SONAR-9105 add GroupPermissionDao#deleteByRootComponentIdAndPermission

diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java
index 97e779624999e2e82504c839d2c5510e33605728..cccf5a4d7179ccf453449fd12b88ded10d8425dd 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java
@@ -146,6 +146,13 @@ public class GroupPermissionDao implements Dao {
     return mapper(dbSession).deleteByRootComponentIdAndGroupId(rootComponentId, groupId);
   }
 
+  /**
+   * Delete the specified permission for the specified component for any group (including group AnyOne).
+   */
+  public int deleteByRootComponentIdAndPermission(DbSession dbSession, long rootComponentId, String permission) {
+    return mapper(dbSession).deleteByRootComponentIdAndPermission(rootComponentId, permission);
+  }
+
   /**
    * Delete a single permission. It can be:
    * <ul>

diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java
index 00e58e1ab2045cb0d3be43d4319fe4b553f48c17..05439bd61e8b1e4c9d47f72a67546f01b939655b 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java
@@ -56,4 +56,6 @@ public interface GroupPermissionMapper {
   void deleteByRootComponentId(@Param("rootComponentId") long componentId);
 
   int deleteByRootComponentIdAndGroupId(@Param("rootComponentId") long rootComponentId, @Nullable @Param("groupId") Integer groupId);
+
+  int deleteByRootComponentIdAndPermission(@Param("rootComponentId") long rootComponentId, @Param("permission") String permission);
 }

diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml
index ccd42f9360c906190416ee85b89c0eb5e8870c05..735a7fb5617616daff7dba6641f37f45b92ae2ac 100644 (file)
--- a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml
+++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml
@@ -196,6 +196,14 @@
       </choose>
   </delete>
 
+  <delete id="deleteByRootComponentIdAndPermission">
+    delete from
+      group_roles
+    where
+      resource_id=#{rootComponentId,jdbcType=BIGINT}
+      and role=#{permission,jdbcType=VARCHAR}
+  </delete>
+
   <delete id="delete" parameterType="map">
     delete from group_roles
     where

diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java
index c2d43e87cc404d710c097d731443ded460fa0c93..29dac03f9898e13785f1630860ce6eb2c0698099 100644 (file)
--- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java
@@ -20,15 +20,18 @@
 package org.sonar.db.permission;
 
 import java.util.ArrayList;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Random;
 import java.util.stream.IntStream;
+import java.util.stream.Stream;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
+import org.sonar.core.util.stream.MoreCollectors;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDto;
@@ -823,6 +826,109 @@ public class GroupPermissionDaoTest {
       .containsOnly("p3");
   }
 
+  @Test
+  public void deleteByRootComponentIdAndPermission_deletes_all_rows_for_specified_role_of_specified_component() {
+    OrganizationDto organization = db.organizations().insert();
+    ComponentDto project = db.components().insertPublicProject(organization);
+    GroupDto group = db.users().insertGroup(organization);
+    Stream.of("p1", "p2").forEach(permission -> {
+      db.users().insertPermissionOnAnyone(organization, permission);
+      db.users().insertPermissionOnGroup(group, permission);
+      db.users().insertProjectPermissionOnGroup(group, permission, project);
+      db.users().insertProjectPermissionOnAnyone(permission, project);
+    });
+    assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1", "p2");
+    assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2");
+    assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1", "p2");
+    assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1", "p2");
+
+    int deletedRows = underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p1");
+
+    assertThat(deletedRows).isEqualTo(2);
+    assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1", "p2");
+    assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2");
+    assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p2");
+    assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p2");
+
+    deletedRows = underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p2");
+
+    assertThat(deletedRows).isEqualTo(2);
+    assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1", "p2");
+    assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2");
+    assertThat(getProjectPermissionsForAnyOne(project)).isEmpty();
+    assertThat(getProjectPermissionsForGroup(project, group)).isEmpty();
+  }
+
+  @Test
+  public void deleteByRootComponentIdAndPermission_has_no_effect_if_component_has_no_group_permission_at_all() {
+    OrganizationDto organization = db.organizations().insert();
+    GroupDto group = db.users().insertGroup(organization);
+    ComponentDto project = randomPublicOrPrivateProject(organization);
+    db.users().insertPermissionOnAnyone(organization, "p1");
+    db.users().insertPermissionOnGroup(group, "p1");
+
+    assertThat(underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p1")).isEqualTo(0);
+
+    assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1");
+    assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1");
+    assertThat(getProjectPermissionsForAnyOne(project)).isEmpty();
+    assertThat(getProjectPermissionsForGroup(project, group)).isEmpty();
+  }
+
+  @Test
+  public void deleteByRootComponentIdAndPermission_has_no_effect_if_component_does_not_exist() {
+    OrganizationDto organization = db.organizations().insert();
+    ComponentDto project = randomPublicOrPrivateProject(organization);
+    GroupDto group = db.users().insertGroup(organization);
+    db.users().insertPermissionOnAnyone(organization, "p1");
+    db.users().insertPermissionOnGroup(group, "p1");
+    db.users().insertProjectPermissionOnGroup(group, "p1", project);
+    db.users().insertProjectPermissionOnAnyone("p1", project);
+
+    assertThat(underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p2")).isEqualTo(0);
+
+    assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1");
+    assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1");
+    assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1");
+    assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1");
+  }
+
+  @Test
+  public void deleteByRootComponentIdAndPermission_has_no_effect_if_component_does_not_have_specified_permission() {
+    OrganizationDto organization = db.organizations().insert();
+    GroupDto group = db.users().insertGroup(organization);
+    ComponentDto project = randomPublicOrPrivateProject(organization);
+    db.users().insertPermissionOnAnyone(organization, "p1");
+    db.users().insertPermissionOnGroup(group, "p1");
+
+    assertThat(underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p1")).isEqualTo(0);
+  }
+
+  private Collection<String> getGlobalPermissionsForAnyone(OrganizationDto organization) {
+    return getPermissions("organization_uuid = '" + organization.getUuid() + "' and group_id is null and resource_id is null");
+  }
+
+  private Collection<String> getGlobalPermissionsForGroup(GroupDto groupDto) {
+    return getPermissions("organization_uuid = '" + groupDto.getOrganizationUuid() + "' and group_id = " + groupDto.getId() + " and resource_id is null");
+  }
+
+  private Collection<String> getProjectPermissionsForAnyOne(ComponentDto project) {
+    return getPermissions("organization_uuid = '" + project.getOrganizationUuid() + "' and group_id is null and resource_id = " + project.getId());
+  }
+
+  private Collection<String> getProjectPermissionsForGroup(ComponentDto project, GroupDto group) {
+    return getPermissions("organization_uuid = '" + project.getOrganizationUuid() + "' and group_id = " + group.getId() + " and resource_id = " + project.getId());
+  }
+
+  private Collection<String> getPermissions(String whereClauses) {
+    return db
+      .select(dbSession, "select role from group_roles where " + whereClauses)
+      .stream()
+      .flatMap(map -> map.entrySet().stream())
+      .map(entry -> (String) entry.getValue())
+      .collect(MoreCollectors.toList());
+  }
+
   private ComponentDto randomPublicOrPrivateProject(OrganizationDto organization) {
     return new Random().nextBoolean() ? db.components().insertPublicProject(organization) : db.components().insertPrivateProject(organization);
   }