUserAsQualityProfileAdmin() {
- userSession.logIn().addOrganizationPermission(project.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid());
}
private void executeRequest(ComponentDto project, QualityProfileDto qualityProfile) {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java
index bde959af4ef7..6a24e8a33d78 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ChangeParentActionMediumTest.java
@@ -28,7 +28,6 @@
import org.sonar.api.rule.RuleKey;
import org.sonar.api.rule.RuleStatus;
import org.sonar.api.rule.Severity;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleDto;
@@ -51,6 +50,7 @@
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class ChangeParentActionMediumTest {
@@ -76,7 +76,7 @@ public void setUp() {
ruleIndexer = tester.get(RuleIndexer.class);
activeRuleIndexer = tester.get(ActiveRuleIndexer.class);
ruleIndex = tester.get(RuleIndex.class);
- userSessionRule.logIn().addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
}
@After
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java
index d0ab85d9746f..c7a09d79f810 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CopyActionTest.java
@@ -26,7 +26,6 @@
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
@@ -40,6 +39,7 @@
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
@RunWith(MockitoJUnitRunner.class)
public class CopyActionTest {
@@ -153,6 +153,6 @@ public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java
index 97a0e9ff8af2..ece09436339c 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/CreateActionTest.java
@@ -33,7 +33,6 @@
import org.sonar.api.rules.RulePriority;
import org.sonar.api.utils.System2;
import org.sonar.api.utils.ValidationMessages;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -63,6 +62,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.sonar.server.language.LanguageTesting.newLanguages;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonarqube.ws.QualityProfiles.CreateWsResponse;
import static org.sonarqube.ws.QualityProfiles.CreateWsResponse.QualityProfile;
import static org.sonarqube.ws.QualityProfiles.CreateWsResponse.parseFrom;
@@ -246,6 +246,6 @@ public RulesProfile importProfile(Reader reader, ValidationMessages messages) {
private void logInAsQProfileAdministrator() {
userSession
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java
index c1161ba66c88..08ef309c9315 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/DeleteActionTest.java
@@ -27,7 +27,6 @@
import org.sonar.api.resources.Language;
import org.sonar.api.resources.Languages;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -48,6 +47,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class DeleteActionTest {
@@ -190,6 +190,6 @@ public void fail_if_profile_does_not_exist() throws Exception {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java
index 51144c10a468..474c8702340e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RenameActionTest.java
@@ -24,7 +24,6 @@
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.qualityprofile.QualityProfileDto;
@@ -40,6 +39,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class RenameActionTest {
@@ -164,6 +164,6 @@ private void createProfiles() {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java
index 940b488dc4b1..06d6ff09d8c7 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreActionTest.java
@@ -27,7 +27,6 @@
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
@@ -45,6 +44,7 @@
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
@RunWith(MockitoJUnitRunner.class)
public class RestoreActionTest {
@@ -115,6 +115,6 @@ public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java
index 52a7ada60c17..73e8870add5a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/RestoreBuiltInActionTest.java
@@ -23,7 +23,6 @@
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.resources.Languages;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.language.LanguageTesting;
@@ -37,6 +36,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class RestoreBuiltInActionTest {
@@ -90,6 +90,6 @@ public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
private void logInAsQProfileAdministrator() {
userSession
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java
index c362d2b49ab1..430cf129ca23 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/SetDefaultActionTest.java
@@ -25,7 +25,6 @@
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.qualityprofile.QualityProfileDto;
@@ -42,6 +41,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class SetDefaultActionTest {
@@ -147,7 +147,7 @@ public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
private void createProfiles() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java
index ee464bacec4d..9ba2baa50cae 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/RegisterRulesMediumTest.java
@@ -36,7 +36,6 @@
import org.sonar.api.server.debt.DebtRemediationFunction;
import org.sonar.api.server.rule.RuleParamType;
import org.sonar.api.server.rule.RulesDefinition;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleDto;
@@ -60,6 +59,7 @@
import static com.google.common.collect.Sets.newHashSet;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
// TODO remaining tests should be moved to RegisterRulesTest
public class RegisterRulesMediumTest {
@@ -459,6 +459,6 @@ public String apply(@Nonnull ActiveRuleParamDto input) {
}
private void logInAsQProfileAdministrator() {
- userSessionRule.logIn().addOrganizationPermission(TESTER.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, TESTER.get(DefaultOrganizationProvider.class).get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java
index e497dc62924e..019f8af0e281 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/AppActionTest.java
@@ -26,7 +26,6 @@
import org.sonar.api.resources.Language;
import org.sonar.api.resources.Languages;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.db.rule.RuleRepositoryDto;
@@ -41,6 +40,7 @@
import static org.mockito.Matchers.isA;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class AppActionTest {
@@ -59,7 +59,7 @@ public void should_generate_app_init_info() throws Exception {
AppAction app = new AppAction(languages, db.getDbClient(), i18n, userSessionRule, defaultOrganizationProvider);
WsTester tester = new WsTester(new RulesWs(app));
- userSessionRule.addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSessionRule.addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
QualityProfileDto profile1 = QProfileTesting.newXooP1();
QualityProfileDto profile2 = QProfileTesting.newXooP2().setParentKee(QProfileTesting.XOO_P1_KEY);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java
index a3ac2ce131d2..4b690bb3cfdf 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/DeleteActionTest.java
@@ -23,7 +23,6 @@
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.rule.RuleKey;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.organization.DefaultOrganizationProvider;
@@ -34,6 +33,7 @@
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class DeleteActionTest {
@@ -77,6 +77,6 @@ public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
private void logInAsQProfileAdministrator() {
userSession
.logIn()
- .addOrganizationPermission(defaultOrganizationProvider.get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganizationProvider.get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
index e13c79a9d537..f9f4262e0caa 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
@@ -28,7 +28,6 @@
import org.sonar.api.rule.RuleKey;
import org.sonar.api.rule.RuleStatus;
import org.sonar.api.rules.RuleType;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.qualityprofile.ActiveRuleDao;
@@ -53,6 +52,7 @@
import static com.google.common.collect.Sets.newHashSet;
import static org.sonar.api.rule.Severity.MINOR;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
public class ShowActionMediumTest {
@@ -61,7 +61,7 @@ public class ShowActionMediumTest {
@Rule
public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester).logIn()
- .addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
WsTester wsTester;
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java
index a123a3893128..7c7207494026 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/UpdateActionMediumTest.java
@@ -28,7 +28,6 @@
import org.sonar.api.rule.RuleKey;
import org.sonar.api.rule.RuleStatus;
import org.sonar.api.rule.Severity;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.rule.RuleDao;
@@ -47,6 +46,7 @@
import static org.junit.Assert.fail;
import static org.sonar.api.server.debt.DebtRemediationFunction.Type.LINEAR;
import static org.sonar.api.server.debt.DebtRemediationFunction.Type.LINEAR_OFFSET;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.server.rule.ws.UpdateAction.PARAM_REMEDIATION_FN_BASE_EFFORT;
import static org.sonar.server.rule.ws.UpdateAction.PARAM_REMEDIATION_FN_GAP_MULTIPLIER;
import static org.sonar.server.rule.ws.UpdateAction.PARAM_REMEDIATION_FN_TYPE;
@@ -178,6 +178,6 @@ public void fail_to_update_custom_when_description_is_empty() {
private void logInAsQProfileAdministrator() {
userSessionRule
.logIn()
- .addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, tester.get(DefaultOrganizationProvider.class).get().getUuid());
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java
index 549b204ff0f4..e09bc2aecba8 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java
@@ -56,9 +56,9 @@
import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.MediaTypes.JSON;
import static org.sonarqube.ws.Settings.Definition.CategoryOneOfCase.CATEGORYONEOF_NOT_SET;
import static org.sonarqube.ws.Settings.Definition.DefaultValueOneOfCase.DEFAULTVALUEONEOF_NOT_SET;
@@ -345,7 +345,7 @@ public void return_license_settings_when_authenticated_but_not_admin() throws Ex
@Test
public void return_secured_settings_when_not_authenticated_but_with_scan_permission() throws Exception {
- userSession.anonymous().addOrganizationPermission(db.getDefaultOrganization(), SCAN_EXECUTION);
+ userSession.anonymous().addPermission(SCAN, db.getDefaultOrganization());
propertyDefinitions.addComponents(asList(
PropertyDefinition.builder("foo").build(),
PropertyDefinition.builder("secret.secured").build(),
@@ -480,7 +480,7 @@ private void logInAsProjectUser() {
}
private void logInAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org, SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private void logInAsProjectAdmin() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
index 23aea49481c0..373e11be6092 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
@@ -67,11 +67,12 @@
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.USER;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.property.PropertyTesting.newComponentPropertyDto;
import static org.sonar.db.property.PropertyTesting.newGlobalPropertyDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.MediaTypes.JSON;
import static org.sonarqube.ws.Settings.Setting.ParentValueOneOfCase.PARENTVALUEONEOF_NOT_SET;
@@ -550,7 +551,7 @@ public void return_license_with_hash_settings_when_authenticated_but_not_admin()
@Test
public void return_global_secured_settings_when_not_authenticated_but_with_scan_permission() throws Exception {
- userSession.anonymous().addOrganizationPermission(db.getDefaultOrganization(), SCAN_EXECUTION);
+ userSession.anonymous().addPermission(SCAN, db.getDefaultOrganization());
definitions.addComponents(asList(
PropertyDefinition.builder("foo").build(),
PropertyDefinition.builder("secret.secured").build(),
@@ -838,7 +839,7 @@ private void logInAsProjectUser() {
}
private void logInAsAdmin() {
- userSession.logIn().addOrganizationPermission(db.getDefaultOrganization(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, db.getDefaultOrganization());
}
private void logInAsProjectAdmin() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java b/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java
index 2371ce51a85d..0fb052da6005 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/tester/AbstractMockUserSession.java
@@ -41,6 +41,17 @@ protected AbstractMockUserSession(Class clazz) {
this.clazz = clazz;
}
+ public T addPermission(OrganizationPermission permission, String organizationUuid) {
+ permissionsByOrganizationUuid.put(organizationUuid, permission);
+ return clazz.cast(this);
+ }
+
+ @Override
+ protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
+ return permissionsByOrganizationUuid.get(organizationUuid).contains(permission);
+ }
+
+
public T addProjectUuidPermissions(String projectPermission, String... projectUuids) {
this.projectPermissionsCheckedByUuid.add(projectPermission);
this.projectUuidByPermission.putAll(projectPermission, newArrayList(projectUuids));
@@ -55,12 +66,7 @@ public T addComponentUuidPermission(String projectPermission, String projectUuid
addProjectUuidPermissions(projectPermission, projectUuid);
return clazz.cast(this);
}
-
- @Override
- protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
- return permissionsByOrganizationUuid.get(organizationUuid).contains(permission);
- }
-
+
@Override
protected Optional componentUuidToProjectUuid(String componentUuid) {
return Optional.ofNullable(projectUuidByComponentUuid.get(componentUuid));
@@ -71,11 +77,6 @@ protected boolean hasProjectUuidPermission(String permission, String projectUuid
return projectPermissionsCheckedByUuid.contains(permission) && projectUuidByPermission.get(permission).contains(projectUuid);
}
- public T addOrganizationPermission(String organizationUuid, String permission) {
- permissionsByOrganizationUuid.put(organizationUuid, OrganizationPermission.fromKey(permission));
- return clazz.cast(this);
- }
-
public T setSystemAdministrator(boolean b) {
this.systemAdministrator = b;
return clazz.cast(this);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java b/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java
index 9411379652f6..4ba09e9fb304 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/tester/UserSessionRule.java
@@ -53,7 +53,7 @@
* In both cases, one can define user session behavior which should apply on all tests directly on the property, eg.:
*
* {@literal @}Rule
- * public UserSessionRule userSessionRule = UserSessionRule.standalone().login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ * public UserSessionRule userSessionRule = UserSessionRule.standalone().login("admin").setOrganizationPermissions(OrganizationPermissions.SYSTEM_ADMIN);
*
*
*
@@ -192,13 +192,13 @@ public UserSessionRule addProjectUuidPermissions(String projectPermission, Strin
return this;
}
- public UserSessionRule addOrganizationPermission(String organizationUuid, String permission) {
- ensureAbstractMockUserSession().addOrganizationPermission(organizationUuid, permission);
+ public UserSessionRule addPermission(OrganizationPermission permission, String organizationUuid) {
+ ensureAbstractMockUserSession().addPermission(permission, organizationUuid);
return this;
}
- public UserSessionRule addOrganizationPermission(OrganizationDto organizationDto, String permission) {
- ensureAbstractMockUserSession().addOrganizationPermission(organizationDto.getUuid(), permission);
+ public UserSessionRule addPermission(OrganizationPermission permission, OrganizationDto organization) {
+ ensureAbstractMockUserSession().addPermission(permission, organization.getUuid());
return this;
}
@@ -292,11 +292,22 @@ public UserSession checkLoggedIn() {
return this;
}
+ @Override
+ public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
+ return currentUserSession.hasPermission(permission, organization);
+ }
+
@Override
public boolean hasPermission(OrganizationPermission permission, String organizationUuid) {
return currentUserSession.hasPermission(permission, organizationUuid);
}
+ @Override
+ public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
+ currentUserSession.checkPermission(permission, organization);
+ return this;
+ }
+
@Override
public UserSession checkPermission(OrganizationPermission permission, String organizationUuid) {
currentUserSession.checkPermission(permission, organizationUuid);
@@ -305,12 +316,13 @@ public UserSession checkPermission(OrganizationPermission permission, String org
@Override
public boolean hasOrganizationPermission(String organizationUuid, String permission) {
- return currentUserSession.hasOrganizationPermission(organizationUuid, permission);
+ return currentUserSession.hasPermission(OrganizationPermission.fromKey(permission), organizationUuid);
}
@Override
- public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
- return currentUserSession.hasPermission(permission, organization);
+ public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
+ currentUserSession.checkPermission(OrganizationPermission.fromKey(permission), organizationUuid);
+ return this;
}
@Override
@@ -335,16 +347,4 @@ public UserSession checkIsSystemAdministrator() {
currentUserSession.checkIsSystemAdministrator();
return this;
}
-
- @Override
- public UserSession checkOrganizationPermission(String organizationUuid, String permission) {
- currentUserSession.checkOrganizationPermission(organizationUuid, permission);
- return this;
- }
-
- @Override
- public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
- currentUserSession.checkPermission(permission, organization);
- return this;
- }
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java
index 0a293bc89743..053145fea5eb 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/ComponentActionTest.java
@@ -35,7 +35,6 @@
import org.sonar.api.web.page.Page.Qualifier;
import org.sonar.api.web.page.PageDefinition;
import org.sonar.core.component.DefaultResourceTypes;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.core.platform.PluginRepository;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
@@ -52,6 +51,7 @@
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.permission.OrganizationPermission;
import org.sonar.server.qualitygate.QualityGateFinder;
import org.sonar.server.qualityprofile.QPMeasureData;
import org.sonar.server.qualityprofile.QualityProfile;
@@ -65,8 +65,6 @@
import static org.mockito.Mockito.when;
import static org.sonar.api.measures.CoreMetrics.QUALITY_PROFILES_KEY;
import static org.sonar.api.web.page.Page.Scope.COMPONENT;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
import static org.sonar.db.component.ComponentTesting.newDirectory;
import static org.sonar.db.component.ComponentTesting.newFileDto;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
@@ -74,6 +72,8 @@
import static org.sonar.db.component.SnapshotTesting.newAnalysis;
import static org.sonar.db.measure.MeasureTesting.newMeasureDto;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.test.JsonAssert.assertJson;
public class ComponentActionTest {
@@ -312,7 +312,7 @@ public void return_configuration_for_quality_profile_admin() throws Exception {
componentDbTester.insertComponent(project);
userSessionRule.logIn()
.addProjectUuidPermissions(UserRole.USER, project.uuid())
- .addOrganizationPermission(project.getOrganizationUuid(), QUALITY_PROFILE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_PROFILES, project.getOrganizationUuid());
executeAndVerify(project.key(), "return_configuration_for_quality_profile_admin.json");
}
@@ -323,7 +323,7 @@ public void return_configuration_for_quality_gate_admin() throws Exception {
componentDbTester.insertComponent(project);
userSessionRule.logIn()
.addProjectUuidPermissions(UserRole.USER, project.uuid())
- .addOrganizationPermission(project.getOrganizationUuid(), QUALITY_GATE_ADMIN);
+ .addPermission(ADMINISTER_QUALITY_GATES, project.getOrganizationUuid());
executeAndVerify(project.key(), "return_configuration_for_quality_gate_admin.json");
}
@@ -389,7 +389,7 @@ public void canApplyPermissionTemplate_is_true_if_logged_in_as_organization_admi
userSessionRule.logIn()
.addProjectUuidPermissions(UserRole.ADMIN, project.uuid())
- .addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ .addPermission(OrganizationPermission.ADMINISTER, org);
assertJson(execute(project.key())).isSimilarTo("{\"configuration\": {\"canApplyPermissionTemplate\": true}}");
userSessionRule.logIn()
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
index 46174db1ace1..625825e3ac73 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ui/ws/OrganizationActionTest.java
@@ -36,7 +36,8 @@
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonar.test.JsonAssert.assertJson;
public class OrganizationActionTest {
@@ -79,8 +80,8 @@ public void fails_with_IAE_if_parameter_organization_is_not_specified() {
public void verify_example() {
OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
userSession.logIn()
- .addOrganizationPermission(organization, "admin")
- .addOrganizationPermission(organization, "provisioning");
+ .addPermission(ADMINISTER, organization)
+ .addPermission(PROVISION_PROJECTS, organization);
TestResponse response = executeRequest(organization);
@@ -107,7 +108,7 @@ public void returns_non_admin_and_canDelete_false_when_user_logged_in_but_not_ad
@Test
public void returns_admin_and_canDelete_true_when_user_logged_in_and_admin_and_key_is_the_default_organization() {
OrganizationDto defaultOrganization = dbTester.getDefaultOrganization();
- userSession.logIn().addOrganizationPermission(defaultOrganization.getUuid(), "admin");
+ userSession.logIn().addPermission(ADMINISTER, defaultOrganization);
TestResponse response = executeRequest(defaultOrganization);
@@ -135,7 +136,7 @@ public void returns_non_admin_and_canDelete_false_when_user_logged_in_but_not_ad
@Test
public void returns_admin_and_canDelete_true_when_user_logged_in_and_admin_and_key_is_not_the_default_organization() {
OrganizationDto organization = dbTester.organizations().insert();
- userSession.logIn().addOrganizationPermission(organization.getUuid(), "admin");
+ userSession.logIn().addPermission(ADMINISTER, organization);
TestResponse response = executeRequest(organization);
@@ -145,7 +146,7 @@ public void returns_admin_and_canDelete_true_when_user_logged_in_and_admin_and_k
@Test
public void returns_admin_and_canDelete_false_when_user_logged_in_and_admin_and_key_is_guarded_organization() {
OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
- userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, organization);
TestResponse response = executeRequest(organization);
@@ -167,7 +168,7 @@ public void returns_provisioning_true_when_user_can_provision_projects_in_organi
// user can provision projects in org2 but not in org1
OrganizationDto org1 = dbTester.organizations().insert();
OrganizationDto org2 = dbTester.organizations().insert();
- userSession.logIn().addOrganizationPermission(org2, "provisioning");
+ userSession.logIn().addPermission(PROVISION_PROJECTS, org2);
verifyResponse(executeRequest(org1), false, false, false);
verifyResponse(executeRequest(org2), false, true, false);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
index bad1581b20d5..76c53edde48e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
@@ -36,6 +36,7 @@
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.organization.TestOrganizationFlags;
+import org.sonar.server.permission.OrganizationPermission;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
@@ -88,7 +89,6 @@ public void anonymous_is_not_logged_in_and_does_not_have_login() throws Exceptio
assertThat(session.isLoggedIn()).isFalse();
}
-
@Test
public void getGroups_is_empty_on_anonymous() {
assertThat(newAnonymousSession().getGroups()).isEmpty();
@@ -174,7 +174,7 @@ public void checkOrganizationPermission_throws_ForbiddenException_when_user_does
expectInsufficientPrivilegesForbiddenException();
- newUserSession(NON_ROOT_USER_DTO).checkOrganizationPermission(org.getUuid(), PROVISIONING);
+ newUserSession(NON_ROOT_USER_DTO).checkPermission(OrganizationPermission.PROVISION_PROJECTS, org);
}
@Test
@@ -183,72 +183,72 @@ public void checkOrganizationPermission_succeeds_when_user_has_the_specified_per
db.users().insertUser(NON_ROOT_USER_DTO);
db.users().insertPermissionOnUser(org, NON_ROOT_USER_DTO, PROVISIONING);
- newUserSession(NON_ROOT_USER_DTO).checkOrganizationPermission(org.getUuid(), PROVISIONING);
+ newUserSession(NON_ROOT_USER_DTO).checkPermission(OrganizationPermission.PROVISION_PROJECTS, org);
}
@Test
public void checkOrganizationPermission_succeeds_when_user_is_root() {
OrganizationDto org = db.organizations().insert();
- newUserSession(ROOT_USER_DTO).checkOrganizationPermission(org.getUuid(), PROVISIONING);
+ newUserSession(ROOT_USER_DTO).checkPermission(OrganizationPermission.PROVISION_PROJECTS, org);
}
@Test
- public void test_hasOrganizationPermission_for_logged_in_user() {
+ public void test_hasPermission_on_organization_for_logged_in_user() {
OrganizationDto org = db.organizations().insert();
ComponentDto project = db.components().insertProject(org);
db.users().insertPermissionOnUser(org, userDto, PROVISIONING);
db.users().insertProjectPermissionOnUser(userDto, UserRole.ADMIN, project);
UserSession session = newUserSession(userDto);
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SYSTEM_ADMIN)).isFalse();
- assertThat(session.hasOrganizationPermission("another-org", PROVISIONING)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.ADMINISTER, org.getUuid())).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, "another-org")).isFalse();
}
@Test
- public void test_hasOrganizationPermission_for_anonymous_user() {
+ public void test_hasPermission_on_organization_for_anonymous_user() {
OrganizationDto org = db.organizations().insert();
db.users().insertPermissionOnAnyone(org, PROVISIONING);
UserSession session = newAnonymousSession();
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SYSTEM_ADMIN)).isFalse();
- assertThat(session.hasOrganizationPermission("another-org", PROVISIONING)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.ADMINISTER, org.getUuid())).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, "another-org")).isFalse();
}
@Test
- public void hasOrganizationPermission_keeps_cache_of_permissions_of_logged_in_user() {
+ public void hasPermission_on_organization_keeps_cache_of_permissions_of_logged_in_user() {
OrganizationDto org = db.organizations().insert();
db.users().insertPermissionOnUser(org, userDto, PROVISIONING);
UserSession session = newUserSession(userDto);
// feed the cache
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
// change permissions without updating the cache
db.users().deletePermissionFromUser(org, userDto, PROVISIONING);
db.users().insertPermissionOnUser(org, userDto, SCAN_EXECUTION);
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SYSTEM_ADMIN)).isFalse();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SCAN_EXECUTION)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.ADMINISTER, org.getUuid())).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.SCAN, org.getUuid())).isFalse();
}
@Test
- public void hasOrganizationPermission_keeps_cache_of_permissions_of_anonymous_user() {
+ public void hasPermission_on_organization_keeps_cache_of_permissions_of_anonymous_user() {
OrganizationDto org = db.organizations().insert();
db.users().insertPermissionOnAnyone(org, PROVISIONING);
UserSession session = newAnonymousSession();
// feed the cache
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
// change permissions without updating the cache
db.users().insertPermissionOnAnyone(org, SCAN_EXECUTION);
- assertThat(session.hasOrganizationPermission(org.getUuid(), PROVISIONING)).isTrue();
- assertThat(session.hasOrganizationPermission(org.getUuid(), SCAN_EXECUTION)).isFalse();
+ assertThat(session.hasPermission(OrganizationPermission.PROVISION_PROJECTS, org.getUuid())).isTrue();
+ assertThat(session.hasPermission(OrganizationPermission.SCAN, org.getUuid())).isFalse();
}
@Test
@@ -318,7 +318,6 @@ public void hasComponentPermission_keeps_cache_of_permissions_of_logged_in_user(
assertThat(session.hasComponentPermission(UserRole.ADMIN, project)).isFalse();
}
-
@Test
public void isSystemAdministrator_returns_true_if_org_feature_is_enabled_and_user_is_root() {
organizationFlags.setEnabled(true);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java
index 77995b481874..1a823ff49192 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CurrentActionTest.java
@@ -23,7 +23,6 @@
import org.junit.Rule;
import org.junit.Test;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.user.GroupDto;
@@ -37,6 +36,9 @@
import static com.google.common.collect.Lists.newArrayList;
import static org.sonar.db.user.GroupTesting.newGroupDto;
import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
+import static org.sonar.server.permission.OrganizationPermission.SCAN;
import static org.sonar.test.JsonAssert.assertJson;
public class CurrentActionTest {
@@ -60,11 +62,11 @@ public void json_example() {
// permissions on default organization
userSessionRule
- .addOrganizationPermission(db.getDefaultOrganization(), GlobalPermissions.SCAN_EXECUTION)
- .addOrganizationPermission(db.getDefaultOrganization(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ .addPermission(SCAN, db.getDefaultOrganization())
+ .addPermission(ADMINISTER_QUALITY_PROFILES, db.getDefaultOrganization());
// permissions on other organizations are ignored
- userSessionRule.addOrganizationPermission(db.organizations().insert(), GlobalPermissions.SYSTEM_ADMIN);
+ userSessionRule.addPermission(ADMINISTER, db.organizations().insert());
UserDto obiwan = db.users().insertUser(
newUserDto("obiwan.kenobi", "Obiwan Kenobi", "obiwan.kenobi@starwars.com")
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
index 95bb208352ae..b8a7f962c4f3 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
@@ -39,7 +39,7 @@
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
@@ -230,7 +230,7 @@ private void loginAsAdminOnDefaultOrganization() {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private GroupWsSupport newGroupWsSupport() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java
index adc34488d56e..ee0e33548610 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/CreateActionTest.java
@@ -25,7 +25,6 @@
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
@@ -37,6 +36,7 @@
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class CreateActionTest {
@@ -219,7 +219,7 @@ private void loginAsAdminOnDefaultOrganization() {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private GroupWsSupport newGroupWsSupport() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
index bdfd129a8ebf..32c61a476ff2 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
@@ -28,7 +28,6 @@
import org.sonar.api.config.Settings;
import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDbTester;
import org.sonar.db.component.ComponentDto;
@@ -45,6 +44,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
@@ -290,7 +290,7 @@ private void loginAsAdminOnDefaultOrganization() {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
private WsTester.TestRequest newRequest() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
index 1bd98d38376e..5463bed8a707 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
@@ -37,6 +37,7 @@
import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_LOGIN;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_ORGANIZATION_KEY;
@@ -225,7 +226,7 @@ private void loginAsAdminOnDefaultOrganization() {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn("admin").addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn("admin").addPermission(ADMINISTER, org);
}
private UserDto insertAnAdministratorInDefaultOrganization() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java
index 4ef669b469db..27c329e546b6 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/SearchActionTest.java
@@ -36,8 +36,8 @@
import static org.apache.commons.lang.StringUtils.capitalize;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.user.GroupTesting.newGroupDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class SearchActionTest {
@@ -159,7 +159,7 @@ public void search_in_organization() throws Exception {
// the group in default org is not returned
db.users().insertGroup(db.getDefaultOrganization(), "users");
loginAsDefaultOrgAdmin();
- userSession.addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ userSession.addPermission(ADMINISTER, org);
newRequest()
.setParam("organization", org.getKey())
@@ -191,7 +191,7 @@ private void insertGroup(OrganizationDto org, String name, int numberOfMembers)
}
private void loginAsDefaultOrgAdmin() {
- userSession.logIn("user").addOrganizationPermission(db.getDefaultOrganization().getUuid(), SYSTEM_ADMIN);
+ userSession.logIn("user").addPermission(ADMINISTER, db.getDefaultOrganization());
}
private GroupWsSupport newGroupWsSupport() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java
index 72316db5bc1e..ee2de184ab56 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java
@@ -25,7 +25,6 @@
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
@@ -45,6 +44,7 @@
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
public class UpdateActionTest {
@@ -292,6 +292,6 @@ private void loginAsAdminOnDefaultOrganization() {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java
index b867cf1b6ec1..5a0b33b69519 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UsersActionTest.java
@@ -26,7 +26,6 @@
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.api.server.ws.WebService.SelectionMode;
import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
@@ -40,6 +39,7 @@
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonar.server.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;
public class UsersActionTest {
@@ -273,6 +273,6 @@ private void loginAsAdminOnDefaultOrganization() {
}
private void loginAsAdmin(OrganizationDto org) {
- userSession.logIn().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
+ userSession.logIn().addPermission(ADMINISTER, org);
}
}