});
}
+ public List<PermissionTemplateGroupDto> selectAllGroupPermissionTemplatesByGroupId(DbSession dbSession, long groupId) {
+ return mapper(dbSession).selectAllGroupPermissionTemplatesByGroupId(groupId);
+ }
+
public void deleteById(DbSession session, long templateId) {
PermissionTemplateMapper mapper = mapper(session);
mapper.deleteUserPermissionsByTemplateId(templateId);
List<Long> selectTemplateIdsByOrganization(@Param("organizationUuid") String organizationUuid);
+ List<PermissionTemplateGroupDto> selectAllGroupPermissionTemplatesByGroupId(@Param("groupId") Long groupId);
+
}
where
organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
</select>
+
+ <select id="selectAllGroupPermissionTemplatesByGroupId" parameterType="Long" resultType="PermissionTemplateGroup">
+ SELECT
+ ptg.id,
+ ptg.template_id as templateId,
+ ptg.permission_reference AS permission,
+ ptg.group_id AS groupId,
+ g.name AS groupName,
+ ptg.created_at as createdAt,
+ ptg.updated_at as updatedAt
+ FROM perm_templates_groups ptg
+ INNER JOIN groups g ON g.id=ptg.group_id
+ <where>
+ ptg.group_id=#{groupId,jdbcType=INTEGER}
+ </where>
+ </select>
</mapper>
assertThat(resultWithoutUser).containsOnly(UserRole.ISSUE_ADMIN);
}
+ @Test
+ public void selectAllGroupPermissionTemplatesByGroupId() {
+ PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
+ GroupDto group1 = db.users().insertGroup();
+ GroupDto group2 = db.users().insertGroup();
+ templateDb.addGroupToTemplate(permissionTemplate, group1, "user");
+ templateDb.addGroupToTemplate(permissionTemplate, group1, "admin");
+ templateDb.addGroupToTemplate(permissionTemplate, group2, "user");
+
+ assertThat(db.getDbClient().permissionTemplateDao().selectAllGroupPermissionTemplatesByGroupId(db.getSession(), group1.getId()))
+ .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
+ .containsOnly(tuple(group1.getId(), "user"), tuple(group1.getId(), "admin"));
+ }
+
@Test
public void deleteByOrganization_does_not_fail_on_empty_db() {
underTest.deleteByOrganization(dbSession, "some uuid");
import org.sonar.db.DbSession;
import org.sonar.db.permission.GroupPermissionDto;
import org.sonar.db.permission.OrganizationPermission;
+import org.sonar.db.permission.template.PermissionTemplateGroupDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserGroupDto;
import org.sonar.server.organization.DefaultOrganizationProvider;
.setDescription("All members of the organization")
.setOrganizationUuid(defaultOrganizationUuid);
dbClient.groupDao().insert(dbSession, members);
- copyUserGroupsPermissionsToMembersGroup(dbSession, members);
+ int sonarUsersGroupId = dbClient.organizationDao().getDefaultGroupId(dbSession, defaultOrganizationUuid)
+ .orElseThrow(() -> new IllegalStateException(String.format("Default group doesn't exist on default organization '%s'", defaultOrganizationProvider.get().getKey())));
+ copySonarUsersGroupPermissionsToMembersGroup(dbSession, sonarUsersGroupId, members);
+ copySonarUsersGroupPermissionTemplatesToMembersGroup(dbSession, sonarUsersGroupId, members);
associateMembersOfDefaultOrganizationToGroup(dbSession, members);
dbClient.organizationDao().setDefaultGroupId(dbSession, defaultOrganizationUuid, members);
}
organizationMembers.forEach(member -> dbClient.userGroupDao().insert(dbSession, new UserGroupDto().setGroupId(membersGroup.getId()).setUserId(member)));
}
- private void copyUserGroupsPermissionsToMembersGroup(DbSession dbSession, GroupDto membersGroup) {
+ private void copySonarUsersGroupPermissionsToMembersGroup(DbSession dbSession, int sonarUsersGroupId, GroupDto membersGroup) {
String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid();
- int sonarUsersGroupId = dbClient.organizationDao().getDefaultGroupId(dbSession, defaultOrganizationUuid)
- .orElseThrow(() -> new IllegalStateException(String.format("Default group doesn't exist on default organization '%s'", defaultOrganizationProvider.get().getKey())));
dbClient.groupPermissionDao().selectAllPermissionsByGroupId(dbSession, defaultOrganizationUuid, sonarUsersGroupId,
context -> {
GroupPermissionDto groupPermissionDto = (GroupPermissionDto) context.getResultObject();
});
}
+ private void copySonarUsersGroupPermissionTemplatesToMembersGroup(DbSession dbSession, int sonarUsersGroupId, GroupDto membersGroup) {
+ List<PermissionTemplateGroupDto> sonarUsersPermissionTemplates = dbClient.permissionTemplateDao().selectAllGroupPermissionTemplatesByGroupId(dbSession, sonarUsersGroupId);
+ sonarUsersPermissionTemplates.forEach(permissionTemplateGroup -> dbClient.permissionTemplateDao().insertGroupPermission(dbSession,
+ permissionTemplateGroup.getTemplateId(), membersGroup.getId(), permissionTemplateGroup.getPermission()));
+ }
+
private void enableFeature(DbSession dbSession) {
organizationFlags.enable(dbSession);
}
import org.sonar.db.component.ComponentDto;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.GroupPermissionDto;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.db.permission.template.PermissionTemplateGroupDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.ForbiddenException;
}
@Test
- public void enabling_support_copy_sonar_users_permission_to_members_group() throws Exception {
+ public void enabling_support_copy_sonar_users_permissions_to_members_group() throws Exception {
OrganizationDto defaultOrganization = db.getDefaultOrganization();
UserDto user = db.users().insertUser();
GroupDto sonarUsersGroup = db.users().insertDefaultGroup(defaultOrganization, "sonar-users");
tuple(null, "user"), tuple(project.getId(), "codeviewer"));
}
+ @Test
+ public void enabling_support_copy_sonar_users_permission_templates_to_members_group() throws Exception {
+ OrganizationDto defaultOrganization = db.getDefaultOrganization();
+ UserDto user = db.users().insertUser();
+ GroupDto sonarUsersGroup = db.users().insertDefaultGroup(defaultOrganization, "sonar-users");
+ PermissionTemplateDto permissionTemplate = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());
+ db.permissionTemplates().addGroupToTemplate(permissionTemplate, sonarUsersGroup, "user");
+ db.permissionTemplates().addGroupToTemplate(permissionTemplate, sonarUsersGroup, "admin");
+ // Should be ignored
+ GroupDto otherGroup = db.users().insertGroup();
+ db.permissionTemplates().addGroupToTemplate(permissionTemplate, otherGroup, "user");
+ logInAsSystemAdministrator(user.getLogin());
+
+ call();
+
+ int defaultGroupId = db.getDbClient().organizationDao().getDefaultGroupId(db.getSession(), defaultOrganization.getUuid()).get();
+ assertThat(db.getDbClient().permissionTemplateDao().selectAllGroupPermissionTemplatesByGroupId(db.getSession(), defaultGroupId))
+ .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
+ .containsOnly(tuple(defaultGroupId, "user"), tuple(defaultGroupId, "admin"));
+ }
+
@Test
public void throw_IAE_when_members_group_already_exists() throws Exception {
UserDto user = db.users().insertUser();
call();
}
+
@Test
public void throw_UnauthorizedException_if_not_logged_in() {
userSession.anonymous();