*/
public class DatabaseVersion implements BatchComponent, ServerComponent {
- public static final int LAST_VERSION = 417;
+ public static final int LAST_VERSION = 418;
public static enum Status {
UP_TO_DATE, REQUIRES_UPGRADE, REQUIRES_DOWNGRADE, FRESH_INSTALL
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 1);
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 2);
--- see migration 320
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (1, 'sonar.role.admin.TRK.defaultGroups', NULL, 'sonar-administrators', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (2, 'sonar.role.user.TRK.defaultGroups', NULL, 'Anyone,sonar-users', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (3, 'sonar.role.codeviewer.TRK.defaultGroups', NULL, 'Anyone,sonar-users', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (4, 'sonar.role.admin.VW.defaultGroups', NULL, 'sonar-administrators', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (5, 'sonar.role.user.VW.defaultGroups', NULL, 'Anyone,sonar-users', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (6, 'sonar.role.codeviewer.VW.defaultGroups', NULL, 'Anyone,sonar-users', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (7, 'sonar.role.admin.SVW.defaultGroups', NULL, 'sonar-administrators', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (8, 'sonar.role.user.SVW.defaultGroups', NULL, 'Anyone,sonar-users', NULL);
-INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (9, 'sonar.role.codeviewer.SVW.defaultGroups', NULL, 'Anyone,sonar-users', NULL);
-ALTER TABLE PROPERTIES ALTER COLUMN ID RESTART WITH 10;
+-- Default permissions - Replaces the previous role-based properties such as 'sonar.role.admin.TRK.defaultGroups' (see migration 418)
+INSERT INTO PERMISSION_TEMPLATES(ID, name, description) VALUES (1, 'Default template', 'This permission template will be used as default when no other permission configuration is available');
+ALTER TABLE PERMISSION_TEMPLATES ALTER COLUMN ID RESTART WITH 2;
+
+INSERT INTO PERM_TEMPLATES_GROUPS(ID, template_id, group_id, permission_reference) VALUES (1, 1, 1, 'admin');
+INSERT INTO PERM_TEMPLATES_GROUPS(ID, template_id, group_id, permission_reference) VALUES (2, 1, 1, 'user');
+INSERT INTO PERM_TEMPLATES_GROUPS(ID, template_id, group_id, permission_reference) VALUES (3, 1, NULL, 'user');
+INSERT INTO PERM_TEMPLATES_GROUPS(ID, template_id, group_id, permission_reference) VALUES (4, 1, 1, 'codeviewer');
+INSERT INTO PERM_TEMPLATES_GROUPS(ID, template_id, group_id, permission_reference) VALUES (5, 1, NULL, 'codeviewer');
+ALTER TABLE PERM_TEMPLATES_GROUPS ALTER COLUMN ID RESTART WITH 6;
+
+INSERT INTO PROPERTIES(ID, prop_key, resource_id, text_value, user_id) VALUES (1, 'sonar.permission.template.default', NULL, '1', NULL);
+ALTER TABLE PROPERTIES ALTER COLUMN ID RESTART WITH 2;
+-- Default permissions end
+
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('1');
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('2');
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('415');
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('416');
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('417');
+INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('418');
INSERT INTO USERS(ID, LOGIN, NAME, EMAIL, CRYPTED_PASSWORD, SALT, CREATED_AT, UPDATED_AT, REMEMBER_TOKEN, REMEMBER_TOKEN_EXPIRES_AT) VALUES (1, 'admin', 'Administrator', '', 'a373a0e667abb2604c1fd571eb4ad47fe8cc0878', '48bc4b0d93179b5103fd3885ea9119498e9d161b', '2011-09-26 22:27:48.0', '2011-09-26 22:27:48.0', null, null);
ALTER TABLE USERS ALTER COLUMN ID RESTART WITH 2;
def index
templates_names = Internal.permission_templates.selectAllPermissionTemplates.collect {|t| t.name}
@permission_templates = []
- @default_templates_list = []
+ @permission_templates_options = []
templates_names.each do |template_name|
permission_template = Internal.permission_templates.selectPermissionTemplate(template_name)
@permission_templates << permission_template
- @default_templates_list << [permission_template.name, permission_template.id]
+ @permission_templates_options << [permission_template.name, permission_template.id]
end
@root_qualifiers = get_root_qualifiers
+
+ @default_templates = {}
+ @root_qualifiers.each do |qualifier|
+ default_template_property = Property.by_key("sonar.permission.template.#{qualifier}.default")
+ @default_templates[qualifier] = default_template_property.text_value unless default_template_property.nil?
+ end
end
def edit_users
def set_default_template
verify_post_request
get_root_qualifiers.each do |qualifier|
- Property.set("sonar.permission.template.default.#{qualifier}", params["default_template_#{qualifier}"])
+ Property.set("sonar.permission.template.#{qualifier}.default", params["default_template_#{qualifier}"])
end
redirect_to :action => 'index'
end
<% @root_qualifiers.each do |qualifier| %>
<%= label_tag("default_template_#{qualifier}", "Default permission template for #{message('qualifier.' + qualifier)}:") %>
- <%= select_tag("default_template_#{qualifier}", options_for_select(@default_templates_list, -1)) %>
+ <%= select_tag("default_template_#{qualifier}", options_for_select(@permission_templates_options, @default_templates[qualifier] ? @default_templates[qualifier].to_i : -1)) %>
<% end %>
<br/>
<br/>
<td valign="top">
<%
users=Api::Utils.insensitive_sort(permission_template.getUsersForPermission('admin').collect {|u| u.userName})
- groups=Api::Utils.insensitive_sort(permission_template.getGroupsForPermission('admin').collect {|g| g.groupName})
+ groups=Api::Utils.insensitive_sort(permission_template.getGroupsForPermission('admin').collect {|g| g.groupName.blank? ? 'Anyone' : g.groupName})
%>
<span id="u-admin-<%= u permission_template.name -%>"><%= users.join(', ') %></span>
(<%= link_to message('select users'), {:action => :edit_users, :name => permission_template.name, :permission => 'admin'},
<td valign="top">
<%
users=Api::Utils.insensitive_sort(permission_template.getUsersForPermission('user').collect {|u| u.userName})
- groups=Api::Utils.insensitive_sort(permission_template.getGroupsForPermission('user').collect {|g| g.groupName})
+ groups=Api::Utils.insensitive_sort(permission_template.getGroupsForPermission('user').collect {|g| g.groupName.blank? ? 'Anyone' : g.groupName})
%>
<span id="u-user-<%= u permission_template.name -%>"><%= users.join(', ') %></span>
(<%= link_to message('select users'), {:action => :edit_users, :name => permission_template.name, :permission => 'user'},
<td valign="top">
<%
users=Api::Utils.insensitive_sort(permission_template.getUsersForPermission('codeviewer').collect {|u| u.userName})
- groups=Api::Utils.insensitive_sort(permission_template.getGroupsForPermission('codeviewer').collect {|g| g.groupName})
+ groups=Api::Utils.insensitive_sort(permission_template.getGroupsForPermission('codeviewer').collect {|g| g.groupName.blank? ? 'Anyone' : g.groupName})
%>
<span id="u-codeviewer-<%= u permission_template.name -%>"><%= users.join(', ') %></span>
(<%= link_to message('select users'), {:action => :edit_users, :name => permission_template.name, :permission => 'codeviewer'},
--- /dev/null
+#
+# SonarQube, open source software quality management tool.
+# Copyright (C) 2008-2013 SonarSource
+# mailto:contact AT sonarsource DOT com
+#
+# SonarQube is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 3 of the License, or (at your option) any later version.
+#
+# SonarQube is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+
+#
+# @since SonarQube 3.7
+#
+class MigrateDefaultPermissions < ActiveRecord::Migration
+
+ ROOT_QUALIFIERS = {:TRK => 'Projects', :VW => 'Views', :SVW => 'Subviews', :DEV => 'Developers'}
+
+ class Group < ActiveRecord::Base
+ end
+
+ class GroupRole < ActiveRecord::Base
+ end
+
+ class User < ActiveRecord::Base
+ end
+
+ class UserRole < ActiveRecord::Base
+ end
+
+ class Property < ActiveRecord::Base
+ set_table_name 'properties'
+ end
+
+ class PermissionTemplate < ActiveRecord::Base
+ end
+
+ class PermissionTemplateUser < ActiveRecord::Base
+ set_table_name 'perm_templates_users'
+ end
+
+ class PermissionTemplateGroup < ActiveRecord::Base
+ set_table_name 'perm_templates_groups'
+ end
+
+ def self.up
+ Group.reset_column_information
+ GroupRole.reset_column_information
+ User.reset_column_information
+ UserRole.reset_column_information
+ Property.reset_column_information
+ PermissionTemplate.reset_column_information
+ PermissionTemplateUser.reset_column_information
+ PermissionTemplateGroup.reset_column_information
+
+ create_default_permission_template
+
+ migrate_existing_default_permissions
+
+ end
+
+ private
+
+ def self.create_default_permission_template
+
+ default_template = PermissionTemplate.create(
+ :name => 'Default template',
+ :description => 'This permission template will be used as default when no other permission configuration is available')
+ puts('default template created')
+
+ sonar_admins_group = Group.find_by_name('sonar-administrators')
+ sonar_users_group = Group.find_by_name('sonar-users')
+
+ # sonar-administrators default permissions
+ if sonar_admins_group
+ PermissionTemplateGroup.create(:group_id => sonar_admins_group.id, :permission_reference => 'admin', :template_id => default_template.id)
+ puts('admin template group created')
+ end
+
+ # sonar-users default permissions
+ if sonar_users_group
+ PermissionTemplateGroup.create(:group_id => sonar_users_group.id, :permission_reference => 'user', :template_id => default_template.id)
+ PermissionTemplateGroup.create(:group_id => sonar_users_group.id, :permission_reference => 'codeviewer', :template_id => default_template.id)
+ puts('users template group created')
+ end
+
+ # Anyone group default permissions
+ PermissionTemplateGroup.create(:group_id => nil, :permission_reference => 'user', :template_id => default_template.id)
+ PermissionTemplateGroup.create(:group_id => nil, :permission_reference => 'codeviewer', :template_id => default_template.id)
+
+ default_template_key = 'sonar.permission.template.default'
+ default_template_value = default_template.id.to_s
+
+ Property.create(:prop_key => default_template_key, :text_value => default_template_value)
+
+ end
+
+ def self.migrate_existing_default_permissions
+
+ ROOT_QUALIFIERS.keys.each do |qualifier|
+ existing_properties = []
+ existing_properties << Property.find_by_prop_key("sonar.role.admin.#{qualifier}.defaultGroups")
+ existing_properties << Property.find_by_prop_key("sonar.role.user.#{qualifier}.defaultGroups")
+ existing_properties << Property.find_by_prop_key("sonar.role.codeviewer.#{qualifier}.defaultGroups")
+ existing_properties << Property.find_by_prop_key("sonar.role.admin.#{qualifier}.defaultUsers")
+ existing_properties << Property.find_by_prop_key("sonar.role.user.#{qualifier}.defaultUsers")
+ existing_properties << Property.find_by_prop_key("sonar.role.codeviewer.#{qualifier}.defaultUsers")
+
+ existing_properties.reject! {|prop| prop.nil?}
+
+ if existing_properties.length > 0
+ migrate_existing_permissions(qualifier, existing_properties)
+ end
+
+ delete_existing_default_permissions(existing_properties)
+ end
+
+ end
+
+ def self.migrate_existing_permissions(qualifier, properties)
+
+ unless properties.empty?
+
+ qualifier_template = PermissionTemplate.create(
+ :name => "Default template for #{ROOT_QUALIFIERS[qualifier]}",
+ :description => "This template has been automatically created using the previously configured default permissions for #{ROOT_QUALIFIERS[qualifier]}")
+
+ properties.each do |property|
+ key_fields = property.prop_key.split('.')
+ value_fields = property.text_value.split(',')
+ role = key_fields[2]
+ if 'defaultGroups'.eql?(key_fields[4])
+ value_fields.each do |group_name|
+ group_id = 'Anyone'.eql?(group_name) ? nil : Group.find_by_name(group_name).id
+ PermissionTemplateGroup.create(:group_id => group_id, :permission_reference => role, :template_id => qualifier_template.id)
+ end
+ else
+ value_fields.each do |user_name|
+ user = User.find_by_name(user_name)
+ PermissionTemplateUser.create(:user_id => user.id, :permission_reference => role, :template_id => qualifier_template.id)
+ end
+ end
+ end
+
+ Property.create(:prop_key => "sonar.permission.template.#{qualifier}.default", :text_value => qualifier_template.id)
+
+ end
+
+ end
+
+ def self.delete_existing_default_permissions(properties)
+ properties.each do |property|
+ Property.delete(property.id) unless property.nil?
+ end
+ end
+
+end
+ sonar-core/src/main/resources/org/sonar/core/persistence/schema-h2.ddl
+ sonar-core/src/main/resources/org/sonar/core/persistence/rows-h2.sql :
- add "INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('<THE MIGRATION ID>')"
-* Update the migration id defined in the Java class org.sonar.core.persistence.DatabaseTest
-* If a table is added or removed, then update the list org.sonar.core.persistence.DatabaseTest#TABLES
-
+* Update the migration id defined in sonar-core/src/main/java/org/sonar/core/persistence/DatabaseVersion.java
+* If a table is added or removed, then edit sonar-core/src/main/java/org/sonar/core/persistence/DatabaseUtils.java
RECOMMENDATIONS
projects / sonarqube.git / commitdiff