Add comment on query to keep authorized users for a project and a role

Anyone permission cannot be taking into by this method

diff --git a/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java b/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java
index 446f810af85d89a43acf907fa2f02ca5efb4e880..41774598a70b83e895bfa94cacfcca12fa557dc2 100644 (file)
--- a/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java
@@ -60,6 +60,10 @@ public class AuthorizationDao implements Dao {
     });
   }
 
+  /**
+   * Keep only authorized user that have the given permission on a given project.
+   * Please Note that if the permission is 'Anyone' is NOT taking into account by thie method.
+   */
   public Collection<Long> keepAuthorizedUsersForRoleAndProject(final DbSession session, final Collection<Long> userIds, final String role, final long projectId) {
     return DatabaseUtils.executeLargeInputs(userIds, new SelectUsersByPermissionAndProject(session.getMapper(AuthorizationMapper.class), role, projectId));
   }

diff --git a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
index 328eb7c58dc377826a036ae53d55263026400c2d..ed1a5747d14071f79250a0b12f9e93485afcd3a1 100644 (file)
--- a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
@@ -313,12 +313,12 @@ public class AuthorizationDaoTest {
   }
 
   @Test
-  public void keep_authorized_users_for_role_and_project_for_anonymous() {
+  public void keep_authorized_users_returns_empty_list_for_role_and_project_for_anonymous() {
     dbTester.prepareDbUnit(getClass(), "keep_authorized_users_for_role_and_project_for_anonymous.xml");
 
     assertThat(authorization.keepAuthorizedUsersForRoleAndProject(dbTester.getSession(),
       // Only 100 and 101 has 'user' role on project
-      newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).containsOnly(100L, 101L);
+      newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).isEmpty();
   }
 
 }

diff --git a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml
deleted file mode 100644 (file)
index 4de4f32..0000000
--- a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml
+++ /dev/null
@@ -1,18 +0,0 @@
-<dataset>
-
-  <!-- users 100 and 101 have no direct grant access, but are in the group 200 that has the role "user" on the project 300  -->
-  <user_roles id="1" user_id="100" resource_id="999" role="user"/>
-  <user_roles id="2" user_id="101" resource_id="999" role="user"/>
-  <user_roles id="3" user_id="102" resource_id="999" role="user"/>
-
-  <groups_users user_id="100" group_id="200"/>
-  <groups_users user_id="101" group_id="200"/>
-  <groups_users user_id="102" group_id="201"/>
-
-  <group_roles id="1" group_id="[null]" resource_id="300" role="user"/>
-  <group_roles id="2" group_id="201" resource_id="400" role="user"/>
-
-  <projects id="300" kee="pj-w-snapshot" uuid="DEFG" module_uuid="[null]"/>
-  <projects id="400" kee="pj-wo-snapshot" uuid="EFGH" module_uuid="[null]"/>
-
-</dataset>

diff --git a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml
index 491e1f8405d850387cbc6fdafa24dc87768d624a..4de4f328925ef88ebc83e54c1b4dccb1e92585b8 100644 (file)
--- a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml
+++ b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml
@@ -1,26 +1,18 @@
 <dataset>
 
-  <!-- Users 100 and 101 are 'user' on project 300 -->
-  <user_roles id="1" user_id="100" resource_id="300" role="user"/>
-  <user_roles id="2" user_id="101" resource_id="300" role="user"/>
-  <user_roles id="3" user_id="102" resource_id="300" role="admin"/>
-  <!-- User 100 is 'user' on project 400 -->
-  <user_roles id="4" user_id="100" resource_id="400" role="user"/>
+  <!-- users 100 and 101 have no direct grant access, but are in the group 200 that has the role "user" on the project 300  -->
+  <user_roles id="1" user_id="100" resource_id="999" role="user"/>
+  <user_roles id="2" user_id="101" resource_id="999" role="user"/>
+  <user_roles id="3" user_id="102" resource_id="999" role="user"/>
 
   <groups_users user_id="100" group_id="200"/>
-  <group_roles id="1" group_id="200" resource_id="400" role="user"/>
+  <groups_users user_id="101" group_id="200"/>
+  <groups_users user_id="102" group_id="201"/>
+
+  <group_roles id="1" group_id="[null]" resource_id="300" role="user"/>
+  <group_roles id="2" group_id="201" resource_id="400" role="user"/>
 
   <projects id="300" kee="pj-w-snapshot" uuid="DEFG" module_uuid="[null]"/>
   <projects id="400" kee="pj-wo-snapshot" uuid="EFGH" module_uuid="[null]"/>
 
-
-  <!-- user 100 has no direct grant access, but is in the group 200 that has the role "user"
-    on the project 300  -->
-  <!--<user_roles id="1" user_id="100" resource_id="999" role="user"/>-->
-
-  <!--<groups_users user_id="100" group_id="200"/>-->
-
-  <!--<group_roles id="1" group_id="200" resource_id="300" role="user"/>-->
-  <!--<group_roles id="2" group_id="200" resource_id="400" role="user"/>-->
-
 </dataset>