SONAR-8774 Sanitize parameter names of the api/projects domain

SonarSource · Feb 16, 2017 · e6dd781 · e6dd781
1 parent 6416a83
commit e6dd781
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 31 deletions.
diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java
@@ -38,8 +38,8 @@
 public class BulkDeleteAction implements ProjectsWsAction {
 
   private static final String ACTION = "bulk_delete";
-  private static final String PARAM_IDS = "ids";
-  private static final String PARAM_KEYS = "keys";
+  private static final String PARAM_PROJECT_IDS = "projectIds";
+  private static final String PARAM_PROJECTS = "projects";
 
   private final ComponentCleanerService componentCleanerService;
   private final DbClient dbClient;
@@ -59,18 +59,21 @@ public void define(WebService.NewController context) {
     WebService.NewAction action = context
       .createAction(ACTION)
       .setPost(true)
-      .setDescription("Delete one or several projects.<br /> Requires 'Administer System' permission.")
+      .setDescription("Delete one or several projects.<br />" +
+        "Requires 'Administer System' permission.")
       .setSince("5.2")
       .setHandler(this);
 
     action
-      .createParam(PARAM_IDS)
-      .setDescription("List of project ids to delete")
+      .createParam(PARAM_PROJECT_IDS)
+      .setDescription("List of project IDs to delete")
+      .setDeprecatedKey("ids", "6.4")
       .setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d,c526ef20-131b-4486-9357-063fa64b5079");
 
     action
-      .createParam(PARAM_KEYS)
+      .createParam(PARAM_PROJECTS)
       .setDescription("List of project keys to delete")
+      .setDeprecatedKey("keys", "6.4")
       .setExampleValue(KEY_PROJECT_EXAMPLE_001);
 
     support.addOrganizationParam(action);
@@ -80,8 +83,8 @@ public void define(WebService.NewController context) {
   public void handle(Request request, Response response) throws Exception {
     userSession.checkLoggedIn();
 
-    List<String> uuids = request.paramAsStrings(PARAM_IDS);
-    List<String> keys = request.paramAsStrings(PARAM_KEYS);
+    List<String> uuids = request.paramAsStrings(PARAM_PROJECT_IDS);
+    List<String> keys = request.paramAsStrings(PARAM_PROJECTS);
     String orgKey = request.param(ProjectsWsSupport.PARAM_ORGANIZATION);
 
     try (DbSession dbSession = dbClient.openSession(false)) {

diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/DeleteAction.java
@@ -31,15 +31,14 @@
 import org.sonar.server.component.ComponentFinder;
 import org.sonar.server.user.UserSession;
 
-import static org.sonar.server.component.ComponentFinder.ParamNames.ID_AND_KEY;
+import static org.sonar.server.component.ComponentFinder.ParamNames.PROJECT_ID_AND_PROJECT;
 import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
 
 public class DeleteAction implements ProjectsWsAction {
   private static final String ACTION = "delete";
 
-  public static final String PARAM_ID = "id";
-  public static final String PARAM_KEY = "key";
-
   private final ComponentCleanerService componentCleanerService;
   private final ComponentFinder componentFinder;
   private final DbClient dbClient;
@@ -57,30 +56,33 @@ public void define(WebService.NewController context) {
     WebService.NewAction action = context
       .createAction(ACTION)
       .setPost(true)
-      .setDescription("Delete a project.<br /> Requires 'Administer System' permission or 'Administer' permission on the project.")
+      .setDescription("Delete a project.<br> " +
+        "Requires 'Administer System' permission or 'Administer' permission on the project.")
       .setSince("5.2")
       .setHandler(this);
 
     action
-      .createParam(PARAM_ID)
-      .setDescription("Project id")
+      .createParam(PARAM_PROJECT_ID)
+      .setDescription("Project ID")
+      .setDeprecatedKey("id", "6.4")
       .setExampleValue("ce4c03d6-430f-40a9-b777-ad877c00aa4d");
 
     action
-      .createParam(PARAM_KEY)
+      .createParam(PARAM_PROJECT)
       .setDescription("Project key")
+      .setDeprecatedKey("key", "6.4")
       .setExampleValue(KEY_PROJECT_EXAMPLE_001);
   }
 
   @Override
   public void handle(Request request, Response response) throws Exception {
     // fail-fast if not logged in
     userSession.checkLoggedIn();
-    String uuid = request.param(PARAM_ID);
-    String key = request.param(PARAM_KEY);
+    String uuid = request.param(PARAM_PROJECT_ID);
+    String key = request.param(PARAM_PROJECT);
 
     try (DbSession dbSession = dbClient.openSession(false)) {
-      ComponentDto project = componentFinder.getByUuidOrKey(dbSession, uuid, key, ID_AND_KEY);
+      ComponentDto project = componentFinder.getByUuidOrKey(dbSession, uuid, key, PROJECT_ID_AND_PROJECT);
       checkPermission(project);
       componentCleanerService.delete(dbSession, project);
     }

diff --git a/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java b/server/sonar-server/src/main/java/org/sonar/server/project/ws/IndexAction.java
@@ -48,7 +48,7 @@
  */
 public class IndexAction implements ProjectsWsAction {
 
-  private static final String PARAM_KEY = "key";
+  private static final String PARAM_PROJECT = "project";
   private static final String PARAM_SEARCH = "search";
   private static final String PARAM_SUB_PROJECTS = "subprojects";
   private static final String PARAM_FORMAT = "format";
@@ -69,19 +69,24 @@ public void define(WebService.NewController context) {
       .setDeprecatedSince("6.3")
       .setHandler(this)
       .setResponseExample(Resources.getResource(this.getClass(), "index-example.json"));
-    action.createParam(PARAM_KEY)
-      .setDescription("key or id of the project")
+
+    action.createParam(PARAM_PROJECT)
+      .setDescription("key or ID of the project")
+      .setDeprecatedKey("key", "6.4")
       .setExampleValue(KEY_PROJECT_EXAMPLE_001);
+
     action.createParam(PARAM_SEARCH)
       .setDescription("Substring of project name, case insensitive. Ignored if the parameter key is set")
       .setExampleValue("Sonar");
     action.createParam(PARAM_SUB_PROJECTS)
       .setDescription("Load sub-projects. Ignored if the parameter key is set")
       .setDefaultValue("false")
       .setBooleanPossibleValues();
+
     action.createParam(PARAM_FORMAT)
       .setDescription("Only json response format is available")
       .setPossibleValues("json");
+
     addRemovedParameter("desc", action);
     addRemovedParameter("views", action);
     addRemovedParameter("libs", action);
@@ -112,7 +117,7 @@ private Optional<ComponentDto> getProjectByKeyOrId(DbSession dbSession, String c
   }
 
   private List<ComponentDto> searchComponents(DbSession dbSession, Request request) {
-    String projectKey = request.param(PARAM_KEY);
+    String projectKey = request.param(PARAM_PROJECT);
     List<ComponentDto> projects = new ArrayList<>();
     if (projectKey != null) {
       getProjectByKeyOrId(dbSession, projectKey).ifPresent(projects::add);

diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
@@ -43,9 +43,9 @@
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.server.project.ws.DeleteAction.PARAM_ID;
-import static org.sonar.server.project.ws.DeleteAction.PARAM_KEY;
 import static org.sonarqube.ws.client.project.ProjectsWsParameters.CONTROLLER;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT;
+import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
 
 public class DeleteActionTest {
 
@@ -82,7 +82,7 @@ public void organization_administrator_deletes_project_by_id() throws Exception
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
 
-    WsTester.TestRequest request = newRequest().setParam(PARAM_ID, project.uuid());
+    WsTester.TestRequest request = newRequest().setParam(PARAM_PROJECT_ID, project.uuid());
     call(request);
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
@@ -93,7 +93,7 @@ public void organization_administrator_deletes_project_by_key() throws Exception
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
 
-    call(newRequest().setParam(PARAM_KEY, project.key()));
+    call(newRequest().setParam(PARAM_PROJECT, project.key()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
   }
@@ -109,7 +109,7 @@ public void project_administrator_deletes_the_project_by_uuid() throws Exception
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
-    call(newRequest().setParam(PARAM_ID, project.uuid()));
+    call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
   }
@@ -119,7 +119,7 @@ public void project_administrator_deletes_the_project_by_key() throws Exception
     ComponentDto project = componentDbTester.insertProject();
     userSessionRule.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
-    call(newRequest().setParam(PARAM_KEY, project.key()));
+    call(newRequest().setParam(PARAM_PROJECT, project.key()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
   }
@@ -131,7 +131,7 @@ public void return_403_if_not_project_admin_nor_org_admin() throws Exception {
     userSessionRule.logIn().addProjectUuidPermissions(project.uuid(), UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.USER);
     expectedException.expect(ForbiddenException.class);
 
-    call(newRequest().setParam(PARAM_ID, project.uuid()));
+    call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
   }
 
   @Test
@@ -141,7 +141,7 @@ public void return_401_if_not_logged_in() throws Exception {
     userSessionRule.anonymous();
     expectedException.expect(UnauthorizedException.class);
 
-    call(newRequest().setParam(PARAM_ID, project.uuid()));
+    call(newRequest().setParam(PARAM_PROJECT_ID, project.uuid()));
   }
 
   private WsTester.TestRequest newRequest() {

diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsWsParameters.java
@@ -27,6 +27,7 @@ public class ProjectsWsParameters {
   public static final String ACTION_INDEX = "index";
 
   public static final String PARAM_PROJECT = "project";
+  public static final String PARAM_PROJECT_ID = "projectId";
   public static final String PARAM_NAME = "name";
   public static final String PARAM_BRANCH = "branch";