}
/**
- * Gets all the global permissions granted to user for the specified organization.
+ * Gets all the global permissions granted to user
*
- * @return the global permissions. An empty list is returned if user or organization do not exist.
+ * @return the global permissions. An empty list is returned if user do not exist.
*/
public List<String> selectGlobalPermissionsOfUser(DbSession dbSession, String userUuid) {
return mapper(dbSession).selectGlobalPermissionsOfUser(userUuid);
return mapper(session).selectUserUuidsWithPermissionOnProjectBut(projectUuid, permission);
}
- public void insert(DbSession dbSession, UserPermissionDto dto, String defaultOrgUuid) {
- mapper(dbSession).insert(dto, defaultOrgUuid);
+ public void insert(DbSession dbSession, UserPermissionDto dto) {
+ mapper(dbSession).insert(dto);
}
/**
List<String> selectUserUuidsByQuery(@Param("query") PermissionQuery query);
/**
- * Fetch user ids based on permission query and only in a specific scope (global permissions only, organization permissions only or project permissions only)
+ * Fetch user ids based on permission query and only in a specific scope (global permissions only or project permissions only)
*/
List<String> selectUserUuidsByQueryAndScope(@Param("query") PermissionQuery query);
*/
Set<String> selectUserUuidsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("permission") String permission);
- void insert(@Param("dto")UserPermissionDto dto, @Param("defaultOrgUuid") String defaultOrgUuid);
+ void insert(@Param("dto")UserPermissionDto dto);
void deleteGlobalPermission(@Param("userUuid") String userUuid, @Param("permission") String permission);
import javax.annotation.Nullable;
public class PermissionTemplateDto {
- private String organizationUuid;
private String name;
private String uuid;
private String description;
return this;
}
- public PermissionTemplateDto setOrganizationUuid(String uuid) {
- this.organizationUuid = uuid;
- return this;
- }
-
/**
* @since 5.2 the kee column is a proper uuid. Before that it was build on the name + timestamp
*/
select
<include refid="selectColumns"/>
from organizations org
- inner join user_roles ur on
- ur.organization_uuid = org.uuid
- and ur.user_uuid = #{userUuid,jdbcType=VARCHAR}
+ inner join user_roles ur on ur.user_uuid = #{userUuid,jdbcType=VARCHAR}
and ur.component_uuid is null
and ur.role = #{permission,jdbcType=VARCHAR}
union
select
<include refid="selectColumns"/>
from organizations org
- inner join group_roles g on
- g.organization_uuid = org.uuid
- and g.component_uuid is null
+ inner join group_roles g on g.component_uuid is null
and g.role = #{permission,jdbcType=VARCHAR}
inner join groups_users gu on
gu.group_uuid = g.group_uuid
<insert id="insert" parameterType="GroupPermission">
insert into group_roles (
- organization_uuid,
uuid,
group_uuid,
component_uuid,
role
) values (
- 'asd',
#{uuid,jdbcType=VARCHAR},
#{groupUuid,jdbcType=VARCHAR},
#{componentUuid,jdbcType=BIGINT},
<insert id="insert" parameterType="org.sonar.db.permission.UserPermissionDto" useGeneratedKeys="false">
insert into user_roles (
- organization_uuid,
uuid,
user_uuid,
component_uuid,
role
) values (
- #{defaultOrgUuid,jdbcType=VARCHAR},
#{dto.uuid,jdbcType=VARCHAR},
#{dto.userUuid,jdbcType=VARCHAR},
#{dto.componentUuid,jdbcType=VARCHAR},
<mapper namespace="org.sonar.db.permission.template.PermissionTemplateMapper">
<insert id="insert" parameterType="PermissionTemplate" useGeneratedKeys="false">
- INSERT INTO permission_templates (organization_uuid, name, uuid, description, key_pattern, created_at, updated_at)
+ INSERT INTO permission_templates (name, uuid, description, key_pattern, created_at, updated_at)
VALUES (
- #{organizationUuid,jdbcType=VARCHAR},
#{name,jdbcType=VARCHAR},
#{uuid,jdbcType=VARCHAR},
#{description,jdbcType=VARCHAR},
CREATE INDEX "FILE_SOURCES_UPDATED_AT" ON "FILE_SOURCES"("UPDATED_AT");
CREATE TABLE "GROUP_ROLES"(
- "ORGANIZATION_UUID" VARCHAR(40) NOT NULL,
"ROLE" VARCHAR(64) NOT NULL,
"COMPONENT_UUID" VARCHAR(40),
"UUID" VARCHAR(40) NOT NULL,
);
ALTER TABLE "GROUP_ROLES" ADD CONSTRAINT "PK_GROUP_ROLES" PRIMARY KEY("UUID");
CREATE INDEX "GROUP_ROLES_COMPONENT_UUID" ON "GROUP_ROLES"("COMPONENT_UUID");
-CREATE UNIQUE INDEX "UNIQ_GROUP_ROLES" ON "GROUP_ROLES"("ORGANIZATION_UUID", "GROUP_UUID", "COMPONENT_UUID", "ROLE");
+CREATE UNIQUE INDEX "UNIQ_GROUP_ROLES" ON "GROUP_ROLES"("GROUP_UUID", "COMPONENT_UUID", "ROLE");
CREATE TABLE "GROUPS"(
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL,
CREATE UNIQUE INDEX "UNIQ_PERM_TPL_CHARAC" ON "PERM_TPL_CHARACTERISTICS"("TEMPLATE_UUID", "PERMISSION_KEY");
CREATE TABLE "PERMISSION_TEMPLATES"(
- "ORGANIZATION_UUID" VARCHAR(40) NOT NULL,
"NAME" VARCHAR(100) NOT NULL,
"DESCRIPTION" VARCHAR(4000),
"CREATED_AT" TIMESTAMP,
CREATE UNIQUE INDEX "USER_PROPERTIES_USER_UUID_KEE" ON "USER_PROPERTIES"("USER_UUID", "KEE");
CREATE TABLE "USER_ROLES"(
- "ORGANIZATION_UUID" VARCHAR(40) NOT NULL,
"ROLE" VARCHAR(64) NOT NULL,
"COMPONENT_UUID" VARCHAR(40),
"UUID" VARCHAR(40) NOT NULL,
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.UserDto;
import static java.util.Arrays.asList;
@Test
public void select_global_permissions() {
- OrganizationDto org2 = db.organizations().insert();
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"));
UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com"));
private UserPermissionDto addGlobalPermission(String permission, UserDto user) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null);
- underTest.insert(dbSession, dto, db.getDefaultOrganization().getUuid());
+ underTest.insert(dbSession, dto);
db.commit();
return dto;
}
private UserPermissionDto addProjectPermission(String permission, UserDto user, ComponentDto project) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid());
- underTest.insert(dbSession, dto, db.getDefaultOrganization().getUuid());
+ underTest.insert(dbSession, dto);
db.commit();
return dto;
}
@Test
public void create_permission_template() {
PermissionTemplateDto permissionTemplate = underTest.insert(db.getSession(), newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
.setUuid("ABCD")
.setName("my template")
.setDescription("my description")
return insertComponentAndBranchAndProject(componentDto, false);
}
+ public ComponentDto insertPrivateProject(String uuid) {
+ return insertComponentAndBranchAndProject(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization(), uuid), true);
+ }
+
public final ComponentDto insertPrivateProject(Consumer<ComponentDto> dtoPopulator) {
return insertComponentAndBranchAndProject(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()), true, defaults(),
dtoPopulator);
}
public PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {
- template.setOrganizationUuid(db.getDefaultOrganization().getUuid());
PermissionTemplateDto templateInDb = dbClient.permissionTemplateDao().insert(dbSession, template);
db.commit();
-
return templateInDb;
}
@Deprecated
public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null);
- db.getDbClient().userPermissionDao().insert(db.getSession(), dto, db.getDefaultOrganization().getUuid());
+ db.getDbClient().userPermissionDao().insert(db.getSession(), dto);
db.commit();
return dto;
}
"%s can't be granted on a public project", permission);
checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches");
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid());
- db.getDbClient().userPermissionDao().insert(db.getSession(), dto, db.getDefaultOrganization().getUuid());
+ db.getDbClient().userPermissionDao().insert(db.getSession(), dto);
db.commit();
return dto;
}
.add(4105, "Drop 'organization_uuid' in 'rules_metadata'", DropOrganizationInRulesMetadata.class)
.add(4106, "Update 'change_data' column of 'qprofile_changes' table to use ruleUuid", UpdateChangeDataOfQProfileChanges.class)
.add(4107, "Drop 'organization_uuid' in 'users'", DropOrganizationInUsers.class)
+ .add(4108, "Drop 'organization_uuid' in 'user_roles'", DropOrganizationInUserRoles.class)
+ .add(4109, "Drop 'organization_uuid' in 'group_roles'", DropOrganizationInGroupRoles.class)
+ .add(4110, "Drop 'organization_uuid' in 'permission_templates'", DropOrganizationInPermissionTemplates.class)
;
}
}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v86;
+
+import java.sql.SQLException;
+import org.sonar.db.Database;
+import org.sonar.server.platform.db.migration.sql.CreateIndexBuilder;
+import org.sonar.server.platform.db.migration.sql.DropColumnsBuilder;
+import org.sonar.server.platform.db.migration.sql.DropIndexBuilder;
+import org.sonar.server.platform.db.migration.step.DdlChange;
+
+public class DropOrganizationInGroupRoles extends DdlChange {
+
+ private static final String TABLE_NAME = "group_roles";
+
+ public DropOrganizationInGroupRoles(Database db) {
+ super(db);
+ }
+
+ @Override
+ public void execute(Context context) throws SQLException {
+ context.execute(
+ new DropIndexBuilder(getDialect())
+ .setTable(TABLE_NAME)
+ .setName("uniq_group_roles")
+ .build());
+ context.execute(new DropColumnsBuilder(getDialect(), TABLE_NAME, "organization_uuid").build());
+ context.execute(new CreateIndexBuilder()
+ .setTable(TABLE_NAME)
+ .setName("uniq_group_roles")
+ .addColumn("group_uuid")
+ .addColumn("component_uuid")
+ .addColumn("role")
+ .setUnique(true)
+ .build());
+ }
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v86;
+
+import java.sql.SQLException;
+import org.sonar.db.Database;
+import org.sonar.server.platform.db.migration.sql.DropColumnsBuilder;
+import org.sonar.server.platform.db.migration.step.DdlChange;
+
+public class DropOrganizationInPermissionTemplates extends DdlChange {
+
+ private static final String TABLE_NAME = "permission_templates";
+
+ public DropOrganizationInPermissionTemplates(Database db) {
+ super(db);
+ }
+
+ @Override
+ public void execute(Context context) throws SQLException {
+ context.execute(new DropColumnsBuilder(getDialect(), TABLE_NAME, "organization_uuid").build());
+ }
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v86;
+
+import java.sql.SQLException;
+import org.sonar.db.Database;
+import org.sonar.server.platform.db.migration.sql.DropColumnsBuilder;
+import org.sonar.server.platform.db.migration.step.DdlChange;
+
+public class DropOrganizationInUserRoles extends DdlChange {
+
+ private static final String TABLE_NAME = "user_roles";
+
+ public DropOrganizationInUserRoles(Database db) {
+ super(db);
+ }
+
+ @Override
+ public void execute(Context context) throws SQLException {
+ context.execute(new DropColumnsBuilder(getDialect(), TABLE_NAME, "organization_uuid").build());
+ }
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v86;
+
+import java.sql.SQLException;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonar.db.CoreDbTester;
+import org.sonar.server.platform.db.migration.step.MigrationStep;
+
+public class DropOrganizationInGroupRolesTest {
+
+ @Rule
+ public CoreDbTester dbTester = CoreDbTester.createForSchema(DropOrganizationInGroupRolesTest.class, "schema.sql");
+
+ private MigrationStep underTest = new DropOrganizationInGroupRoles(dbTester.database());
+
+ @Test
+ public void column_has_been_dropped() throws SQLException {
+ underTest.execute();
+ dbTester.assertColumnDoesNotExist("group_roles", "organization_uuid");
+ dbTester.assertUniqueIndex("group_roles", "uniq_group_roles", "group_uuid", "component_uuid", "role");
+ }
+
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v86;
+
+import java.sql.SQLException;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonar.db.CoreDbTester;
+import org.sonar.server.platform.db.migration.step.MigrationStep;
+
+public class DropOrganizationInPermissionTemplatesTest {
+
+ @Rule
+ public CoreDbTester dbTester = CoreDbTester.createForSchema(DropOrganizationInPermissionTemplatesTest.class, "schema.sql");
+
+ private MigrationStep underTest = new DropOrganizationInPermissionTemplates(dbTester.database());
+
+ @Test
+ public void column_has_been_dropped() throws SQLException {
+ underTest.execute();
+ dbTester.assertColumnDoesNotExist("permission_templates", "organization_uuid");
+ }
+
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v86;
+
+import java.sql.SQLException;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonar.db.CoreDbTester;
+import org.sonar.server.platform.db.migration.step.MigrationStep;
+
+public class DropOrganizationInUserRolesTest {
+
+ @Rule
+ public CoreDbTester dbTester = CoreDbTester.createForSchema(DropOrganizationInUserRolesTest.class, "schema.sql");
+
+ private MigrationStep underTest = new DropOrganizationInUserRoles(dbTester.database());
+
+ @Test
+ public void column_has_been_dropped() throws SQLException {
+ underTest.execute();
+ dbTester.assertColumnDoesNotExist("user_roles", "organization_uuid");
+ }
+
+}
--- /dev/null
+CREATE TABLE "GROUP_ROLES"(
+ "ORGANIZATION_UUID" VARCHAR(40) NOT NULL,
+ "ROLE" VARCHAR(64) NOT NULL,
+ "COMPONENT_UUID" VARCHAR(40),
+ "UUID" VARCHAR(40) NOT NULL,
+ "GROUP_UUID" VARCHAR(40)
+);
+ALTER TABLE "GROUP_ROLES" ADD CONSTRAINT "PK_GROUP_ROLES" PRIMARY KEY("UUID");
+CREATE INDEX "GROUP_ROLES_COMPONENT_UUID" ON "GROUP_ROLES"("COMPONENT_UUID");
+CREATE UNIQUE INDEX "UNIQ_GROUP_ROLES" ON "GROUP_ROLES"("ORGANIZATION_UUID", "GROUP_UUID", "COMPONENT_UUID", "ROLE");
--- /dev/null
+CREATE TABLE "PERMISSION_TEMPLATES"(
+ "ORGANIZATION_UUID" VARCHAR(40) NOT NULL,
+ "NAME" VARCHAR(100) NOT NULL,
+ "DESCRIPTION" VARCHAR(4000),
+ "CREATED_AT" TIMESTAMP,
+ "UPDATED_AT" TIMESTAMP,
+ "KEY_PATTERN" VARCHAR(500),
+ "UUID" VARCHAR(40) NOT NULL
+);
+ALTER TABLE "PERMISSION_TEMPLATES" ADD CONSTRAINT "PK_PERMISSION_TEMPLATES" PRIMARY KEY("UUID");
--- /dev/null
+CREATE TABLE "USER_ROLES"(
+ "ORGANIZATION_UUID" VARCHAR(40) NOT NULL,
+ "ROLE" VARCHAR(64) NOT NULL,
+ "COMPONENT_UUID" VARCHAR(40),
+ "UUID" VARCHAR(40) NOT NULL,
+ "USER_UUID" VARCHAR(255)
+);
+ALTER TABLE "USER_ROLES" ADD CONSTRAINT "PK_USER_ROLES" PRIMARY KEY("UUID");
+CREATE INDEX "USER_ROLES_COMPONENT_UUID" ON "USER_ROLES"("COMPONENT_UUID");
+CREATE INDEX "USER_ROLES_USER" ON "USER_ROLES"("USER_UUID");
new PermissionTemplateDto()
.setUuid(uuidFactory.create())
.setName(PERM_TEMPLATE_NAME)
- .setOrganizationUuid(organizationDto.getUuid())
.setDescription(format(PERM_TEMPLATE_DESCRIPTION_PATTERN, organizationDto.getName()))
.setCreatedAt(now)
.setUpdatedAt(now));
.setUuid(uuidFactory.create())
.setName(OWNERS_GROUP_NAME)
.setDescription(OWNERS_GROUP_DESCRIPTION));
- permissionService.getAllOrganizationPermissions().forEach(p -> addPermissionToGroup(dbSession, group, p));
+ permissionService.getGlobalPermissions().forEach(p -> addPermissionToGroup(dbSession, group, p));
return group;
}
public interface PermissionService {
- List<OrganizationPermission> getAllOrganizationPermissions();
+ List<OrganizationPermission> getGlobalPermissions();
List<String> getAllProjectPermissions();
}
* Return an immutable Set of all organization permissions
*/
@Override
- public List<OrganizationPermission> getAllOrganizationPermissions() {
+ public List<OrganizationPermission> getGlobalPermissions() {
return globalPermissions;
}
@Test
public void organizationPermissions_must_be_ordered() {
- assertThat(underTest.getAllOrganizationPermissions())
+ assertThat(underTest.getGlobalPermissions())
.extracting(OrganizationPermission::getKey)
.containsExactly("admin", "gateadmin", "profileadmin", "provisioning", "scan", "applicationcreator", "portfoliocreator");
}
}
PermissionTemplateDto template = new PermissionTemplateDto()
- .setOrganizationUuid(defaultOrganizationProvider.get().getUuid())
.setName("Default template")
.setUuid(DEFAULT_TEMPLATE_UUID)
.setDescription("This permission template will be used as default when no other permission configuration is available")
@Test
public void do_not_create_default_template_if_already_exists_but_register_when_it_is_not() {
- db.permissionTemplates().insertTemplate(newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
- .setUuid(DEFAULT_TEMPLATE_UUID));
+ db.permissionTemplates().insertTemplate(newPermissionTemplateDto().setUuid(DEFAULT_TEMPLATE_UUID));
underTest.start();
@Test
public void do_not_fail_if_default_template_exists_and_is_registered() {
PermissionTemplateDto projectTemplate = db.permissionTemplates().insertTemplate(newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
.setUuid(DEFAULT_TEMPLATE_UUID));
db.organizations().setDefaultTemplates(projectTemplate, null, null);
String expectedGroupName) {
assertThat(
groupPermissions.stream().anyMatch(gp -> gp.getPermission().equals(expectedPermission) && Objects.equals(gp.getGroupName(), expectedGroupName)))
- .isTrue();
+ .isTrue();
}
private void verifyDefaultTemplates() {
this.projectUuid = projectUuid;
this.permissionService = permissionService;
if (projectUuid == null) {
- checkRequest(permissionService.getAllOrganizationPermissions().stream().anyMatch(p -> p.getKey().equals(permission)),
+ checkRequest(permissionService.getGlobalPermissions().stream().anyMatch(p -> p.getKey().equals(permission)),
"Invalid global permission '%s'. Valid values are %s", permission,
- permissionService.getAllOrganizationPermissions().stream().map(OrganizationPermission::getKey).collect(toList()));
+ permissionService.getGlobalPermissions().stream().map(OrganizationPermission::getKey).collect(toList()));
} else {
checkRequest(permissionService.getAllProjectPermissions().contains(permission), "Invalid project permission '%s'. Valid values are %s", permission,
permissionService.getAllProjectPermissions());
.filter(up -> permissionValidForProject(project, up.getPermission()))
.forEach(up -> {
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), userDtoMap.get(up.getUserUuid()), project.uuid());
- dbClient.userPermissionDao().insert(dbSession, dto, defaultOrganizationProvider.get().getUuid());
+ dbClient.userPermissionDao().insert(dbSession, dto);
});
List<PermissionTemplateGroupDto> groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, template.getUuid());
.filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission()))
.forEach(c -> {
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), project.uuid());
- dbClient.userPermissionDao().insert(dbSession, dto, defaultOrganizationProvider.get().getUuid());
+ dbClient.userPermissionDao().insert(dbSession, dto);
});
}
}
private static void checkAtMostOneMatchForComponentKey(String componentKey, List<PermissionTemplateDto> matchingTemplates) {
if (matchingTemplates.size() > 1) {
StringBuilder templatesNames = new StringBuilder();
- for (Iterator<PermissionTemplateDto> it = matchingTemplates.iterator(); it.hasNext(); ) {
+ for (Iterator<PermissionTemplateDto> it = matchingTemplates.iterator(); it.hasNext();) {
templatesNames.append("\"").append(it.next().getName()).append("\"");
if (it.hasNext()) {
templatesNames.append(", ");
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.UserPermissionDto;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
private final DbClient dbClient;
private final UuidFactory uuidFactory;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
- public UserPermissionChanger(DbClient dbClient, UuidFactory uuidFactory, DefaultOrganizationProvider defaultOrganizationProvider) {
+ public UserPermissionChanger(DbClient dbClient, UuidFactory uuidFactory) {
this.dbClient = dbClient;
this.uuidFactory = uuidFactory;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
}
public boolean apply(DbSession dbSession, UserPermissionChange change) {
}
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), change.getPermission(), change.getUserId().getUuid(),
change.getProjectUuid());
- dbClient.userPermissionDao().insert(dbSession, dto, defaultOrganizationProvider.get().getUuid());
+ dbClient.userPermissionDao().insert(dbSession, dto);
return true;
}
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
import static org.sonar.server.permission.ws.WsParameters.createGroupIdParameter;
import static org.sonar.server.permission.ws.WsParameters.createGroupNameParameter;
-import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter;
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
.setHandler(this);
wsParameters.createPermissionParameter(action, "The permission you would like to grant to the group.");
- createOrganizationParameter(action).setSince("6.2");
createGroupNameParameter(action);
createGroupIdParameter(action);
createProjectParameters(action);
import static java.util.Collections.singletonList;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
-import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter;
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
wsParameters.createPermissionParameter(action, "The permission you would like to grant to the user");
createUserLoginParameter(action);
createProjectParameters(action);
- createOrganizationParameter(action)
- .setSince("6.2");
}
@Override
import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE;
import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
-import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter;
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
.setDescription("Limit search to group names that contain the supplied string.")
.setMinimumLength(SEARCH_QUERY_MIN_LENGTH);
- createOrganizationParameter(action).setSince("6.2");
wsParameters.createPermissionParameter(action).setRequired(false);
createProjectParameters(action);
}
checkProjectAdmin(userSession, project);
PermissionQuery query = buildPermissionQuery(request, project);
- // TODO validatePermission(groupsRequest.getPermission(), wsProjectRef);
List<GroupDto> groups = findGroups(dbSession, query);
int total = dbClient.groupPermissionDao().countGroupsByQuery(dbSession, query);
List<GroupPermissionDto> groupsWithPermission = findGroupPermissions(dbSession, groups, project);
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.usergroups.ws.GroupWsSupport;
import org.sonarqube.ws.client.permission.PermissionsWsParameters;
-import static com.google.common.base.Preconditions.checkArgument;
import static org.sonar.server.exceptions.NotFoundException.checkFound;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
public class PermissionWsSupport {
public GroupUuidOrAnyone findGroup(DbSession dbSession, Request request) {
String groupUuid = request.param(PARAM_GROUP_ID);
- String orgKey = request.param(PARAM_ORGANIZATION);
String groupName = request.param(PARAM_GROUP_NAME);
- GroupWsRef groupRef = GroupWsRef.create(groupUuid, orgKey, groupName);
+ GroupWsRef groupRef = GroupWsRef.create(groupUuid, null, groupName);
return groupWsSupport.findGroupOrAnyone(dbSession, groupRef);
}
}
}
- public void checkMembership(DbSession dbSession, OrganizationDto organization, UserId user) {
- checkArgument(dbClient.organizationMemberDao().select(dbSession, organization.getUuid(), user.getUuid()).isPresent(),
- "User '%s' is not member of organization '%s'", user.getLogin(), organization.getKey());
- }
}
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
import static org.sonar.server.permission.ws.WsParameters.createGroupIdParameter;
import static org.sonar.server.permission.ws.WsParameters.createGroupNameParameter;
-import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter;
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
.setHandler(this);
wsParameters.createPermissionParameter(action, "The permission you would like to revoke from the group.");
- createOrganizationParameter(action).setSince("6.2");
createGroupNameParameter(action);
createGroupIdParameter(action);
createProjectParameters(action);
import static java.util.Collections.singletonList;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
-import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter;
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
wsParameters.createPermissionParameter(action, "The permission you would like to revoke from the user.");
createUserLoginParameter(action);
createProjectParameters(action);
- createOrganizationParameter(action).setSince("6.2");
}
@Override
.setSince("5.2")
.setDeprecatedSince("6.5")
.setHandler(this);
-
- WsParameters.createOrganizationParameter(action).setSince("6.2");
}
@Override
WsSearchGlobalPermissionsResponse.Builder response = WsSearchGlobalPermissionsResponse.newBuilder();
Permission.Builder permission = newBuilder();
- permissionService.getAllOrganizationPermissions().stream()
+ permissionService.getGlobalPermissions().stream()
.map(OrganizationPermission::getKey)
.forEach(permissionKey -> {
PermissionQuery query = permissionQuery(permissionKey);
import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin;
import static org.sonar.server.permission.RequestValidator.validateGlobalPermission;
-import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter;
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
.setDescription("Limit search to user names that contain the supplied string. <br/>")
.setExampleValue("eri");
- createOrganizationParameter(action).setSince("6.2");
wsParameters.createPermissionParameter(action).setRequired(false);
createProjectParameters(action);
}
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
this.permissionService = permissionService;
String allProjectsPermissionsOnOneLine = Joiner.on(", ").join(permissionService.getAllProjectPermissions());
permissionParamDescription = String.format("<ul>" +
- "<li>Possible values for global permissions: %s</li>" +
- "<li>Possible values for project permissions %s</li>" +
- "</ul>",
+ "<li>Possible values for global permissions: %s</li>" +
+ "<li>Possible values for project permissions %s</li>" +
+ "</ul>",
GlobalPermissions.ALL_ON_ONE_LINE,
allProjectsPermissionsOnOneLine);
projectPermissionParamDescription = String.format("Permission" +
- "<ul>" +
- "<li>Possible values for project permissions %s</li>" +
- "</ul>",
+ "<ul>" +
+ "<li>Possible values for project permissions %s</li>" +
+ "</ul>",
allProjectsPermissionsOnOneLine);
}
.setExampleValue("sonar-administrators");
}
- public static WebService.NewParam createOrganizationParameter(WebService.NewAction action) {
- return action.createParam(PARAM_ORGANIZATION)
- .setDescription("Key of organization, used when group name is set")
- .setExampleValue("my-org")
- .setInternal(true);
- }
-
public static void createGroupIdParameter(WebService.NewAction action) {
action.createParam(PARAM_GROUP_ID)
.setDescription("Group id, use 'name' param instead")
action.createParam(PARAM_TEMPLATE_ID)
.setDescription("Template id")
.setExampleValue(UUID_EXAMPLE_01);
- createOrganizationParameter(action);
action.createParam(PARAM_TEMPLATE_NAME)
.setDescription("Template name")
.setExampleValue("Default Permission Template for Projects");
import static java.util.Objects.requireNonNull;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin;
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
AddProjectCreatorToTemplateRequest wsRequest = AddProjectCreatorToTemplateRequest.builder()
.setPermission(request.mandatoryParam(PARAM_PERMISSION))
.setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setOrganization(request.param(PARAM_ORGANIZATION))
.setTemplateName(request.param(PARAM_TEMPLATE_NAME))
.build();
requestValidator.validateProjectPermission(wsRequest.getPermission());
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters;
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter;
import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
.setLogin(request.mandatoryParam(PARAM_USER_LOGIN))
.setPermission(request.mandatoryParam(PARAM_PERMISSION))
.setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setOrganization(request.param(PARAM_ORGANIZATION))
.setTemplateName(request.param(PARAM_TEMPLATE_NAME));
}
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_002;
import static org.sonar.server.ws.WsParameterBuilder.createRootQualifiersParameter;
import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
action.createParam(PARAM_VISIBILITY)
.setDescription("Filter the projects that should be visible to everyone (%s), or only specific user/groups (%s).<br/>" +
- "If no visibility is specified, the default project visibility of the organization will be used.",
+ "If no visibility is specified, the default project visibility of the organization will be used.",
Visibility.PUBLIC.getLabel(), Visibility.PRIVATE.getLabel())
.setRequired(false)
.setInternal(true)
private static BulkApplyTemplateRequest toBulkApplyTemplateWsRequest(Request request) {
return new BulkApplyTemplateRequest()
- .setOrganization(request.param(PARAM_ORGANIZATION))
.setTemplateId(request.param(PARAM_TEMPLATE_ID))
.setTemplateName(request.param(PARAM_TEMPLATE_NAME))
.setQualifiers(request.mandatoryParamAsStrings(PARAM_QUALIFIERS))
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY_PATTERN;
public class CreateTemplateAction implements PermissionsWsAction {
return new CreateTemplateRequest()
.setName(request.mandatoryParam(PARAM_NAME))
.setDescription(request.param(PARAM_DESCRIPTION))
- .setProjectKeyPattern(request.param(PARAM_PROJECT_KEY_PATTERN))
- .setOrganization(request.param(PARAM_ORGANIZATION));
+ .setProjectKeyPattern(request.param(PARAM_PROJECT_KEY_PATTERN));
}
private static CreateTemplateWsResponse buildResponse(PermissionTemplateDto permissionTemplateDto) {
WsParameters.createTemplateProjectKeyPatternParameter(action);
WsParameters.createTemplateDescriptionParameter(action);
- WsParameters.createOrganizationParameter(action).setSince("6.2");
}
@Override
private PermissionTemplateDto insertTemplate(DbSession dbSession, CreateTemplateRequest request) {
Date now = new Date(system.now());
PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, new PermissionTemplateDto()
- .setOrganizationUuid(defaultOrganizationProvider.get().getUuid())
.setUuid(Uuids.create())
.setName(request.getName())
.setDescription(request.getDescription())
import static java.util.Objects.requireNonNull;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin;
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
RemoveProjectCreatorFromTemplateRequest wsRequest = RemoveProjectCreatorFromTemplateRequest.builder()
.setPermission(request.mandatoryParam(PARAM_PERMISSION))
.setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setOrganization(request.param(PARAM_ORGANIZATION))
.setTemplateName(request.param(PARAM_TEMPLATE_NAME))
.build();
requestValidator.validateProjectPermission(wsRequest.getPermission());
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin;
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters;
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
.setPermission(request.mandatoryParam(PARAM_PERMISSION))
.setLogin(request.mandatoryParam(PARAM_USER_LOGIN))
.setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setOrganization(request.param(PARAM_ORGANIZATION))
.setTemplateName(request.param(PARAM_TEMPLATE_NAME));
}
import org.sonar.server.permission.DefaultTemplatesResolver.ResolvedDefaultTemplates;
import org.sonar.server.permission.PermissionService;
import org.sonar.server.permission.ws.PermissionsWsAction;
-import org.sonar.server.permission.ws.WsParameters;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.Permissions;
import org.sonarqube.ws.Permissions.Permission;
.setSince("5.2")
.addSearchQuery("defau", "permission template names")
.setHandler(this);
-
- WsParameters.createOrganizationParameter(action).setSince("6.2");
}
@Override
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin;
import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
-import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
import static org.sonar.server.ws.WsParameterBuilder.createDefaultTemplateQualifierParameter;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
+import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
return new SetDefaultTemplateRequest()
.setQualifier(request.param(PARAM_QUALIFIER))
.setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setOrganization(request.param(PARAM_ORGANIZATION))
.setTemplateName(request.param(PARAM_TEMPLATE_NAME));
}
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.es.ProjectIndexer;
import org.sonar.server.es.ProjectIndexers;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.project.Visibility;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.project.ProjectsWsParameters;
private final ProjectIndexers projectIndexers;
private final ProjectsWsSupport projectsWsSupport;
private final UuidFactory uuidFactory;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
public UpdateVisibilityAction(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession,
- ProjectIndexers projectIndexers, ProjectsWsSupport projectsWsSupport, UuidFactory uuidFactory, DefaultOrganizationProvider defaultOrganizationProvider) {
+ ProjectIndexers projectIndexers, ProjectsWsSupport projectsWsSupport, UuidFactory uuidFactory) {
this.dbClient = dbClient;
this.componentFinder = componentFinder;
this.userSession = userSession;
this.projectIndexers = projectIndexers;
this.projectsWsSupport = projectsWsSupport;
this.uuidFactory = uuidFactory;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
}
public void define(WebService.NewController context) {
}
private void insertProjectPermissionOnUser(DbSession dbSession, ComponentDto component, String permission, String userUuid) {
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(Uuids.create(), permission, userUuid, component.uuid()), defaultOrganizationProvider.get().getUuid());
+ dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(Uuids.create(), permission, userUuid, component.uuid()));
}
private void insertProjectPermissionOnGroup(DbSession dbSession, ComponentDto component, String permission, String groupUuid) {
private List<String> getGlobalPermissions() {
String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid();
- return permissionService.getAllOrganizationPermissions().stream()
+ return permissionService.getGlobalPermissions().stream()
.filter(permission -> userSession.hasPermission(permission))
.map(OrganizationPermission::getKey)
.collect(toList());
package org.sonar.server.user.ws;
import java.util.HashSet;
-import java.util.List;
import java.util.Set;
-import java.util.stream.Collectors;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.text.JsonWriter;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
-import org.sonar.db.organization.OrganizationDto;
-import org.sonar.db.organization.OrganizationHelper;
import org.sonar.db.property.PropertyQuery;
import org.sonar.db.user.UserDto;
-import org.sonar.server.exceptions.BadRequestException;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
import org.sonar.server.user.index.UserIndexer;
-import static java.lang.String.format;
import static java.util.Collections.singletonList;
import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE;
+import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.server.exceptions.BadRequestException.checkRequest;
import static org.sonar.server.exceptions.NotFoundException.checkFound;
private final UserIndexer userIndexer;
private final UserSession userSession;
private final UserJsonWriter userWriter;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
- public DeactivateAction(DbClient dbClient, UserIndexer userIndexer, UserSession userSession, UserJsonWriter userWriter,
- DefaultOrganizationProvider defaultOrganizationProvider) {
+ public DeactivateAction(DbClient dbClient, UserIndexer userIndexer, UserSession userSession, UserJsonWriter userWriter) {
this.dbClient = dbClient;
this.userIndexer = userIndexer;
this.userSession = userSession;
this.userWriter = userWriter;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
}
@Override
}
private void ensureNotLastAdministrator(DbSession dbSession, UserDto user) {
- //TODO can this be removed?
- List<OrganizationDto> problematicOrgs = new OrganizationHelper(dbClient).selectOrganizationsWithLastAdmin(dbSession, user.getUuid());
- if (problematicOrgs.isEmpty()) {
- return;
- }
- checkRequest(problematicOrgs.size() != 1 || !defaultOrganizationProvider.get().getUuid().equals(problematicOrgs.get(0).getUuid()),
- "User is last administrator, and cannot be deactivated");
- String keys = problematicOrgs
- .stream()
- .map(OrganizationDto::getKey)
- .sorted()
- .collect(Collectors.joining(", "));
- throw BadRequestException.create(format("User '%s' is last administrator of organizations [%s], and cannot be deactivated", user.getLogin(), keys));
+ boolean isLastAdmin = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, ADMINISTER.getKey(), user.getUuid()) == 0;
+ checkRequest(!isLastAdmin, "User is last administrator, and cannot be deactivated");
}
}
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.GroupPermissionDto;
import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.user.GroupDto;
private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
private GroupPermissionChanger underTest = new GroupPermissionChanger(db.getDbClient(), new SequenceUuidFactory());
- private OrganizationDto org;
private GroupDto group;
private ComponentDto privateProject;
private ComponentDto publicProject;
@Before
public void setUp() {
- org = db.organizations().insert();
group = db.users().insertGroup("a-group");
- privateProject = db.components().insertPrivateProject(org);
- publicProject = db.components().insertPublicProject(org);
+ privateProject = db.components().insertPrivateProject();
+ publicProject = db.components().insertPublicProject();
}
@Test
- public void apply_adds_organization_permission_to_group() {
+ public void apply_adds_global_permission_to_group() {
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group);
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService));
}
@Test
- public void apply_adds_organization_permission_to_group_AnyOne() {
+ public void apply_adds_global_permission_to_group_AnyOne() {
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone();
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService));
public void fail_to_add_global_permission_but_SCAN_and_ADMIN_on_private_project() {
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group);
- permissionService.getAllOrganizationPermissions().stream()
+ permissionService.getGlobalPermissions().stream()
.map(OrganizationPermission::getKey)
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm))
.forEach(perm -> {
public void fail_to_add_global_permission_but_SCAN_and_ADMIN_on_public_project() {
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group);
- permissionService.getAllOrganizationPermissions().stream()
+ permissionService.getGlobalPermissions().stream()
.map(OrganizationPermission::getKey)
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm))
.forEach(perm -> {
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
-import org.sonar.server.organization.TestDefaultOrganizationProvider;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.web.UserRole.ADMIN;
private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
- private UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory(), TestDefaultOrganizationProvider.from(db));
+ private UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory());
private UserDto user1;
private UserDto user2;
private ComponentDto privateProject;
}
@Test
- public void apply_adds_any_organization_permission_to_user() {
- permissionService.getAllOrganizationPermissions().stream()
+ public void apply_adds_any_global_permission_to_user() {
+ permissionService.getGlobalPermissions().stream()
.forEach(perm -> {
UserPermissionChange change = new UserPermissionChange(ADD, perm.getKey(), null, UserId.from(user1), permissionService);
public void apply_removes_any_organization_permission_to_user() {
// give ADMIN perm to user2 so that user1 is not the only one with this permission and it can be removed from user1
db.users().insertPermissionOnUser(user2, OrganizationPermission.ADMINISTER);
- permissionService.getAllOrganizationPermissions().stream()
+ permissionService.getGlobalPermissions().stream()
.forEach(perm -> db.users().insertPermissionOnUser(user1, perm));
assertThat(db.users().selectPermissionsOfUser(user1))
- .containsOnly(permissionService.getAllOrganizationPermissions().toArray(new OrganizationPermission[0]));
+ .containsOnly(permissionService.getGlobalPermissions().toArray(new OrganizationPermission[0]));
- permissionService.getAllOrganizationPermissions().stream()
+ permissionService.getGlobalPermissions().stream()
.forEach(perm -> {
UserPermissionChange change = new UserPermissionChange(REMOVE, perm.getKey(), null, UserId.from(user1), permissionService);
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto;
import static org.sonar.db.component.ComponentTesting.newSubView;
-import static org.sonar.db.component.ComponentTesting.newView;
import static org.sonar.db.permission.OrganizationPermission.SCAN;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
}
@Test
- public void reference_group_by_its_name_in_organization() {
+ public void reference_group_by_its_name() {
GroupDto group = db.users().insertGroup("the-group");
loginAsAdmin();
}
@Test
- public void add_with_view_uuid() {
- OrganizationDto organizationDto = db.getDefaultOrganization();
+ public void add_with_portfolio_uuid() {
GroupDto group = db.users().insertGroup("sonar-administrators");
- ComponentDto view = db.components().insertComponent(newView(organizationDto, "view-uuid").setDbKey("view-key"));
+ ComponentDto portfolio = db.components().insertPrivatePortfolio();
loginAsAdmin();
newRequest()
.setParam(PARAM_GROUP_NAME, group.getName())
- .setParam(PARAM_PROJECT_ID, view.uuid())
+ .setParam(PARAM_PROJECT_ID, portfolio.uuid())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
.execute();
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty();
- assertThat(db.users().selectGroupPermissions(group, view)).containsOnly(SYSTEM_ADMIN);
+ assertThat(db.users().selectGroupPermissions(group, portfolio)).containsOnly(SYSTEM_ADMIN);
}
@Test
@Test
public void fail_when_component_is_a_module() {
- ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert())));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto module = db.components().insertComponent(newModuleDto(project));
failIfComponentIsNotAProjectOrView(module);
}
@Test
public void fail_when_component_is_a_directory() {
- ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_file() {
- ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_subview() {
- ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert())));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newSubView(project));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void adding_a_project_permission_fails_if_component_is_not_a_project() {
- OrganizationDto organizationDto = db.getDefaultOrganization();
GroupDto group = db.users().insertGroup("sonar-administrators");
- ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, A_PROJECT_UUID).setDbKey(A_PROJECT_KEY));
+ ComponentDto project = db.components().insertPrivateProject();
ComponentDto file = db.components().insertComponent(ComponentTesting.newFileDto(project, null, "file-uuid"));
loginAsAdmin();
}
@Test
- public void fail_if_not_administrator_of_organization() {
+ public void fail_if_not_global_administrator() {
GroupDto group = db.users().insertGroup();
loginAsAdmin();
@Test
public void fail_when_project_uuid_and_project_key_are_provided() {
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert()));
+ ComponentDto project = db.components().insertPrivateProject();
loginAsAdmin();
expectedException.expect(BadRequestException.class);
@Test
public void no_effect_when_adding_USER_permission_to_group_AnyOne_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
newRequest()
@Test
public void no_effect_when_adding_CODEVIEWER_permission_to_group_AnyOne_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
newRequest()
@Test
public void no_effect_when_adding_USER_permission_to_group_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
newRequest()
@Test
public void no_effect_when_adding_CODEVIEWER_permission_to_group_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
newRequest()
@Test
public void fail_when_using_branch_db_key() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
ComponentDto branch = db.components().insertProjectBranch(project);
@Test
public void fail_when_using_branch_uuid() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
ComponentDto branch = db.components().insertProjectBranch(project);
import org.sonar.api.resources.ResourceTypes;
import org.sonar.api.web.UserRole;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import static org.sonar.db.component.ComponentTesting.newDirectory;
import static org.sonar.db.component.ComponentTesting.newFileDto;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
-import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto;
import static org.sonar.db.component.ComponentTesting.newSubView;
import static org.sonar.db.component.ComponentTesting.newView;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
@Before
public void setUp() {
user = db.users().insertUser("ray.bradbury");
- db.organizations().addMember(db.getDefaultOrganization(), user);
}
@Override
@Test
public void fail_when_component_is_a_module() {
- ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert())));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto module = db.components().insertComponent(newModuleDto(project));
failIfComponentIsNotAProjectOrView(module);
}
@Test
public void fail_when_component_is_a_directory() {
- ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_file() {
- ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_subview() {
- ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert())));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newSubView(project));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_not_a_project() {
- db.components().insertComponent(newFileDto(newPrivateProjectDto(db.organizations().insert(), "project-uuid"), null, "file-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
+ db.components().insertComponent(newFileDto(project, null, "file-uuid"));
loginAsAdmin();
expectedException.expect(BadRequestException.class);
}
@Test
- public void adding_global_permission_fails_if_not_administrator_of_organization() {
+ public void adding_global_permission_fails_if_not_system_administrator() {
userSession.logIn();
expectedException.expect(ForbiddenException.class);
@Test
public void fail_when_using_branch_uuid() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
ComponentDto branch = db.components().insertProjectBranch(project);
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid()));
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_PROJECT_ID, branch.uuid())
.setParam(PARAM_USER_LOGIN, user.getLogin())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
protected PermissionUpdater newPermissionUpdater() {
return new PermissionUpdater(
new ProjectIndexersImpl(new PermissionIndexer(db.getDbClient(), es.client())),
- new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory(), defaultOrganizationProvider),
+ new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory()),
new GroupPermissionChanger(db.getDbClient(), new SequenceUuidFactory()));
}
protected PermissionTemplateDto addTemplate() {
PermissionTemplateDto dto = newPermissionTemplateDto();
- dto.setOrganizationUuid(db.getDefaultOrganization().getUuid());
db.getDbClient().permissionTemplateDao().insert(db.getSession(), dto);
db.commit();
return dto;
import org.sonar.api.server.ws.Change;
import org.sonar.api.server.ws.WebService.Action;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
@Test
public void search_groups_with_project_permissions() {
- OrganizationDto organizationDto = db.getDefaultOrganization();
- ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
GroupDto group = db.users().insertGroup("project-group-name");
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project);
- ComponentDto anotherProject = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(organizationDto));
+ ComponentDto anotherProject = db.components().insertPrivateProject();
GroupDto anotherGroup = db.users().insertGroup("another-project-group-name");
db.users().insertProjectPermissionOnGroup(anotherGroup, ISSUE_ADMIN, anotherProject);
userSession.logIn().addProjectPermission(ADMIN, project);
String result = newRequest()
.setParam(PARAM_PERMISSION, ISSUE_ADMIN)
- .setParam(PARAM_PROJECT_ID, "project-uuid")
+ .setParam(PARAM_PROJECT_ID, project.uuid())
.execute()
.getInput();
@Test
public void return_also_groups_without_permission_when_search_query() {
- OrganizationDto organizationDto = db.getDefaultOrganization();
- ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
GroupDto group = db.users().insertGroup("group-with-permission");
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project);
loginAsAdmin();
String result = newRequest()
.setParam(PARAM_PERMISSION, ISSUE_ADMIN)
- .setParam(PARAM_PROJECT_ID, "project-uuid")
+ .setParam(PARAM_PROJECT_ID, project.uuid())
.setParam(TEXT_QUERY, "group-with")
.execute()
.getInput();
@Test
public void return_anyone_group_when_search_query_and_no_param_permission() {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
GroupDto group = db.users().insertGroup("group-with-permission");
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project);
@Test
public void fail_if_project_uuid_and_project_key_are_provided() {
- db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), "project-uuid").setDbKey("project-key"));
+ ComponentDto project = db.components().insertPrivateProject();
expectedException.expect(BadRequestException.class);
loginAsAdmin();
newRequest()
.setParam(PARAM_PERMISSION, SCAN_EXECUTION)
- .setParam(PARAM_PROJECT_ID, "project-uuid")
- .setParam(PARAM_PROJECT_KEY, "project-key")
+ .setParam(PARAM_PROJECT_ID, project.uuid())
+ .setParam(PARAM_PROJECT_KEY, project.getKey())
.execute();
}
import org.sonar.api.web.UserRole;
import org.sonar.core.util.Uuids;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.GroupPermissionDto;
import org.sonar.db.user.GroupDto;
import org.sonar.server.exceptions.BadRequestException;
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
@Test
public void fail_when_component_is_a_module() {
- ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert())));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto module = db.components().insertComponent(newModuleDto(project));
failIfComponentIsNotAProjectOrView(module);
}
@Test
public void fail_when_component_is_a_directory() {
- ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_file() {
- ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_subview() {
- ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert())));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newSubView(project));
failIfComponentIsNotAProjectOrView(file);
}
.execute();
}
- private void executeRequest(GroupDto groupDto, OrganizationDto organizationDto, String permission) {
- newRequest()
- .setParam(PARAM_GROUP_NAME, groupDto.getName())
- .setParam(PARAM_PERMISSION, permission)
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
- .execute();
- }
-
@Test
- public void removing_global_permission_fails_if_not_administrator_of_organization() {
+ public void removing_global_permission_fails_if_not_system_administrator() {
userSession.logIn();
expectedException.expect(ForbiddenException.class);
@Test
public void fail_when_removing_USER_permission_from_group_AnyOne_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expect(BadRequestException.class);
@Test
public void fail_when_removing_CODEVIEWER_permission_from_group_AnyOne_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expect(BadRequestException.class);
@Test
public void fail_when_removing_USER_permission_from_group_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Permission user can't be removed from a public component");
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PROJECT_ID, project.uuid())
.setParam(PARAM_PERMISSION, USER)
@Test
public void fail_when_removing_CODEVIEWER_permission_from_group_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Permission codeviewer can't be removed from a public component");
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PROJECT_ID, project.uuid())
.setParam(PARAM_PERMISSION, CODEVIEWER)
@Test
public void fail_when_using_branch_db_key() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
ComponentDto branch = db.components().insertProjectBranch(project);
expectedException.expectMessage(format("Project key '%s' not found", branch.getDbKey()));
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_PROJECT_KEY, branch.getDbKey())
.setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
@Test
public void fail_when_using_branch_uuid() {
- OrganizationDto organization = db.organizations().insert();
GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
ComponentDto branch = db.components().insertProjectBranch(project);
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid()));
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_PROJECT_ID, branch.uuid())
.setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
import org.sonar.api.resources.ResourceTypes;
import org.sonar.api.web.UserRole;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import static org.sonar.db.component.ComponentTesting.newDirectory;
import static org.sonar.db.component.ComponentTesting.newFileDto;
import static org.sonar.db.component.ComponentTesting.newModuleDto;
-import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto;
import static org.sonar.db.component.ComponentTesting.newSubView;
-import static org.sonar.db.component.ComponentTesting.newView;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
@Test
public void remove_permission_from_project() {
- ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY));
+ ComponentDto project = db.components().insertPrivateProject();
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project);
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
loginAsAdmin();
@Test
public void remove_with_project_key() {
- ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY));
+ ComponentDto project = db.components().insertPrivateProject();
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project);
loginAsAdmin();
@Test
public void remove_with_view_uuid() {
- ComponentDto view = db.components().insertComponent(newView(db.organizations().insert(), "view-uuid").setDbKey("view-key"));
+ ComponentDto view = db.components().insertView();
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, view);
db.users().insertProjectPermissionOnUser(user, ADMIN, view);
loginAsAdmin();
@Test
public void fail_when_component_is_a_module() {
- ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert())));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto module = db.components().insertComponent(newModuleDto(project));
failIfComponentIsNotAProjectOrView(module);
}
@Test
public void fail_when_component_is_a_directory() {
- ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_file() {
- ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid"));
+ ComponentDto project = db.components().insertPrivateProject();
+ ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid"));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_component_is_a_subview() {
- ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert())));
+ ComponentDto portfolio = db.components().insertPrivatePortfolio();
+ ComponentDto file = db.components().insertComponent(newSubView(portfolio));
failIfComponentIsNotAProjectOrView(file);
}
@Test
public void fail_when_project_uuid_and_project_key_are_provided() {
- ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY));
+ ComponentDto project = db.components().insertPrivateProject();
loginAsAdmin();
expectedException.expect(BadRequestException.class);
}
@Test
- public void removing_global_permission_fails_if_not_administrator_of_organization() {
+ public void removing_global_permission_fails_if_not_system_administrator() {
userSession.logIn();
expectedException.expect(ForbiddenException.class);
@Test
public void fail_when_removing_USER_permission_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expect(BadRequestException.class);
@Test
public void fail_when_removing_CODEVIEWER_permission_on_a_public_project() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expect(BadRequestException.class);
@Test
public void fail_when_using_branch_db_key() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
ComponentDto branch = db.components().insertProjectBranch(project);
expectedException.expectMessage(format("Project key '%s' not found", branch.getDbKey()));
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_PROJECT_KEY, branch.getDbKey())
.setParam(PARAM_USER_LOGIN, user.getLogin())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
@Test
public void fail_when_using_branch_uuid() {
- OrganizationDto organization = db.organizations().insert();
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
ComponentDto branch = db.components().insertProjectBranch(project);
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid()));
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_PROJECT_ID, branch.uuid())
.setParam(PARAM_USER_LOGIN, user.getLogin())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
*/
package org.sonar.server.permission.ws;
+import java.util.stream.IntStream;
import org.junit.Before;
import org.junit.Test;
import org.sonar.api.resources.Qualifiers;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.ForbiddenException;
@Test
public void has_projects_ordered_by_name() {
- OrganizationDto organizationDto = db.organizations().insert();
- for (int i = 9; i >= 1; i--) {
- db.components().insertComponent(ComponentTesting.newPrivateProjectDto(organizationDto)
- .setName("project-name-" + i));
- }
+ IntStream.rangeClosed(1, 9).forEach(i -> db.components().insertPrivateProject(p -> p.setName("project-name-" + i)));
String result = newRequest()
.setParam(PAGE, "1")
@Test
public void search_by_query_on_name() {
- componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()).setName("project-name"));
- componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()).setName("another-name"));
+ db.components().insertPrivateProject(p -> p.setName("project-name"));
+ db.components().insertPrivateProject(p -> p.setName("another-name"));
String result = newRequest()
.setParam(TEXT_QUERY, "project")
@Test
public void search_by_query_on_key_must_match_exactly() {
- OrganizationDto organizationDto = db.organizations().insert();
- componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(organizationDto).setDbKey("project-key"));
- componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(organizationDto).setDbKey("another-key"));
+ db.components().insertPrivateProject(p -> p.setDbKey("project-key"));
+ db.components().insertPrivateProject(p -> p.setDbKey("another-key"));
String result = newRequest()
.setParam(TEXT_QUERY, "project-key")
@Test
public void handle_more_than_1000_projects() {
- for (int i = 1; i <= 1001; i++) {
- componentDb.insertProjectAndSnapshot(newPrivateProjectDto(db.getDefaultOrganization(), "project-uuid-" + i));
- }
+ IntStream.rangeClosed(1, 1001).forEach(i -> {
+ db.components().insertPrivateProject("project-uuid-" + i);
+ });
String result = newRequest()
.setParam(TEXT_QUERY, "project")
@Test
public void filter_by_qualifier() {
- OrganizationDto organizationDto = db.organizations().insert();
- db.components().insertComponent(newView(organizationDto, "view-uuid"));
- db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid"));
+ ComponentDto portfolio = db.components().insertPrivatePortfolio();
+ ComponentDto project = db.components().insertPrivateProject();
Permissions.SearchProjectPermissionsWsResponse result = newRequest()
.setParam(PARAM_QUALIFIER, Qualifiers.PROJECT)
assertThat(result.getProjectsList())
.extracting("id")
- .contains("project-uuid")
- .doesNotContain("view-uuid");
+ .contains(project.uuid())
+ .doesNotContain(portfolio.uuid());
}
@Test
import org.sonar.api.server.ws.WebService.SelectionMode;
import org.sonar.api.web.UserRole;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ComponentTesting;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
import static org.sonar.db.permission.OrganizationPermission.SCAN;
import static org.sonar.db.user.UserTesting.newUserDto;
import static org.sonar.test.JsonAssert.assertJson;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
@Test
public void search_for_users_with_response_example() {
UserDto user1 = db.users().insertUser(newUserDto().setLogin("admin").setName("Administrator").setEmail("admin@admin.com"));
- db.organizations().addMember(db.getDefaultOrganization(), user1);
UserDto user2 = db.users().insertUser(newUserDto().setLogin("adam.west").setName("Adam West").setEmail("adamwest@adamwest.com"));
- db.organizations().addMember(db.getDefaultOrganization(), user2);
UserDto user3 = db.users().insertUser(newUserDto().setLogin("george.orwell").setName("George Orwell").setEmail("george.orwell@1984.net"));
- db.organizations().addMember(db.getDefaultOrganization(), user3);
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES);
db.users().insertPermissionOnUser(user1, ADMINISTER);
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES);
@Test
public void search_for_users_with_permission_on_project() {
// User has permission on project
- ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()));
+ ComponentDto project = db.components().insertPrivateProject();
UserDto user = db.users().insertUser(newUserDto());
- db.organizations().addMember(db.getDefaultOrganization(), user);
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
// User has permission on another project
- ComponentDto anotherProject = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()));
+ ComponentDto anotherProject = db.components().insertPrivateProject();
UserDto userHavePermissionOnAnotherProject = db.users().insertUser(newUserDto());
- db.organizations().addMember(db.getDefaultOrganization(), userHavePermissionOnAnotherProject);
db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, ISSUE_ADMIN, anotherProject);
// User has no permission
UserDto withoutPermission = db.users().insertUser(newUserDto());
- db.organizations().addMember(db.getDefaultOrganization(), withoutPermission);
userSession.logIn().addProjectPermission(SYSTEM_ADMIN, project);
String result = newRequest()
@Test
public void search_also_for_users_without_permission_when_filtering_name() {
// User with permission on project
- ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert()));
+ ComponentDto project = db.components().insertPrivateProject();
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email"));
- db.organizations().addMember(db.getDefaultOrganization(), user);
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
// User without permission
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email"));
- db.organizations().addMember(db.getDefaultOrganization(), withoutPermission);
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user"));
- db.organizations().addMember(db.getDefaultOrganization(), anotherUser);
loginAsAdmin();
String result = newRequest()
@Test
public void search_also_for_users_without_permission_when_filtering_email() {
// User with permission on project
- ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert()));
+ ComponentDto project = db.components().insertPrivateProject();
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email"));
- db.organizations().addMember(db.getDefaultOrganization(), user);
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
// User without permission
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email"));
- db.organizations().addMember(db.getDefaultOrganization(), withoutPermission);
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user"));
- db.organizations().addMember(db.getDefaultOrganization(), anotherUser);
loginAsAdmin();
String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "email").execute().getInput();
@Test
public void search_also_for_users_without_permission_when_filtering_login() {
// User with permission on project
- ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert()));
+ ComponentDto project = db.components().insertPrivateProject();
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email"));
- db.organizations().addMember(db.getDefaultOrganization(), user);
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
// User without permission
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email"));
- db.organizations().addMember(db.getDefaultOrganization(), withoutPermission);
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user"));
- db.organizations().addMember(db.getDefaultOrganization(), anotherUser);
loginAsAdmin();
String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "login").execute().getInput();
public void search_for_users_is_paginated() {
for (int i = 9; i >= 0; i--) {
UserDto user = db.users().insertUser(newUserDto().setName("user-" + i));
- db.organizations().addMember(db.getDefaultOrganization(), user);
db.users().insertPermissionOnUser(user, ADMINISTER);
db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES);
}
loginAsAdmin();
for (int i = 0; i < 30; i++) {
UserDto user = db.users().insertUser(newUserDto().setLogin("user-" + i));
- db.organizations().addMember(db.getDefaultOrganization(), user);
db.users().insertPermissionOnUser(user, SCAN);
db.users().insertPermissionOnUser(user, PROVISION_PROJECTS);
}
@Test
public void fail_if_project_uuid_and_project_key_are_provided() {
- db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), "project-uuid").setDbKey("project-key"));
+ ComponentDto project = db.components().insertPrivateProject();
loginAsAdmin();
expectedException.expect(BadRequestException.class);
newRequest()
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
- .setParam(PARAM_PROJECT_ID, "project-uuid")
- .setParam(PARAM_PROJECT_KEY, "project-key")
+ .setParam(PARAM_PROJECT_ID, project.uuid())
+ .setParam(PARAM_PROJECT_KEY, project.getKey())
.execute();
}
@Test
public void fail_when_using_branch_db_key() throws Exception {
- OrganizationDto organization = db.organizations().insert();
UserDto user = db.users().insertUser(newUserDto());
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
ComponentDto branch = db.components().insertProjectBranch(project);
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expectMessage(format("Project key '%s' not found", branch.getDbKey()));
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_PROJECT_KEY, branch.getDbKey())
.setParam(PARAM_USER_LOGIN, user.getLogin())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
@Test
public void fail_when_using_branch_uuid() {
- OrganizationDto organization = db.organizations().insert();
UserDto user = db.users().insertUser(newUserDto());
- ComponentDto project = db.components().insertPublicProject(organization);
+ ComponentDto project = db.components().insertPublicProject();
ComponentDto branch = db.components().insertProjectBranch(project);
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid()));
newRequest()
- .setParam(PARAM_ORGANIZATION, organization.getKey())
.setParam(PARAM_PROJECT_ID, branch.uuid())
.setParam(PARAM_USER_LOGIN, user.getLogin())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
private void insertUsersHavingGlobalPermissions() {
UserDto user1 = db.users().insertUser(newUserDto("login-1", "name-1", "email-1"));
- db.organizations().addMember(db.getDefaultOrganization(), user1);
UserDto user2 = db.users().insertUser(newUserDto("login-2", "name-2", "email-2"));
- db.organizations().addMember(db.getDefaultOrganization(), user2);
UserDto user3 = db.users().insertUser(newUserDto("login-3", "name-3", "email-3"));
- db.organizations().addMember(db.getDefaultOrganization(), user3);
db.users().insertPermissionOnUser(user1, SCAN);
db.users().insertPermissionOnUser(user2, SCAN);
db.users().insertPermissionOnUser(user3, ADMINISTER);
}
@Test
- public void fail_if_not_admin_of_default_organization() {
+ public void fail_if_not_admin() {
userSession.logIn();
expectedException.expect(ForbiddenException.class);
}
@Test
- public void fail_if_not_admin_of_default_organization() {
+ public void fail_if_not_admin() {
userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES);
expectedException.expect(ForbiddenException.class);
import org.sonar.api.resources.ResourceTypes;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.UserDto;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
@Before
public void setUp() {
user = db.users().insertUser("user-login");
- db.organizations().addMember(db.getDefaultOrganization(), user);
permissionTemplate = db.permissionTemplates().insertTemplate();
}
assertThat(getLoginsInTemplateAndPermission(permissionTemplate, CODEVIEWER)).containsExactly(user.getLogin());
}
- @Test
- public void add_user_to_template_by_name_and_organization() {
- OrganizationDto organizationDto = db.organizations().insert();
- PermissionTemplateDto permissionTemplate = db.permissionTemplates().insertTemplate();
- loginAsAdmin();
-
- newRequest()
- .setParam(PARAM_USER_LOGIN, user.getLogin())
- .setParam(PARAM_PERMISSION, CODEVIEWER)
- .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
- .execute();
-
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate, CODEVIEWER)).containsExactly(user.getLogin());
- }
-
@Test
public void does_not_add_a_user_twice() {
loginAsAdmin();
}
@Test
- public void fail_if_not_admin_of_default_organization() {
+ public void fail_if_not_admin() {
userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES);
expectedException.expect(ForbiddenException.class);
request.setParam(PARAM_USER_LOGIN, userLogin);
}
if (templateKey != null) {
- request.setParam(org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID, templateKey);
+ request.setParam(PARAM_TEMPLATE_ID, templateKey);
}
if (permission != null) {
request.setParam(PARAM_PERMISSION, permission);
.selectUserLoginsByQueryAndTemplate(db.getSession(), permissionQuery, template.getUuid());
}
- private void addUserAsMemberOfOrganization(OrganizationDto organization) {
- db.organizations().addMember(organization, user);
- }
}
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
-import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.permission.DefaultTemplatesResolverRule;
import org.sonar.server.permission.PermissionTemplateService;
import org.sonar.server.permission.ws.BasePermissionWsTest;
@Before
public void setUp() {
user1 = db.users().insertUser();
- db.organizations().addMember(db.getDefaultOrganization(), user1);
user2 = db.users().insertUser();
- db.organizations().addMember(db.getDefaultOrganization(), user2);
group1 = db.users().insertGroup();
group2 = db.users().insertGroup();
import org.sonar.core.util.SequenceUuidFactory;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
@Test
public void bulk_apply_template_by_template_uuid() {
// this project should not be applied the template
- OrganizationDto otherOrganization = db.organizations().insert();
- db.components().insertPrivateProject(otherOrganization);
+ db.components().insertPrivateProject();
ComponentDto privateProject = db.components().insertPrivateProject();
ComponentDto publicProject = db.components().insertPublicProject();
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
@Before
public void setUp() {
user = db.users().insertUser("user-login");
- db.organizations().addMember(db.getDefaultOrganization(), user);
template = db.permissionTemplates().insertTemplate();
addUserToTemplate(user, template, DEFAULT_PERMISSION);
}
@Test
public void keep_other_users_when_one_user_removed() {
UserDto newUser = db.users().insertUser("new-login");
- db.organizations().addMember(db.getDefaultOrganization(), newUser);
addUserToTemplate(newUser, template, DEFAULT_PERMISSION);
loginAsAdmin();
request.setParam(PARAM_USER_LOGIN, userLogin);
}
if (templateKey != null) {
- request.setParam(org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID, templateKey);
+ request.setParam(PARAM_TEMPLATE_ID, templateKey);
}
if (permission != null) {
request.setParam(PARAM_PERMISSION, permission);
private PermissionTemplateDto insertProjectTemplate(String uuid) {
return insertTemplate(newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
.setUuid(uuid)
.setName("Default template for Projects")
.setDescription("Template for new projects")
private PermissionTemplateDto insertPortfoliosTemplate() {
return insertTemplate(newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
.setUuid(UUID_EXAMPLE_02)
.setName("Default template for Portfolios")
.setDescription("Template for new portfolios")
private PermissionTemplateDto insertApplicationsTemplate() {
return insertTemplate(newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
.setUuid(UUID_EXAMPLE_10)
.setName("Default template for Applications")
.setDescription("Template for new applications")
private PermissionTemplateDto insertTemplate() {
PermissionTemplateDto res = dbClient.permissionTemplateDao().insert(db.getSession(), PermissionTemplateTesting.newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
.setUuid("permission-template-uuid"));
db.commit();
return res;
PermissionTemplateDto otherTemplate = db.permissionTemplates().insertTemplate();
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
UserDto user = db.users().insertUser("User-" + i);
- db.organizations().addMember(db.getDefaultOrganization(), user);
db.permissionTemplates().addUserToTemplate(otherTemplate, user, UserRole.USER);
});
String lastLogin = "User-" + (DEFAULT_PAGE_SIZE + 1);
private UserDto insertUser(UserDto userDto) {
db.users().insertUser(userDto);
- db.organizations().addMember(db.getDefaultOrganization(), userDto);
return userDto;
}
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
import static org.sonar.db.permission.OrganizationPermission.SCAN;
+import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ID;
public void setUp() {
when(system.now()).thenReturn(1_440_512_328_743L);
template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto()
- .setOrganizationUuid(db.getDefaultOrganization().getUuid())
.setName("Permission Template Name")
.setDescription("Permission Template Description")
.setKeyPattern(".*\\.pattern\\..*")
private ProjectsWsSupport wsSupport = new ProjectsWsSupport(dbClient, TestDefaultOrganizationProvider.from(dbTester), billingValidations);
private UpdateVisibilityAction underTest = new UpdateVisibilityAction(dbClient, TestComponentFinder.from(dbTester),
- userSessionRule, projectIndexers, wsSupport, new SequenceUuidFactory(), TestDefaultOrganizationProvider.from(dbTester));
+ userSessionRule, projectIndexers, wsSupport, new SequenceUuidFactory());
private WsActionTester ws = new WsActionTester(underTest);
private final Random random = new Random();
private void unsafeInsertProjectPermissionOnUser(ComponentDto component, UserDto user, String permission) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), component.uuid());
- dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto, dbTester.getDefaultOrganization().getUuid());
+ dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto);
dbTester.commit();
}
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.user.index.UserIndexDefinition;
import org.sonar.server.user.index.UserIndexer;
@Rule
public ExpectedException expectedException = ExpectedException.none();
-
@Rule
public DbTester db = DbTester.create(system2);
-
@Rule
public EsTester es = EsTester.create();
-
@Rule
public UserSessionRule userSession = UserSessionRule.standalone();
- private final DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
private final DbClient dbClient = db.getDbClient();
private final UserIndexer userIndexer = new UserIndexer(dbClient, es.client());
private final DbSession dbSession = db.getSession();
- private final WsActionTester ws = new WsActionTester(new DeactivateAction(dbClient, userIndexer, userSession,
- new UserJsonWriter(userSession), defaultOrganizationProvider));
+ private final WsActionTester ws = new WsActionTester(new DeactivateAction(dbClient, userIndexer, userSession, new UserJsonWriter(userSession)));
@Test
public void deactivate_user_and_delete_his_related_data() {
+ createAdminUser();
UserDto user = db.users().insertUser(u -> u
.setLogin("ada.lovelace")
.setEmail("ada.lovelace@noteg.com")
@Test
public void deactivate_user_deletes_his_group_membership() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
GroupDto group1 = db.users().insertGroup();
@Test
public void deactivate_user_deletes_his_tokens() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
db.users().insertToken(user);
@Test
public void deactivate_user_deletes_his_properties() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
ComponentDto project = db.components().insertPrivateProject();
@Test
public void deactivate_user_deletes_his_permissions() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
ComponentDto project = db.components().insertPrivateProject();
@Test
public void deactivate_user_deletes_his_permission_templates() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
PermissionTemplateDto template = db.permissionTemplates().insertTemplate();
@Test
public void deactivate_user_deletes_his_qprofiles_permissions() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
QProfileDto profile = db.qualityProfiles().insert();
@Test
public void deactivate_user_deletes_his_default_assignee_settings() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
ComponentDto project = db.components().insertPrivateProject();
@Test
public void deactivate_user_deletes_his_organization_membership() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
OrganizationDto organization = db.organizations().insert();
@Test
public void deactivate_user_deletes_his_user_settings() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
db.users().insertUserSetting(user);
@Test
public void deactivate_user_deletes_his_alm_pat() {
+ createAdminUser();
logInAsSystemAdministrator();
-
AlmSettingDto almSettingDto = db.almSettings().insertBitbucketAlmSetting();
-
UserDto user = db.users().insertUser();
db.almPats().insert(p -> p.setUserUuid(user.getUuid()), p -> p.setAlmSettingUuid(almSettingDto.getUuid()));
UserDto anotherUser = db.users().insertUser();
@Test
public void deactivate_user_deletes_his_session_tokens() {
+ createAdminUser();
logInAsSystemAdministrator();
UserDto user = db.users().insertUser();
SessionTokenDto sessionToken1 = db.users().insertSessionToken(user);
@Test
public void deactivate_user_deletes_his_dismissed_messages() {
+ createAdminUser();
logInAsSystemAdministrator();
ProjectDto project1 = db.components().insertPrivateProjectDto();
ProjectDto project2 = db.components().insertPrivateProjectDto();
@Test
public void user_cannot_deactivate_itself_on_sonarqube() {
+ createAdminUser();
UserDto user = db.users().insertUser();
userSession.logIn(user.getLogin()).setSystemAdministrator();
@Test
public void deactivation_requires_to_be_logged_in() {
+ createAdminUser();
+
expectedException.expect(UnauthorizedException.class);
expectedException.expectMessage("Authentication is required");
@Test
public void deactivation_requires_administrator_permission_on_sonarqube() {
+ createAdminUser();
userSession.logIn();
expectedException.expect(ForbiddenException.class);
@Test
public void fail_if_user_does_not_exist() {
+ createAdminUser();
logInAsSystemAdministrator();
expectedException.expect(NotFoundException.class);
@Test
public void fail_if_login_is_blank() {
+ createAdminUser();
logInAsSystemAdministrator();
expectedException.expect(IllegalArgumentException.class);
@Test
public void fail_if_login_is_missing() {
+ createAdminUser();
logInAsSystemAdministrator();
expectedException.expect(IllegalArgumentException.class);
@Test
public void administrators_can_be_deactivated_if_there_are_still_other_administrators() {
- UserDto admin = db.users().insertUser();
- UserDto anotherAdmin = db.users().insertUser();
- db.users().insertPermissionOnUser(admin, ADMINISTER);
- db.users().insertPermissionOnUser(anotherAdmin, ADMINISTER);
- db.commit();
+ UserDto admin = createAdminUser();;
+ UserDto anotherAdmin = createAdminUser();
logInAsSystemAdministrator();
deactivate(admin.getLogin());
@Test
public void test_example() {
+ createAdminUser();
UserDto user = db.users().insertUser(u -> u
.setLogin("ada.lovelace")
.setEmail("ada.lovelace@noteg.com")
assertThat(user.get().getScmAccountsAsList()).isEmpty();
}
+ private UserDto createAdminUser() {
+ UserDto admin = db.users().insertUser();
+ db.users().insertPermissionOnUser(admin, ADMINISTER);
+ db.commit();
+ return admin;
+ }
+
}
insertDefaultGroup();
GroupDto group = db.users().insertGroup();
PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(),
- PermissionTemplateTesting.newPermissionTemplateDto().setOrganizationUuid(db.getDefaultOrganization().getUuid()));
+ PermissionTemplateTesting.newPermissionTemplateDto());
db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), template.getUuid(), group.getUuid(), "perm");
db.commit();
loginAsAdmin();
public static final String CONTROLLER = "api/permissions";
public static final String PARAM_PERMISSION = "permission";
- public static final String PARAM_ORGANIZATION = "organization";
public static final String PARAM_GROUP_NAME = "groupName";
public static final String PARAM_GROUP_ID = "groupId";
public static final String PARAM_PROJECT_ID = "projectId";