// filter on project, else filter org permissions
private final String componentUuid;
private final Long componentId;
- private final String template;
// filter on login, email or name of users or groups
private final String searchQuery;
this.withAtLeastOnePermission = builder.withAtLeastOnePermission;
this.componentUuid = builder.componentUuid;
this.componentId = builder.componentId;
- this.template = builder.template;
this.searchQuery = builder.searchQuery;
this.searchQueryToSql = builder.searchQuery == null ? null : buildLikeValue(builder.searchQuery, WildcardPosition.BEFORE_AND_AFTER);
this.searchQueryToSqlLowercase = searchQueryToSql == null ? null : searchQueryToSql.toLowerCase(Locale.ENGLISH);
return withAtLeastOnePermission;
}
- // TODO remove it, it should not be in the query, but set as a separate parameter
- @Deprecated
- public String template() {
- return template;
- }
-
@CheckForNull
public String getComponentUuid() {
return componentUuid;
private String organizationUuid;
private String componentUuid;
private Long componentId;
- private String template;
private String searchQuery;
private boolean withAtLeastOnePermission;
return this;
}
- public Builder setTemplate(@Nullable String template) {
- this.template = template;
- return this;
- }
-
public Builder setComponent(ComponentDto component) {
return setComponent(component.uuid(), component.getId());
}
<sql id="userLoginsByQueryAndTemplate">
FROM users u
- LEFT JOIN perm_templates_users ptu ON ptu.user_id=u.id AND ptu.template_id=#{templateId}
- INNER JOIN organization_members om ON u.id=om.user_id AND om.organization_uuid=#{query.organizationUuid}
+ LEFT JOIN perm_templates_users ptu ON ptu.user_id=u.id
+ AND ptu.template_id=#{templateId}
+ INNER JOIN organization_members om ON u.id=om.user_id
+ AND om.organization_uuid=#{query.organizationUuid}
<where>
u.active = ${_true}
<if test="query.getSearchQueryToSql() != null">
FROM groups g
LEFT JOIN perm_templates_groups ptg ON
ptg.group_id=g.id
+ AND ptg.template_id=#{templateId}
where
g.organization_uuid=#{query.organizationUuid,jdbcType=VARCHAR}
UNION ALL
'Anyone' AS name,
ptg.permission_reference AS permission,
ptg.template_id AS templateId
- FROM perm_templates_groups ptg
+ FROM groups g
+ LEFT JOIN perm_templates_groups ptg ON
+ ptg.template_id=#{templateId}
<where>
+ g.organization_uuid=#{query.organizationUuid,jdbcType=VARCHAR}
<if test="query.withAtLeastOnePermission()">
AND ptg.group_id IS NULL
</if>
import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.USER;
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
+import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
import static org.sonar.db.permission.PermissionQuery.builder;
import static org.sonar.db.user.GroupTesting.newGroupDto;
public void selectGroupNamesByQueryAndTemplate_is_ordering_results_by_groups_with_permission_then_by_name() {
OrganizationDto organization = db.organizations().insert();
PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
-
GroupDto group1 = db.users().insertGroup(organization, "A");
GroupDto group2 = db.users().insertGroup(organization, "B");
GroupDto group3 = db.users().insertGroup(organization, "C");
.containsExactly("Anyone", group3.getName(), group1.getName(), group2.getName());
}
+ @Test
+ public void selectGroupNamesByQueryAndTemplate_is_order_by_groups_with_permission_then_by_name_when_many_groups() {
+ OrganizationDto organization = db.organizations().insert();
+ PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
+ IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
+ db.users().insertGroup(organization, "Group-" + i);
+ });
+
+ String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1);
+ permissionTemplateDbTester.addGroupToTemplate(template, db.users().selectGroup(organization, lastGroupName).get(), UserRole.USER);
+
+ PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+ assertThat(underTest.selectGroupNamesByQueryAndTemplate(db.getSession(), query, template.getId()))
+ .hasSize(DEFAULT_PAGE_SIZE)
+ .startsWith("Anyone", lastGroupName, "Group-1");
+ }
+
+ @Test
+ public void selectGroupNamesByQueryAndTemplate_ignores_other_template_and_is_ordered_by_groups_with_permission_then_by_name_when_many_groups() {
+ OrganizationDto organization = db.organizations().insert();
+ PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
+ PermissionTemplateDto otherTemplate = permissionTemplateDbTester.insertTemplate(organization);
+ IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
+ GroupDto group = db.users().insertGroup(organization, "Group-" + i);
+ permissionTemplateDbTester.addGroupToTemplate(otherTemplate, group, UserRole.USER);
+ });
+
+ String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1);
+ permissionTemplateDbTester.addGroupToTemplate(template, db.users().selectGroup(organization, lastGroupName).get(), UserRole.USER);
+
+ PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+ assertThat(underTest.selectGroupNamesByQueryAndTemplate(db.getSession(), query, template.getId()))
+ .hasSize(DEFAULT_PAGE_SIZE)
+ .startsWith("Anyone", lastGroupName, "Group-1");
+ }
+
@Test
public void select_group_names_by_query_and_template_is_paginated() {
OrganizationDto organization = db.organizations().insert();
OrganizationDto organization = db.organizations().insert();
PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
- GroupDto group = db.users().insertGroup(newGroupDto().setName("Group"));
+ GroupDto group = db.users().insertGroup(organization, "Group");
PermissionTemplateDto otherTemplate = permissionTemplateDbTester.insertTemplate(organization);
permissionTemplateDbTester.addGroupToTemplate(otherTemplate.getId(), group.getId(), USER);
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
-import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
@Rule
public ExpectedException expectedException = ExpectedException.none();
-
@Rule
public DbTester db = DbTester.create();
}
@Test
- public void should_create_permission_template() {
+ public void create_permission_template() {
PermissionTemplateDto permissionTemplate = underTest.insert(db.getSession(), newPermissionTemplateDto()
.setUuid("ABCD")
.setName("my template")
}
@Test
- public void should_select_permission_template_by_uuid() {
+ public void select_permission_template_by_uuid() {
templateDb.insertTemplate(newPermissionTemplateDto()
.setUuid("ABCD")
.setName("my template")
}
@Test
- public void should_delete_permission_template() {
+ public void delete_permission_template() {
UserDto user1 = db.users().insertUser();
UserDto user2 = db.users().insertUser();
GroupDto group1 = db.users().insertGroup();
}
@Test
- public void should_add_user_permission_to_template() {
+ public void add_user_permission_to_template() {
PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
UserDto user = db.users().insertUser();
}
@Test
- public void should_remove_user_permission_from_template() {
+ public void remove_user_permission_from_template() {
PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
UserDto user1 = db.users().insertUser();
UserDto user2 = db.users().insertUser();
}
@Test
- public void should_add_group_permission_to_template() {
+ public void add_group_permission_to_template() {
PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
GroupDto group = db.users().insertGroup();
}
@Test
- public void should_add_group_permission_to_anyone() {
+ public void add_group_permission_to_anyone() {
PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
underTest.insertGroupPermission(dbSession, permissionTemplate.getId(), null, "user");
package org.sonar.db.permission.template;
import java.util.Collections;
+import java.util.stream.IntStream;
import org.junit.Rule;
import org.junit.Test;
import org.sonar.api.utils.System2;
import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.USER;
+import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
import static org.sonar.db.permission.PermissionQuery.builder;
public class UserWithPermissionTemplateDaoTest {
.containsExactly(user3.getLogin(), user1.getLogin(), user2.getLogin());
}
+ @Test
+ public void selectUserLoginsByQueryAndTemplate_is_order_by_groups_with_permission_when_many_users() {
+ OrganizationDto organization = db.organizations().insert();
+ PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);
+ // Add another template having some users with permission to make sure it's correctly ignored
+ PermissionTemplateDto otherTemplate = db.permissionTemplates().insertTemplate(organization);
+ IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
+ UserDto user = db.users().insertUser("User-" + i);
+ db.organizations().addMember(organization, user);
+ db.permissionTemplates().addUserToTemplate(otherTemplate, user, UserRole.USER);
+ });
+ String lastLogin = "User-" + (DEFAULT_PAGE_SIZE + 1);
+ db.permissionTemplates().addUserToTemplate(template, db.users().selectUserByLogin(lastLogin).get(), UserRole.USER);
+
+ PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+ assertThat(underTest.selectUserLoginsByQueryAndTemplate(db.getSession(), query, template.getId()))
+ .hasSize(DEFAULT_PAGE_SIZE)
+ .startsWith(lastLogin);
+ }
+
@Test
public void should_be_paginated() {
OrganizationDto organization = db.organizations().insert();
assertThat(underTest.selectUserPermissionsByTemplateIdAndUserLogins(dbSession, permissionTemplate.getId(), Collections.emptyList())).isEmpty();
assertThat(underTest.selectUserPermissionsByTemplateIdAndUserLogins(dbSession, 123L, singletonList(user1.getLogin()))).isEmpty();
}
+
}
String permission = wsRequest.param(PARAM_PERMISSION);
PermissionQuery.Builder query = PermissionQuery.builder()
.setOrganizationUuid(template.getOrganizationUuid())
- .setTemplate(template.getUuid())
.setPermission(permission != null ? requestValidator.validateProjectPermission(permission) : null)
.setPageIndex(wsRequest.mandatoryParamAsInt(PAGE))
.setPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE))
*/
package org.sonar.server.permission.ws.template;
+import java.util.stream.IntStream;
import javax.annotation.Nullable;
import org.junit.Test;
import org.sonar.api.resources.Qualifiers;
import org.sonar.api.resources.ResourceTypes;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.organization.OrganizationDto;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
import static org.sonar.api.web.UserRole.USER;
+import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto;
import static org.sonar.db.user.GroupTesting.newGroupDto;
import static org.sonar.test.JsonAssert.assertJson;
return new TemplateGroupsAction(db.getDbClient(), userSession, newPermissionWsSupport(), wsParameters, requestValidator);
}
+ @Test
+ public void define_template_groups() {
+ WebService.Action action = wsTester.getDef();
+
+ assertThat(action).isNotNull();
+ assertThat(action.key()).isEqualTo("template_groups");
+ assertThat(action.isPost()).isFalse();
+ assertThat(action.isInternal()).isTrue();
+ assertThat(action.since()).isEqualTo("5.2");
+ }
+
@Test
public void template_groups_of_json_example() {
GroupDto adminGroup = insertGroupOnDefaultOrganization("sonar-administrators", "System administrators");
// Anyone group
addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));
- commit();
loginAsAdmin(db.getDefaultOrganization());
String response = newRequest()
addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));
PermissionTemplateDto anotherTemplate = addTemplateToDefaultOrganization();
+ GroupDto group4 = db.users().insertGroup(db.getDefaultOrganization(), "group-4-name");
addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));
- commit();
+ addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group4.getId()));
loginAsAdmin(db.getDefaultOrganization());
WsGroupsResponse response = newRequest()
.setParam(PARAM_TEMPLATE_ID, template.getUuid())
.executeProtobuf(WsGroupsResponse.class);
- assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name", "group-3-name");
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name", "group-3-name", "group-4-name");
assertThat(response.getGroups(0).getPermissionsList()).containsOnly("user", "issueadmin");
assertThat(response.getGroups(1).getPermissionsList()).containsOnly("codeviewer", "admin");
assertThat(response.getGroups(2).getPermissionsList()).containsOnly("user", "admin");
+ assertThat(response.getGroups(3).getPermissionsList()).isEmpty();
}
@Test
PermissionTemplateDto anotherTemplate = addTemplateToDefaultOrganization();
addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));
- commit();
loginAsAdmin(db.getDefaultOrganization());
WsGroupsResponse response = newRequest()
PermissionTemplateDto anotherTemplate = addTemplateToDefaultOrganization();
addGroupToTemplate(newPermissionTemplateGroup(USER, anotherTemplate.getId(), group1.getId()));
- commit();
loginAsAdmin(db.getDefaultOrganization());
WsGroupsResponse response = newRequest()
addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");
addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group2.getId()));
- commit();
loginAsAdmin(db.getDefaultOrganization());
WsGroupsResponse response = newRequest()
addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");
GroupDto group3 = db.users().insertGroup(defaultOrg, "group-3");
- commit();
loginAsAdmin(db.getDefaultOrganization());
WsGroupsResponse response = newRequest()
db.users().insertGroup(defaultOrg, "group-1-name");
db.users().insertGroup(defaultOrg, "group-2-name");
db.users().insertGroup(defaultOrg, "group-3-name");
- commit();
loginAsAdmin(db.getDefaultOrganization());
WsGroupsResponse response = newRequest()
PermissionTemplateDto template = addTemplateToDefaultOrganization();
GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "group");
addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group.getId()));
- commit();
loginAsAdmin(db.getDefaultOrganization());
WsGroupsResponse response = newRequest()
assertThat(response.getGroups(0).getPermissionsList()).isEmpty();
}
+ @Test
+ public void search_ignores_other_template_and_is_ordered_by_groups_with_permission_then_by_name_when_many_groups() {
+ OrganizationDto defaultOrg = db.getDefaultOrganization();
+ PermissionTemplateDto template = addTemplateToDefaultOrganization();
+ PermissionTemplateDto otherTemplate = db.permissionTemplates().insertTemplate(defaultOrg);
+ IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
+ GroupDto group = db.users().insertGroup(defaultOrg, "Group-" + i);
+ db.permissionTemplates().addGroupToTemplate(otherTemplate, group, UserRole.USER);
+ });
+ String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1);
+ db.permissionTemplates().addGroupToTemplate(template, db.users().selectGroup(defaultOrg, lastGroupName).get(), UserRole.USER);
+ loginAsAdmin(db.getDefaultOrganization());
+
+ WsGroupsResponse response = newRequest()
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .executeProtobuf(WsGroupsResponse.class);
+
+ assertThat(response.getGroupsList())
+ .extracting("name")
+ .hasSize(DEFAULT_PAGE_SIZE)
+ .startsWith("Anyone", lastGroupName, "Group-1");
+ }
+
@Test
public void fail_if_not_logged_in() {
PermissionTemplateDto template1 = addTemplateToDefaultOrganization();
private void addGroupToTemplate(PermissionTemplateGroupDto permissionTemplateGroup) {
db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplateGroup);
+ db.commit();
}
private static PermissionTemplateGroupDto newPermissionTemplateGroup(String permission, long templateId, @Nullable Integer groupId) {
.setGroupId(groupId);
}
- private void commit() {
- db.commit();
- }
}
*/
package org.sonar.server.permission.ws.template;
+import java.util.stream.IntStream;
import javax.annotation.Nullable;
import org.junit.Test;
import org.sonar.api.resources.Qualifiers;
import org.sonar.api.resources.ResourceTypes;
import org.sonar.api.server.ws.WebService;
+import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.component.ResourceTypesRule;
+import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateUserDto;
import org.sonar.db.user.UserDto;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
import static org.sonar.api.web.UserRole.USER;
import static org.sonar.db.permission.OrganizationPermission.SCAN;
+import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateUserDto;
import static org.sonar.db.user.UserTesting.newUserDto;
import static org.sonar.test.JsonAssert.assertJson;
assertThat(response.getUsersList()).extracting("login").containsExactly("login-1", "login-2", "login-3");
}
+ @Test
+ public void search_ignores_other_template_and_is_ordered_by_users_with_permission_when_many_users() {
+ OrganizationDto defaultOrg = db.getDefaultOrganization();
+ PermissionTemplateDto template = addTemplateToDefaultOrganization();
+ // Add another template having some users with permission to make sure it's correctly ignored
+ PermissionTemplateDto otherTemplate = db.permissionTemplates().insertTemplate(defaultOrg);
+ IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
+ UserDto user = db.users().insertUser("User-" + i);
+ db.organizations().addMember(db.getDefaultOrganization(), user);
+ db.permissionTemplates().addUserToTemplate(otherTemplate, user, UserRole.USER);
+ });
+ String lastLogin = "User-" + (DEFAULT_PAGE_SIZE + 1);
+ db.permissionTemplates().addUserToTemplate(template, db.users().selectUserByLogin(lastLogin).get(), UserRole.USER);
+ loginAsAdmin(defaultOrg);
+
+ Permissions.UsersWsResponse response = newRequest(null, null)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .executeProtobuf(Permissions.UsersWsResponse.class);
+
+ assertThat(response.getUsersList())
+ .extracting("login")
+ .hasSize(DEFAULT_PAGE_SIZE)
+ .startsWith(lastLogin);
+ }
+
@Test
public void fail_if_not_a_project_permission() {
PermissionTemplateDto template = addTemplateToDefaultOrganization();
projects / sonarqube.git / commitdiff