Improve and refactor the ResourcePermissions component

diff --git a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java
index cad94d72a16da568f518e8a021a879571794caac..6e8241b91f4bd70b579cb394975c6a47f2c1f1f5 100644 (file)
--- a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java
+++ b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java
@@ -36,7 +36,7 @@ import org.sonar.plugins.core.filters.MyFavouritesFilter;
 import org.sonar.plugins.core.filters.ProjectFilter;
 import org.sonar.plugins.core.filters.TreeMapFilter;
 import org.sonar.plugins.core.security.ApplyProjectRolesDecorator;
-import org.sonar.plugins.core.security.DefaultResourcePermissioning;
+import org.sonar.plugins.core.security.DefaultResourcePermissions;
 import org.sonar.plugins.core.sensors.*;
 import org.sonar.plugins.core.testdetailsviewer.TestsViewerDefinition;
 import org.sonar.plugins.core.timemachine.*;
@@ -306,7 +306,7 @@ public final class CorePlugin extends SonarPlugin {
       ItLineCoverageDecorator.class,
       ItCoverageDecorator.class,
       ItBranchCoverageDecorator.class,
-      DefaultResourcePermissioning.class,
+      DefaultResourcePermissions.class,
       ApplyProjectRolesDecorator.class,
       ExcludedResourceFilter.class,
       CommentDensityDecorator.class,

diff --git a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java
index 332014b1bd00e9e1356a4d00736e13a05c7ba94c..fc5e21bc95f2a324b565454226e1bbb46cbed093 100644 (file)
--- a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java
+++ b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java
@@ -26,17 +26,17 @@ import org.sonar.api.batch.DecoratorContext;
 import org.sonar.api.resources.Project;
 import org.sonar.api.resources.Qualifiers;
 import org.sonar.api.resources.Resource;
-import org.sonar.api.security.ResourcePermissioning;
+import org.sonar.api.security.ResourcePermissions;
 
 import java.util.Set;
 
 public class ApplyProjectRolesDecorator implements Decorator {
 
-  private final ResourcePermissioning resourcePermissioning;
+  private final ResourcePermissions resourcePermissions;
   private final Set<String> QUALIFIERS = ImmutableSet.of(Qualifiers.PROJECT, Qualifiers.VIEW, Qualifiers.SUBVIEW);
 
-  public ApplyProjectRolesDecorator(ResourcePermissioning resourcePermissioning) {
-    this.resourcePermissioning = resourcePermissioning;
+  public ApplyProjectRolesDecorator(ResourcePermissions resourcePermissions) {
+    this.resourcePermissions = resourcePermissions;
   }
 
   public boolean shouldExecuteOnProject(Project project) {
@@ -46,12 +46,12 @@ public class ApplyProjectRolesDecorator implements Decorator {
   public void decorate(Resource resource, DecoratorContext context) {
     if (shouldDecorateResource(resource)) {
       LoggerFactory.getLogger(ApplyProjectRolesDecorator.class).info("Grant default permissions to {}", resource.getKey());
-      resourcePermissioning.grantDefaultRoles(resource);
+      resourcePermissions.grantDefaultRoles(resource);
     }
   }
 
   private boolean shouldDecorateResource(Resource resource) {
-    return resource.getId() != null && QUALIFIERS.contains(resource.getQualifier()) && !resourcePermissioning.hasRoles(resource);
+    return resource.getId() != null && QUALIFIERS.contains(resource.getQualifier()) && !resourcePermissions.hasRoles(resource);
   }
 
 }

diff --git a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissioning.java b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissioning.java
deleted file mode 100644 (file)
index dbb0313..0000000
--- a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissioning.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Sonar, open source software quality management tool.
- * Copyright (C) 2008-2012 SonarSource
- * mailto:contact AT sonarsource DOT com
- *
- * Sonar is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * Sonar is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with Sonar; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
- */
-package org.sonar.plugins.core.security;
-
-import org.apache.ibatis.session.SqlSession;
-import org.sonar.api.BatchExtension;
-import org.sonar.api.config.Settings;
-import org.sonar.api.resources.Resource;
-import org.sonar.api.security.DefaultGroups;
-import org.sonar.api.security.ResourcePermissioning;
-import org.sonar.api.web.UserRole;
-import org.sonar.core.persistence.MyBatis;
-import org.sonar.core.user.*;
-
-/**
- * @since 3.2
- */
-public class DefaultResourcePermissioning implements ResourcePermissioning, BatchExtension {
-
-  private final Settings settings;
-  private final MyBatis myBatis;
-
-  public DefaultResourcePermissioning(Settings settings, MyBatis myBatis) {
-    this.settings = settings;
-    this.myBatis = myBatis;
-  }
-
-  public boolean hasRoles(Resource resource) {
-    if (resource.getId() != null) {
-      SqlSession session = myBatis.openSession();
-      try {
-        RoleMapper roleMapper = session.getMapper(RoleMapper.class);
-        Long resourceId = Long.valueOf(resource.getId());
-        return roleMapper.countGroupRoles(resourceId) + roleMapper.countUserRoles(resourceId) > 0;
-
-      } finally {
-        MyBatis.closeQuietly(session);
-      }
-    }
-    return false;
-  }
-
-  public void grantUserRole(Resource resource, String login, String role) {
-    if (resource.getId() != null) {
-      SqlSession session = myBatis.openSession();
-      try {
-        UserDto user = session.getMapper(UserMapper.class).selectUserByLogin(login);
-        if (user != null) {
-          UserRoleDto userRole = new UserRoleDto()
-            .setRole(role)
-            .setUserId(user.getId())
-              .setResourceId(Long.valueOf(resource.getId()));
-          session.getMapper(RoleMapper.class).insertUserRole(userRole);
-          session.commit();
-        }
-      } finally {
-        MyBatis.closeQuietly(session);
-      }
-    }
-  }
-
-  public void grantGroupRole(Resource resource, String groupName, String role) {
-    if (resource.getId() != null) {
-      SqlSession session = myBatis.openSession();
-      try {
-        GroupRoleDto groupRole = new GroupRoleDto()
-          .setRole(role)
-            .setResourceId(Long.valueOf(resource.getId()));
-        if (DefaultGroups.isAnyone(groupName)) {
-          session.getMapper(RoleMapper.class).insertGroupRole(groupRole);
-          session.commit();
-        } else {
-          GroupDto group = session.getMapper(UserMapper.class).selectGroupByName(groupName);
-          if (group != null) {
-            session.getMapper(RoleMapper.class).insertGroupRole(groupRole.setGroupId(group.getId()));
-            session.commit();
-          }
-        }
-      } finally {
-        MyBatis.closeQuietly(session);
-      }
-    }
-  }
-
-  public void grantDefaultRoles(Resource resource) {
-    if (resource.getId() != null) {
-      SqlSession session = myBatis.openSession();
-      try {
-        removeRoles(resource, session);
-        grantDefaultRoles(resource, UserRole.ADMIN, session);
-        grantDefaultRoles(resource, UserRole.USER, session);
-        grantDefaultRoles(resource, UserRole.CODEVIEWER, session);
-        session.commit();
-      } finally {
-        MyBatis.closeQuietly(session);
-      }
-    }
-  }
-
-  private void removeRoles(Resource resource, SqlSession session) {
-    Long resourceId = Long.valueOf(resource.getId());
-    RoleMapper mapper = session.getMapper(RoleMapper.class);
-    mapper.deleteGroupRolesByResourceId(resourceId);
-    mapper.deleteUserRolesByResourceId(resourceId);
-  }
-
-  private void grantDefaultRoles(Resource resource, String role, SqlSession session) {
-    UserMapper userMapper = session.getMapper(UserMapper.class);
-    RoleMapper roleMapper = session.getMapper(RoleMapper.class);
-
-    String[] groupNames = settings.getStringArrayBySeparator("sonar.role." + role + "." + resource.getQualifier() + ".defaultGroups", ",");
-    for (String groupName : groupNames) {
-      GroupRoleDto groupRole = new GroupRoleDto().setRole(role).setResourceId(Long.valueOf(resource.getId()));
-      if (DefaultGroups.isAnyone(groupName)) {
-        roleMapper.insertGroupRole(groupRole);
-      } else {
-        GroupDto group = userMapper.selectGroupByName(groupName);
-        if (group != null) {
-          roleMapper.insertGroupRole(groupRole.setGroupId(group.getId()));
-        }
-      }
-    }
-
-    String[] logins = settings.getStringArrayBySeparator("sonar.role." + role + "." + resource.getQualifier() + ".defaultUsers", ",");
-    for (String login : logins) {
-      UserDto user = userMapper.selectUserByLogin(login);
-      if (user != null) {
-        roleMapper.insertUserRole(new UserRoleDto().setRole(role).setUserId(user.getId()).setResourceId(Long.valueOf(resource.getId())));
-      }
-    }
-  }
-}

diff --git a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissions.java b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissions.java
new file mode 100644 (file)
index 0000000..67069da
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissions.java
@@ -0,0 +1,155 @@
+/*
+ * Sonar, open source software quality management tool.
+ * Copyright (C) 2008-2012 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * Sonar is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * Sonar is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with Sonar; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
+ */
+package org.sonar.plugins.core.security;
+
+import org.apache.ibatis.session.SqlSession;
+import org.sonar.api.BatchExtension;
+import org.sonar.api.config.Settings;
+import org.sonar.api.resources.Resource;
+import org.sonar.api.security.DefaultGroups;
+import org.sonar.api.security.ResourcePermissions;
+import org.sonar.api.web.UserRole;
+import org.sonar.core.persistence.MyBatis;
+import org.sonar.core.user.*;
+
+/**
+ * @since 3.2
+ */
+public class DefaultResourcePermissions implements ResourcePermissions, BatchExtension {
+
+  private final Settings settings;
+  private final MyBatis myBatis;
+
+  public DefaultResourcePermissions(Settings settings, MyBatis myBatis) {
+    this.settings = settings;
+    this.myBatis = myBatis;
+  }
+
+  public boolean hasRoles(Resource resource) {
+    if (resource.getId() != null) {
+      SqlSession session = myBatis.openSession();
+      try {
+        RoleMapper roleMapper = session.getMapper(RoleMapper.class);
+        Long resourceId = Long.valueOf(resource.getId());
+        return roleMapper.countGroupRoles(resourceId) + roleMapper.countUserRoles(resourceId) > 0;
+
+      } finally {
+        MyBatis.closeQuietly(session);
+      }
+    }
+    return false;
+  }
+
+  public void grantUserRole(Resource resource, String login, String role) {
+    if (resource.getId() != null) {
+      SqlSession session = myBatis.openSession();
+      try {
+        UserDto user = session.getMapper(UserMapper.class).selectUserByLogin(login);
+        if (user != null) {
+          UserRoleDto userRole = new UserRoleDto()
+            .setRole(role)
+            .setUserId(user.getId())
+            .setResourceId(Long.valueOf(resource.getId()));
+          RoleMapper roleMapper = session.getMapper(RoleMapper.class);
+          roleMapper.deleteUserRole(userRole);
+          roleMapper.insertUserRole(userRole);
+          session.commit();
+        }
+      } finally {
+        MyBatis.closeQuietly(session);
+      }
+    }
+  }
+
+  public void grantGroupRole(Resource resource, String groupName, String role) {
+    if (resource.getId() != null) {
+      SqlSession session = myBatis.openSession();
+      try {
+        GroupRoleDto groupRole = new GroupRoleDto()
+          .setRole(role)
+          .setResourceId(Long.valueOf(resource.getId()));
+        RoleMapper roleMapper = session.getMapper(RoleMapper.class);
+        if (DefaultGroups.isAnyone(groupName)) {
+          roleMapper.deleteGroupRole(groupRole);
+          roleMapper.insertGroupRole(groupRole);
+          session.commit();
+        } else {
+          GroupDto group = session.getMapper(UserMapper.class).selectGroupByName(groupName);
+          if (group != null) {
+            groupRole.setGroupId(group.getId());
+            roleMapper.deleteGroupRole(groupRole);
+            roleMapper.insertGroupRole(groupRole);
+            session.commit();
+          }
+        }
+      } finally {
+        MyBatis.closeQuietly(session);
+      }
+    }
+  }
+
+  public void grantDefaultRoles(Resource resource) {
+    if (resource.getId() != null) {
+      SqlSession session = myBatis.openSession();
+      try {
+        removeRoles(resource, session);
+        grantDefaultRoles(resource, UserRole.ADMIN, session);
+        grantDefaultRoles(resource, UserRole.USER, session);
+        grantDefaultRoles(resource, UserRole.CODEVIEWER, session);
+        session.commit();
+      } finally {
+        MyBatis.closeQuietly(session);
+      }
+    }
+  }
+
+  private void removeRoles(Resource resource, SqlSession session) {
+    Long resourceId = Long.valueOf(resource.getId());
+    RoleMapper mapper = session.getMapper(RoleMapper.class);
+    mapper.deleteGroupRolesByResourceId(resourceId);
+    mapper.deleteUserRolesByResourceId(resourceId);
+  }
+
+  private void grantDefaultRoles(Resource resource, String role, SqlSession session) {
+    UserMapper userMapper = session.getMapper(UserMapper.class);
+    RoleMapper roleMapper = session.getMapper(RoleMapper.class);
+
+    String[] groupNames = settings.getStringArrayBySeparator("sonar.role." + role + "." + resource.getQualifier() + ".defaultGroups", ",");
+    for (String groupName : groupNames) {
+      GroupRoleDto groupRole = new GroupRoleDto().setRole(role).setResourceId(Long.valueOf(resource.getId()));
+      if (DefaultGroups.isAnyone(groupName)) {
+        roleMapper.insertGroupRole(groupRole);
+      } else {
+        GroupDto group = userMapper.selectGroupByName(groupName);
+        if (group != null) {
+          roleMapper.insertGroupRole(groupRole.setGroupId(group.getId()));
+        }
+      }
+    }
+
+    String[] logins = settings.getStringArrayBySeparator("sonar.role." + role + "." + resource.getQualifier() + ".defaultUsers", ",");
+    for (String login : logins) {
+      UserDto user = userMapper.selectUserByLogin(login);
+      if (user != null) {
+        roleMapper.insertUserRole(new UserRoleDto().setRole(role).setUserId(user.getId()).setResourceId(Long.valueOf(resource.getId())));
+      }
+    }
+  }
+}

diff --git a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java
index beccb6585cfcaca00080dd78631525cd1725cafa..fae6c26ce5dcf741dd0efef4efc6a2ab124f594a 100644 (file)
--- a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java
+++ b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java
@@ -22,20 +22,20 @@ package org.sonar.plugins.core.security;
 import org.junit.Before;
 import org.junit.Test;
 import org.sonar.api.resources.Project;
-import org.sonar.api.security.ResourcePermissioning;
+import org.sonar.api.security.ResourcePermissions;
 
 import static org.fest.assertions.Assertions.assertThat;
 import static org.mockito.Mockito.*;
 
 public class ApplyProjectRolesDecoratorTest {
 
-  private ResourcePermissioning resourcePermissioning;
+  private ResourcePermissions resourcePermissions;
   private ApplyProjectRolesDecorator decorator;
 
   @Before
   public void init() {
-    resourcePermissioning = mock(ResourcePermissioning.class);
-    decorator = new ApplyProjectRolesDecorator(resourcePermissioning);
+    resourcePermissions = mock(ResourcePermissions.class);
+    decorator = new ApplyProjectRolesDecorator(resourcePermissions);
   }
 
   @Test
@@ -47,11 +47,11 @@ public class ApplyProjectRolesDecoratorTest {
   public void doNotGrantDefaultRolesWhenExistingPermissions() {
     Project project = new Project("project");
     project.setId(10);
-    when(resourcePermissioning.hasRoles(project)).thenReturn(true);
+    when(resourcePermissions.hasRoles(project)).thenReturn(true);
 
     decorator.decorate(project, null);
 
-    verify(resourcePermissioning, never()).grantDefaultRoles(project);
+    verify(resourcePermissions, never()).grantDefaultRoles(project);
   }
 
   @Test
@@ -59,22 +59,22 @@ public class ApplyProjectRolesDecoratorTest {
     Project project = new Project("project");
     Project module = new Project("module").setParent(project);
     module.setId(10);
-    when(resourcePermissioning.hasRoles(project)).thenReturn(false);
+    when(resourcePermissions.hasRoles(project)).thenReturn(false);
 
     decorator.decorate(module, null);
 
-    verify(resourcePermissioning, never()).grantDefaultRoles(module);
+    verify(resourcePermissions, never()).grantDefaultRoles(module);
   }
 
   @Test
   public void grantDefaultRolesWhenNoPermissions() {
     Project project = new Project("project");
     project.setId(10);
-    when(resourcePermissioning.hasRoles(project)).thenReturn(false);
+    when(resourcePermissions.hasRoles(project)).thenReturn(false);
 
     decorator.decorate(project, null);
 
-    verify(resourcePermissioning).grantDefaultRoles(project);
+    verify(resourcePermissions).grantDefaultRoles(project);
   }
 
 }

diff --git a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissioningTest.java b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissioningTest.java
deleted file mode 100644 (file)
index 50afeaa..0000000
--- a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissioningTest.java
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * Sonar, open source software quality management tool.
- * Copyright (C) 2008-2012 SonarSource
- * mailto:contact AT sonarsource DOT com
- *
- * Sonar is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * Sonar is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with Sonar; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
- */
-package org.sonar.plugins.core.security;
-
-import org.junit.Test;
-import org.sonar.api.config.Settings;
-import org.sonar.api.resources.Project;
-import org.sonar.api.resources.Resource;
-import org.sonar.api.security.DefaultGroups;
-import org.sonar.core.persistence.AbstractDaoTestCase;
-
-import static org.fest.assertions.Assertions.assertThat;
-
-public class DefaultResourcePermissioningTest extends AbstractDaoTestCase {
-
-  private Resource project = new Project("project").setId(123);
-
-  @Test
-  public void grantGroupRole() {
-    setupData("grantGroupRole");
-
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis());
-    permissioning.grantGroupRole(project, "sonar-administrators", "admin");
-
-    checkTables("grantGroupRole", "group_roles");
-  }
-
-  @Test
-  public void grantGroupRole_anyone() {
-    setupData("grantGroupRole_anyone");
-
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis());
-    permissioning.grantGroupRole(project, DefaultGroups.ANYONE, "admin");
-
-    checkTables("grantGroupRole_anyone", "group_roles");
-  }
-
-  @Test
-  public void grantGroupRole_ignore_if_group_not_found() {
-    setupData("grantGroupRole_ignore_if_group_not_found");
-
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis());
-    permissioning.grantGroupRole(project, "not_found", "admin");
-
-    checkTables("grantGroupRole_ignore_if_group_not_found", "group_roles");
-  }
-
-  @Test
-  public void grantGroupRole_ignore_if_not_persisted() {
-    setupData("grantGroupRole_ignore_if_not_persisted");
-
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis());
-    Project resourceWithoutId = new Project("");
-    permissioning.grantGroupRole(resourceWithoutId, "sonar-users", "admin");
-
-    checkTables("grantGroupRole_ignore_if_not_persisted", "group_roles");
-  }
-
-  @Test
-  public void grantDefaultRoles() {
-    setupData("grantDefaultRoles");
-
-    Settings settings = new Settings();
-    settings.setProperty("sonar.role.admin.TRK.defaultGroups", "sonar-administrators");
-    settings.setProperty("sonar.role.admin.TRK.defaultUsers", "");
-    settings.setProperty("sonar.role.user.TRK.defaultGroups", "Anyone,sonar-users");
-    settings.setProperty("sonar.role.user.TRK.defaultUsers", "");
-    settings.setProperty("sonar.role.codeviewer.TRK.defaultGroups", "Anyone,sonar-users");
-    settings.setProperty("sonar.role.codeviewer.TRK.defaultUsers", "");
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(settings, getMyBatis());
-
-    permissioning.grantDefaultRoles(project);
-
-    checkTables("grantDefaultRoles", "user_roles", "group_roles");
-  }
-
-  @Test
-  public void grantDefaultRoles_unknown_group() {
-    setupData("grantDefaultRoles_unknown_group");
-
-    Settings settings = new Settings();
-    settings.setProperty("sonar.role.admin.TRK.defaultGroups", "sonar-administrators,unknown");
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(settings, getMyBatis());
-    permissioning.grantDefaultRoles(project);
-
-    checkTables("grantDefaultRoles_unknown_group", "group_roles");
-  }
-
-  @Test
-  public void grantDefaultRoles_users() {
-    setupData("grantDefaultRoles_users");
-
-    Settings settings = new Settings();
-    settings.setProperty("sonar.role.admin.TRK.defaultUsers", "marius,disabled,notfound");
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(settings, getMyBatis());
-    permissioning.grantDefaultRoles(project);
-
-    checkTables("grantDefaultRoles_users", "user_roles");
-  }
-
-  @Test
-  public void hasRoles() {
-    setupData("hasRoles");
-    DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis());
-
-    // no groups and at least one user
-    assertThat(permissioning.hasRoles(new Project("only_users").setId(1))).isTrue();
-
-    // no users and at least one group
-    assertThat(permissioning.hasRoles(new Project("only_groups").setId(2))).isTrue();
-
-    // groups and users
-    assertThat(permissioning.hasRoles(new Project("groups_and_users").setId(3))).isTrue();
-
-    // no groups, no users
-    assertThat(permissioning.hasRoles(new Project("no_groups_no_users").setId(4))).isFalse();
-
-    // does not exist
-    assertThat(permissioning.hasRoles(new Project("not_found"))).isFalse();
-  }
-}
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissionsTest.java b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissionsTest.java
new file mode 100644 (file)
index 0000000..319c9b1
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissionsTest.java
@@ -0,0 +1,154 @@
+/*
+ * Sonar, open source software quality management tool.
+ * Copyright (C) 2008-2012 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * Sonar is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * Sonar is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with Sonar; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
+ */
+package org.sonar.plugins.core.security;
+
+import org.junit.Test;
+import org.sonar.api.config.Settings;
+import org.sonar.api.resources.Project;
+import org.sonar.api.resources.Resource;
+import org.sonar.api.security.DefaultGroups;
+import org.sonar.core.persistence.AbstractDaoTestCase;
+
+import static org.fest.assertions.Assertions.assertThat;
+
+public class DefaultResourcePermissionsTest extends AbstractDaoTestCase {
+
+  private Resource project = new Project("project").setId(123);
+
+  @Test
+  public void grantGroupRole() {
+    setupData("grantGroupRole");
+
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis());
+    permissions.grantGroupRole(project, "sonar-administrators", "admin");
+
+    // do not insert duplicated rows
+    permissions.grantGroupRole(project, "sonar-administrators", "admin");
+
+    checkColumns("grantGroupRole", "group_roles", "group_id", "resource_id", "role");
+  }
+
+  @Test
+  public void grantGroupRole_anyone() {
+    setupData("grantGroupRole_anyone");
+
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis());
+    permissions.grantGroupRole(project, DefaultGroups.ANYONE, "admin");
+
+    checkTables("grantGroupRole_anyone", "group_roles");
+  }
+
+  @Test
+  public void grantGroupRole_ignore_if_group_not_found() {
+    setupData("grantGroupRole_ignore_if_group_not_found");
+
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis());
+    permissions.grantGroupRole(project, "not_found", "admin");
+
+    checkTables("grantGroupRole_ignore_if_group_not_found", "group_roles");
+  }
+
+  @Test
+  public void grantGroupRole_ignore_if_not_persisted() {
+    setupData("grantGroupRole_ignore_if_not_persisted");
+
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis());
+    Project resourceWithoutId = new Project("");
+    permissions.grantGroupRole(resourceWithoutId, "sonar-users", "admin");
+
+    checkTables("grantGroupRole_ignore_if_not_persisted", "group_roles");
+  }
+
+  @Test
+  public void grantUserRole() {
+    setupData("grantUserRole");
+
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis());
+    permissions.grantUserRole(project, "marius", "admin");
+
+    // do not insert duplicated rows
+    permissions.grantUserRole(project, "marius", "admin");
+
+    checkColumns("grantUserRole", "user_roles", "user_id", "resource_id", "role");
+  }
+
+  @Test
+  public void grantDefaultRoles() {
+    setupData("grantDefaultRoles");
+
+    Settings settings = new Settings();
+    settings.setProperty("sonar.role.admin.TRK.defaultGroups", "sonar-administrators");
+    settings.setProperty("sonar.role.admin.TRK.defaultUsers", "");
+    settings.setProperty("sonar.role.user.TRK.defaultGroups", "Anyone,sonar-users");
+    settings.setProperty("sonar.role.user.TRK.defaultUsers", "");
+    settings.setProperty("sonar.role.codeviewer.TRK.defaultGroups", "Anyone,sonar-users");
+    settings.setProperty("sonar.role.codeviewer.TRK.defaultUsers", "");
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(settings, getMyBatis());
+
+    permissions.grantDefaultRoles(project);
+
+    checkTables("grantDefaultRoles", "user_roles", "group_roles");
+  }
+
+  @Test
+  public void grantDefaultRoles_unknown_group() {
+    setupData("grantDefaultRoles_unknown_group");
+
+    Settings settings = new Settings();
+    settings.setProperty("sonar.role.admin.TRK.defaultGroups", "sonar-administrators,unknown");
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(settings, getMyBatis());
+    permissions.grantDefaultRoles(project);
+
+    checkTables("grantDefaultRoles_unknown_group", "group_roles");
+  }
+
+  @Test
+  public void grantDefaultRoles_users() {
+    setupData("grantDefaultRoles_users");
+
+    Settings settings = new Settings();
+    settings.setProperty("sonar.role.admin.TRK.defaultUsers", "marius,disabled,notfound");
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(settings, getMyBatis());
+    permissions.grantDefaultRoles(project);
+
+    checkTables("grantDefaultRoles_users", "user_roles");
+  }
+
+  @Test
+  public void hasRoles() {
+    setupData("hasRoles");
+    DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis());
+
+    // no groups and at least one user
+    assertThat(permissions.hasRoles(new Project("only_users").setId(1))).isTrue();
+
+    // no users and at least one group
+    assertThat(permissions.hasRoles(new Project("only_groups").setId(2))).isTrue();
+
+    // groups and users
+    assertThat(permissions.hasRoles(new Project("groups_and_users").setId(3))).isTrue();
+
+    // no groups, no users
+    assertThat(permissions.hasRoles(new Project("no_groups_no_users").setId(4))).isFalse();
+
+    // does not exist
+    assertThat(permissions.hasRoles(new Project("not_found"))).isFalse();
+  }
+}
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles-result.xml
deleted file mode 100644 (file)
index f4154d1..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles-result.xml
+++ /dev/null
@@ -1,20 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators"/>
-  <groups id="101" name="sonar-users"/>
-  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
-
-  <!-- on other resources -->
-  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
-  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
-  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
-
-  <!--
-  new rows : sonar-administrators (admin), sonar-users (user & codeviewer), Anyone (user & codeviewer),
-   -->
-  <group_roles id="3" group_id="100" resource_id="123" role="admin"/>
-  <group_roles id="4" group_id="[null]" resource_id="123" role="user"/>
-  <group_roles id="5" group_id="101" resource_id="123" role="user"/>
-  <group_roles id="6" group_id="[null]" resource_id="123" role="codeviewer"/>
-  <group_roles id="7" group_id="101" resource_id="123" role="codeviewer"/>
-
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles.xml
deleted file mode 100644 (file)
index 21a4dda..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-  <users id="200" login="marius" name="Marius" email="[null]" active="[true]" />
-
-  <!-- on other resources -->
-  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
-  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
-  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group-result.xml
deleted file mode 100644 (file)
index ef56a12..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group-result.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators"/>
-  <groups id="101" name="sonar-users"/>
-  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
-
-  <!-- on other resources -->
-  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
-  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
-  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
-
-  <!--
-  new rows : sonar-administrators (admin)
-   -->
-  <group_roles id="3" group_id="100" resource_id="123" role="admin"/>
-
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group.xml
deleted file mode 100644 (file)
index 21a4dda..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-  <users id="200" login="marius" name="Marius" email="[null]" active="[true]" />
-
-  <!-- on other resources -->
-  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
-  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
-  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users-result.xml
deleted file mode 100644 (file)
index caff65f..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users-result.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators"/>
-  <groups id="101" name="sonar-users"/>
-  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
-  <users id="201" login="disabled" name="Disabled" email="[null]" active="[false]"/>
-
-  <!-- on other resources -->
-  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
-  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
-  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
-
-  <!--
- new row : marius (admin)
-  -->
-  <user_roles id="2" user_id="200" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users.xml
deleted file mode 100644 (file)
index 7c5f6c5..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-  <users id="200" login="marius" name="Marius" email="[null]" active="[true]" />
-  <users id="201" login="disabled" name="Disabled" email="[null]" active="[false]" />
-
-  <!-- on other resources -->
-  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
-  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
-  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole-result.xml
deleted file mode 100644 (file)
index db7b211..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole-result.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators"/>
-  <groups id="101" name="sonar-users"/>
-
-  <group_roles id="1" group_id="100" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole.xml
deleted file mode 100644 (file)
index 6a4d9c9..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone-result.xml
deleted file mode 100644 (file)
index 4b48bf9..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone-result.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-
-  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone.xml
deleted file mode 100644 (file)
index 6a4d9c9..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found-result.xml
deleted file mode 100644 (file)
index 78695dd..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found-result.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-
-  <!-- already existed -->
-  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found.xml
deleted file mode 100644 (file)
index 78695dd..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-
-  <!-- already existed -->
-  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted-result.xml
deleted file mode 100644 (file)
index 78695dd..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted-result.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-
-  <!-- already existed -->
-  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted.xml
deleted file mode 100644 (file)
index 78695dd..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators" />
-  <groups id="101" name="sonar-users" />
-
-  <!-- already existed -->
-  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/hasRoles.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/hasRoles.xml
deleted file mode 100644 (file)
index 3d5f9a5..0000000
--- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/hasRoles.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<dataset>
-  <groups id="100" name="sonar-administrators"/>
-  <groups id="101" name="sonar-users"/>
-  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
-
-  <!-- only_users -->
-  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
-
-  <!-- only_groups -->
-  <group_roles id="1" group_id="100" resource_id="2" role="admin"/>
-
-  <!-- groups_and_users -->
-  <group_roles id="2" group_id="101" resource_id="3" role="user"/>
-  <user_roles id="2" user_id="200" resource_id="3" role="admin"/>
-
-</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles-result.xml
new file mode 100644 (file)
index 0000000..f4154d1
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles-result.xml
@@ -0,0 +1,20 @@
+<dataset>
+  <groups id="100" name="sonar-administrators"/>
+  <groups id="101" name="sonar-users"/>
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
+
+  <!-- on other resources -->
+  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
+  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
+  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
+
+  <!--
+  new rows : sonar-administrators (admin), sonar-users (user & codeviewer), Anyone (user & codeviewer),
+   -->
+  <group_roles id="3" group_id="100" resource_id="123" role="admin"/>
+  <group_roles id="4" group_id="[null]" resource_id="123" role="user"/>
+  <group_roles id="5" group_id="101" resource_id="123" role="user"/>
+  <group_roles id="6" group_id="[null]" resource_id="123" role="codeviewer"/>
+  <group_roles id="7" group_id="101" resource_id="123" role="codeviewer"/>
+
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles.xml
new file mode 100644 (file)
index 0000000..21a4dda
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles.xml
@@ -0,0 +1,10 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]" />
+
+  <!-- on other resources -->
+  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
+  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
+  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group-result.xml
new file mode 100644 (file)
index 0000000..ef56a12
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group-result.xml
@@ -0,0 +1,16 @@
+<dataset>
+  <groups id="100" name="sonar-administrators"/>
+  <groups id="101" name="sonar-users"/>
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
+
+  <!-- on other resources -->
+  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
+  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
+  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
+
+  <!--
+  new rows : sonar-administrators (admin)
+   -->
+  <group_roles id="3" group_id="100" resource_id="123" role="admin"/>
+
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group.xml
new file mode 100644 (file)
index 0000000..21a4dda
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group.xml
@@ -0,0 +1,10 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]" />
+
+  <!-- on other resources -->
+  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
+  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
+  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users-result.xml
new file mode 100644 (file)
index 0000000..caff65f
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users-result.xml
@@ -0,0 +1,16 @@
+<dataset>
+  <groups id="100" name="sonar-administrators"/>
+  <groups id="101" name="sonar-users"/>
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
+  <users id="201" login="disabled" name="Disabled" email="[null]" active="[false]"/>
+
+  <!-- on other resources -->
+  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
+  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
+  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
+
+  <!--
+ new row : marius (admin)
+  -->
+  <user_roles id="2" user_id="200" resource_id="123" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users.xml
new file mode 100644 (file)
index 0000000..7c5f6c5
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users.xml
@@ -0,0 +1,11 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]" />
+  <users id="201" login="disabled" name="Disabled" email="[null]" active="[false]" />
+
+  <!-- on other resources -->
+  <group_roles id="1" group_id="100" resource_id="1" role="admin"/>
+  <group_roles id="2" group_id="101" resource_id="1" role="user"/>
+  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole-result.xml
new file mode 100644 (file)
index 0000000..9d3ae47
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole-result.xml
@@ -0,0 +1,6 @@
+<dataset>
+  <groups id="100" name="sonar-administrators"/>
+  <groups id="101" name="sonar-users"/>
+
+  <group_roles group_id="100" resource_id="123" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole.xml
new file mode 100644 (file)
index 0000000..6a4d9c9
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole.xml
@@ -0,0 +1,4 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone-result.xml
new file mode 100644 (file)
index 0000000..4b48bf9
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone-result.xml
@@ -0,0 +1,6 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+
+  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone.xml
new file mode 100644 (file)
index 0000000..6a4d9c9
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone.xml
@@ -0,0 +1,4 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found-result.xml
new file mode 100644 (file)
index 0000000..78695dd
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found-result.xml
@@ -0,0 +1,7 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+
+  <!-- already existed -->
+  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found.xml
new file mode 100644 (file)
index 0000000..78695dd
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found.xml
@@ -0,0 +1,7 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+
+  <!-- already existed -->
+  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted-result.xml
new file mode 100644 (file)
index 0000000..78695dd
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted-result.xml
@@ -0,0 +1,7 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+
+  <!-- already existed -->
+  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted.xml
new file mode 100644 (file)
index 0000000..78695dd
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted.xml
@@ -0,0 +1,7 @@
+<dataset>
+  <groups id="100" name="sonar-administrators" />
+  <groups id="101" name="sonar-users" />
+
+  <!-- already existed -->
+  <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole-result.xml
new file mode 100644 (file)
index 0000000..7f154cd
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole-result.xml
@@ -0,0 +1,6 @@
+<dataset>
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
+
+  <user_roles user_id="200" resource_id="123" role="admin"/>
+
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole.xml
new file mode 100644 (file)
index 0000000..d513321
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole.xml
@@ -0,0 +1,3 @@
+<dataset>
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]" />
+</dataset>
\ No newline at end of file

diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/hasRoles.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/hasRoles.xml
new file mode 100644 (file)
index 0000000..3d5f9a5
--- /dev/null
+++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/hasRoles.xml
@@ -0,0 +1,16 @@
+<dataset>
+  <groups id="100" name="sonar-administrators"/>
+  <groups id="101" name="sonar-users"/>
+  <users id="200" login="marius" name="Marius" email="[null]" active="[true]"/>
+
+  <!-- only_users -->
+  <user_roles id="1" user_id="200" resource_id="1" role="admin"/>
+
+  <!-- only_groups -->
+  <group_roles id="1" group_id="100" resource_id="2" role="admin"/>
+
+  <!-- groups_and_users -->
+  <group_roles id="2" group_id="101" resource_id="3" role="user"/>
+  <user_roles id="2" user_id="200" resource_id="3" role="admin"/>
+
+</dataset>
\ No newline at end of file

diff --git a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
index 79e83c766be9a5f643735314735c07afce1969c5..9b7abc5a9bc449b3f4c1fe876f00b2453c734347 100644 (file)
--- a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
@@ -28,6 +28,10 @@ public interface RoleMapper {
 
   void insertUserRole(UserRoleDto userRole);
 
+  void deleteUserRole(UserRoleDto userRole);
+
+  void deleteGroupRole(GroupRoleDto groupRole);
+
   void deleteGroupRolesByResourceId(Long resourceId);
 
   void deleteUserRolesByResourceId(Long resourceId);

diff --git a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
index 720a7690d4e9b73feeb83b209bfac6115c1fa72b..bbef4611eedc835f9a76f4ca75d62e7cfa7473e9 100644 (file)
--- a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
+++ b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
@@ -31,6 +31,22 @@
     VALUES (#{id}, #{userId}, #{resourceId}, #{role})
   </insert>
 
+  <delete id="deleteGroupRole" parameterType="map">
+    delete from group_roles where resource_id=#{resourceId} and role=#{role}
+    <choose>
+      <when test="groupId != null">
+        and group_id=#{groupId}
+      </when>
+      <otherwise>
+        and group_id is null
+      </otherwise>
+    </choose>
+  </delete>
+
+  <delete id="deleteUserRole" parameterType="map">
+    delete from user_roles where resource_id=#{resourceId} and user_id=#{userId} and role=#{role}
+  </delete>
+
   <delete id="deleteGroupRolesByResourceId" parameterType="long">
     delete from group_roles where resource_id=#{id}
   </delete>

diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissioning.java b/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissioning.java
deleted file mode 100644 (file)
index 270dd52..0000000
--- a/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissioning.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Sonar, open source software quality management tool.
- * Copyright (C) 2008-2012 SonarSource
- * mailto:contact AT sonarsource DOT com
- *
- * Sonar is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * Sonar is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with Sonar; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
- */
-package org.sonar.api.security;
-
-import org.sonar.api.BatchComponent;
-import org.sonar.api.resources.Resource;
-
-/**
- * Grant access to newly created projects.
- *
- * <p>This component is not supposed to be called by standard plugins.</p>
- *
- * @since 3.2
- */
-public interface ResourcePermissioning extends BatchComponent {
-
-  boolean hasRoles(Resource resource);
-
-  void grantDefaultRoles(Resource resource);
-
-  void grantUserRole(Resource resource, String login, String role);
-
-  void grantGroupRole(Resource resource, String groupName, String role);
-}

diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java b/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java
new file mode 100644 (file)
index 0000000..e63d963
--- /dev/null
+++ b/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java
@@ -0,0 +1,41 @@
+/*
+ * Sonar, open source software quality management tool.
+ * Copyright (C) 2008-2012 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * Sonar is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * Sonar is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with Sonar; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
+ */
+package org.sonar.api.security;
+
+import org.sonar.api.BatchComponent;
+import org.sonar.api.resources.Resource;
+
+/**
+ * Grant access to newly created projects.
+ *
+ * <p>This component is not supposed to be called by standard plugins.</p>
+ *
+ * @since 3.2
+ */
+public interface ResourcePermissions extends BatchComponent {
+
+  boolean hasRoles(Resource resource);
+
+  void grantDefaultRoles(Resource resource);
+
+  void grantUserRole(Resource resource, String login, String role);
+
+  void grantGroupRole(Resource resource, String groupName, String role);
+}