use of org.sonar.db.permission.OrganizationPermission.ADMINISTER in project sonarqube by SonarSource.
the class UpdateAction method handle.
@Override
public void handle(Request request, Response response) throws Exception {
userSession.checkLoggedIn();
try (DbSession dbSession = dbClient.openSession(false)) {
organizationFlags.checkEnabled(dbSession);
String key = request.mandatoryParam(PARAM_KEY);
UpdateOrganizationRequest updateRequest = new UpdateOrganizationRequest(request.getParam(PARAM_NAME, (rqt, paramKey) -> wsSupport.getAndCheckName(rqt)), request.getParam(PARAM_DESCRIPTION, (rqt, paramKey) -> emptyAsNull(wsSupport.getAndCheckDescription(rqt))), request.getParam(PARAM_URL, (rqt, paramKey) -> emptyAsNull(wsSupport.getAndCheckUrl(rqt))), request.getParam(PARAM_AVATAR_URL, (rqt, paramKey) -> emptyAsNull(wsSupport.getAndCheckAvatar(rqt))));
OrganizationDto dto = getDto(dbSession, key);
userSession.checkPermission(ADMINISTER, dto);
dto.setName(updateRequest.getName().or(dto::getName)).setDescription(updateRequest.getDescription().or(dto::getDescription)).setUrl(updateRequest.getUrl().or(dto::getUrl)).setAvatarUrl(updateRequest.getAvatar().or(dto::getAvatarUrl));
dbClient.organizationDao().update(dbSession, dto);
dbSession.commit();
writeResponse(request, response, dto);
}
}
use of org.sonar.db.permission.OrganizationPermission.ADMINISTER in project sonarqube by SonarSource.
the class SearchMyOrganizationsActionTest method returns_organization_of_authenticated_user_only_for_ADMIN_permission.
@Test
public void returns_organization_of_authenticated_user_only_for_ADMIN_permission() {
UserDto user = dbTester.users().insertUser();
OrganizationDto organization1 = dbTester.organizations().insert();
OrganizationDto organization2 = dbTester.organizations().insert();
GroupDto group = dbTester.users().insertGroup(organization2);
dbTester.users().insertMember(group, user);
OrganizationPermission.all().filter(p -> p != ADMINISTER).forEach(p -> {
dbTester.users().insertPermissionOnUser(organization1, user, p);
dbTester.users().insertPermissionOnGroup(group, p);
});
userSessionRule.logIn(user);
assertJson(underTest.newRequest().execute().getInput()).isSimilarTo(NO_ORGANIZATIONS_RESPONSE);
}
Aggregations