protected void endString(StringBuilder sb) {
int length = sb.length();
- if(sb.length() > 1) {
+ if (sb.length() > 1) {
sb.delete(length - 2, length - 1);
}
sb.append("}");
}
private static void addQuote(StringBuilder sb, boolean isString) {
- if(isString) {
+ if (isString) {
sb.append("\"");
}
}
- protected String getQualifier(@Nullable String qualifier) {
+ protected static String getQualifier(@Nullable String qualifier) {
if (qualifier == null) {
return null;
}
public String getQualifier() {
return this.qualifier;
}
-
}
public String toString() {
StringBuilder sb = new StringBuilder("{");
addField(sb, "\"userUuid\": ", this.userUuid, true);
- addField(sb, "\"login\": ", this.login, true);
+ addField(sb, "\"userLogin\": ", this.login, true);
addField(sb, "\"name\": ", this.name, true);
addField(sb, "\"email\": ", this.email, true);
addField(sb, "\"isActive\": ", ObjectUtils.toString(this.isActive), false);
import javax.annotation.Nullable;
import org.sonar.db.permission.UserPermissionDto;
+import org.sonar.db.user.UserId;
public class UserPermissionNewValue extends PermissionNewValue {
@Nullable
- private String userUuid;
-
+ private final String userUuid;
@Nullable
- private String userLogin;
+ private final String userLogin;
- public UserPermissionNewValue(UserPermissionDto permissionDto, @Nullable String projectName, @Nullable String userLogin, String qualifier) {
+ public UserPermissionNewValue(UserPermissionDto permissionDto, @Nullable String projectName, @Nullable UserId userId, String qualifier) {
super(permissionDto.getUuid(), permissionDto.getComponentUuid(), projectName, permissionDto.getPermission(), qualifier);
- this.userUuid = permissionDto.getUserUuid();
- this.userLogin = userLogin;
+ this.userUuid = userId != null ? userId.getUuid() : null;
+ this.userLogin = userId != null ? userId.getLogin() : null;
}
- public UserPermissionNewValue(String userUuid, String qualifier) {
- this(null, null, null, userUuid, null, qualifier);
+ public UserPermissionNewValue(UserId userId, String qualifier) {
+ this(null, null, null, userId, qualifier);
}
- public UserPermissionNewValue(String role, String projectUuid, String projectName, String userUuid, String userLogin, String qualifier) {
+ public UserPermissionNewValue(String role, String projectUuid, String projectName, UserId userId, String qualifier) {
super(null, projectUuid, projectName, role, qualifier);
- this.userUuid = userUuid;
- this.userLogin = userLogin;
+ this.userUuid = userId != null ? userId.getUuid() : null;
+ this.userLogin = userId != null ? userId.getLogin() : null;
}
@Nullable
import org.sonar.db.audit.AuditPersister;
import org.sonar.db.audit.model.UserPermissionNewValue;
import org.sonar.db.component.ComponentDto;
+import org.sonar.db.user.UserId;
+import org.sonar.db.user.UserIdDto;
import static com.google.common.base.Preconditions.checkArgument;
import static java.util.Collections.emptyList;
return mapper(dbSession).selectProjectPermissionsOfUser(userUuid, projectUuid);
}
- public Set<String> selectUserUuidsWithPermissionOnProjectBut(DbSession session, String projectUuid, String permission) {
- return mapper(session).selectUserUuidsWithPermissionOnProjectBut(projectUuid, permission);
+ public Set<UserIdDto> selectUserIdsWithPermissionOnProjectBut(DbSession session, String projectUuid, String permission) {
+ return mapper(session).selectUserIdsWithPermissionOnProjectBut(projectUuid, permission);
}
- public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable String userLogin, @Nullable ComponentDto componentDto) {
+ public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable ComponentDto componentDto, @Nullable UserId userId) {
mapper(dbSession).insert(dto);
if (auditPersister != null) {
String componentName = (componentDto != null) ? componentDto.name() : null;
String qualifier = (componentDto != null) ? componentDto.qualifier() : null;
- auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, componentName, userLogin, qualifier));
+ auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, componentName, userId, qualifier));
}
}
/**
* Removes a single global permission from user
*/
- public void deleteGlobalPermission(DbSession dbSession, String userUuid, String userLogin, String permission) {
- int deletedRows = mapper(dbSession).deleteGlobalPermission(userUuid, permission);
+ public void deleteGlobalPermission(DbSession dbSession, UserId user, String permission) {
+ int deletedRows = mapper(dbSession).deleteGlobalPermission(user.getUuid(), permission);
if (deletedRows > 0 && auditPersister != null) {
- auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, null, null, userUuid, userLogin, null));
+ auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, null, null, user, null));
}
}
/**
* Removes a single project permission from user
*/
- public void deleteProjectPermission(DbSession dbSession, String userUuid, String userLogin, String permission, ComponentDto component) {
- int deletedRows = mapper(dbSession).deleteProjectPermission(userUuid, permission, component.uuid());
+ public void deleteProjectPermission(DbSession dbSession, UserId user, String permission, ComponentDto component) {
+ int deletedRows = mapper(dbSession).deleteProjectPermission(user.getUuid(), permission, component.uuid());
if (deletedRows > 0 && auditPersister != null) {
- auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, component.uuid(),
- component.name(), userUuid, userLogin, component.qualifier()));
+ auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, component.uuid(), component.name(), user, component.qualifier()));
}
}
int deletedRows = mapper(dbSession).deleteProjectPermissions(component.uuid());
if (deletedRows > 0 && auditPersister != null) {
- auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(null,
- component.uuid(), component.name(), null, null, component.qualifier()));
+ auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(null, component.uuid(), component.name(), null, component.qualifier()));
}
}
int deletedRows = mapper(dbSession).deleteProjectPermissionOfAnyUser(project.uuid(), permission);
if (deletedRows > 0 && auditPersister != null) {
- auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, project.uuid(),
- project.name(), null, null, project.qualifier()));
+ auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, project.uuid(), project.name(), null, project.qualifier()));
}
return deletedRows;
}
- public void deleteByUserUuid(DbSession dbSession, String userUuid) {
- int deletedRows = mapper(dbSession).deleteByUserUuid(userUuid);
+ public void deleteByUserUuid(DbSession dbSession, UserId userId) {
+ int deletedRows = mapper(dbSession).deleteByUserUuid(userId.getUuid());
if (deletedRows > 0 && auditPersister != null) {
- auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(userUuid, null));
+ auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(userId, null));
}
}
import java.util.List;
import java.util.Set;
import org.apache.ibatis.annotations.Param;
+import org.sonar.db.user.UserIdDto;
public interface UserPermissionMapper {
/**
* select id of users with at least one permission on the specified project but which do not have the specified permission.
*/
- Set<String> selectUserUuidsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("permission") String permission);
+ Set<UserIdDto> selectUserIdsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("permission") String permission);
void insert(@Param("dto")UserPermissionDto dto);
/**
* @since 3.2
*/
-public class UserDto {
+public class UserDto implements UserId {
public static final char SCM_ACCOUNTS_SEPARATOR = '\n';
/** Technical unique identifier, can't be null */
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2021 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.user;
+
+public interface UserId {
+ String getUuid();
+ String getLogin();
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2021 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.user;
+
+import static java.util.Objects.requireNonNull;
+
+public class UserIdDto implements UserId {
+ private String uuid;
+ private String login;
+
+ public UserIdDto(String uuid, String login) {
+ this.uuid = uuid;
+ this.login = requireNonNull(login);
+ }
+
+ public UserIdDto setUuid(String uuid) {
+ this.uuid = uuid;
+ return this;
+ }
+
+ public UserIdDto setLogin(String login) {
+ this.login = login;
+ return this;
+ }
+
+ public String getUuid() {
+ return uuid;
+ }
+
+ public String getLogin() {
+ return login;
+ }
+
+ public static UserIdDto from(UserDto dto) {
+ return new UserIdDto(dto.getUuid(), dto.getLogin());
+ }
+}
group by ur.component_uuid, ur.role
</select>
- <select id="selectUserUuidsWithPermissionOnProjectBut" resultType="String">
+ <select id="selectUserIdsWithPermissionOnProjectBut" resultType="org.sonar.db.user.UserIdDto">
select
- distinct ur1.user_uuid
+ distinct ur1.user_uuid, u.login
from
- user_roles ur1
+ user_roles ur1 inner join users u on ur1.user_uuid = u.uuid
where
ur1.component_uuid = #{projectUuid,jdbcType=VARCHAR}
and role <> #{permission,jdbcType=VARCHAR}
*/
package org.sonar.db.permission;
+import javax.annotation.Nullable;
+import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.mockito.ArgumentCaptor;
+import org.mockito.Mockito;
import org.sonar.api.utils.System2;
+import org.sonar.core.util.SequenceUuidFactory;
import org.sonar.core.util.Uuids;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.reset;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyNoInteractions;
import static org.mockito.Mockito.verifyNoMoreInteractions;
@Rule
public DbTester db = DbTester.create(System2.INSTANCE, auditPersister);
+ public final SequenceUuidFactory uuidFactory = new SequenceUuidFactory();
private final ArgumentCaptor<GroupPermissionNewValue> newValueCaptor = ArgumentCaptor.forClass(GroupPermissionNewValue.class);
private final DbSession dbSession = db.getSession();
private final GroupPermissionDao underTest = db.getDbClient().groupPermissionDao();
+ private GroupDto group;
+ private ComponentDto project;
+ private GroupPermissionDto dto;
+
@Test
public void groupGlobalPermissionInsertAndDeleteArePersisted() {
- GroupDto group = db.users().insertGroup();
- GroupPermissionDto dto = new GroupPermissionDto()
- .setUuid(Uuids.createFast())
- .setGroupUuid(group.getUuid())
- .setGroupName(group.getName())
- .setRole(ADMIN);
- underTest.insert(dbSession, dto, null);
+ addGroupPermissionWithoutComponent();
verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture());
GroupPermissionNewValue newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid,
- GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier)
- .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), null, dto.getRole(), null, null);
- assertThat(newValue.toString()).doesNotContain("projectUuid");
+ assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), null, dto.getRole(), null, null);
+ assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"role\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\" }");
underTest.delete(dbSession, ADMIN, group.getUuid(), group.getName(), null, null);
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture());
newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid,
- GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName)
- .containsExactly(null, group.getUuid(), group.getName(), null, ADMIN, null);
- assertThat(newValue.toString()).doesNotContain("permissionUuid");
+ assertNewValue(newValue, null, group.getUuid(), group.getName(), null, ADMIN, null, null);
+ assertThat(newValue).hasToString("{\"role\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\" }");
}
@Test
@Test
public void groupProjectPermissionDeleteByComponentIsPersisted() {
- GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPrivateProject();
- GroupPermissionDto dto = getGroupPermission(group, project);
- underTest.insert(dbSession, dto, project);
+ addGroupPermission();
verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture());
GroupPermissionNewValue newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid,
- GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier)
- .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name(), "project");
- assertThat(newValue.toString()).contains("componentUuid");
+ assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name(), "project");
+ assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"role\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\", \"componentUuid\": \"cuuid\", "
+ + "\"componentName\": \"cname\", \"qualifier\": \"project\" }");
underTest.deleteByRootComponentUuid(dbSession, project);
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture());
newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid,
- GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName)
- .containsExactly(null, null, null, project.uuid(), null, project.name());
- assertThat(newValue.toString()).doesNotContain("permissionUuid");
+ assertNewValue(newValue, null, null, null, project.uuid(), null, project.name(), "project");
+ assertThat(newValue).hasToString("{\"componentUuid\": \"cuuid\", \"componentName\": \"cname\", \"qualifier\": \"project\" }");
}
@Test
@Test
public void groupProjectPermissionDeleteByComponentAndGroupIsPersisted() {
- GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPrivateProject();
- GroupPermissionDto dto = getGroupPermission(project);
- underTest.insert(dbSession, dto, project);
+ addGroupPermissionWithoutGroup();
verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture());
GroupPermissionNewValue newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid,
- GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier)
- .containsExactly(dto.getUuid(), null, null, project.uuid(), dto.getRole(), project.name(), "project");
- assertThat(newValue.toString()).contains("componentUuid");
+ assertNewValue(newValue, dto.getUuid(), null, null, project.uuid(), dto.getRole(), project.name(), "project");
+ assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"role\": \"admin\", \"componentUuid\": \"cuuid\", \"componentName\": \"cname\", \"qualifier\": \"project\" }");
underTest.deleteByRootComponentUuidForAnyOne(dbSession, project);
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture());
newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid,
- GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName)
- .containsExactly(null, null, null, project.uuid(), null, project.name());
- assertThat(newValue.toString()).doesNotContain("permissionUuid");
+ assertNewValue(newValue, null, null, null, project.uuid(), null, project.name(), "project");
+ assertThat(newValue).hasToString("{\"componentUuid\": \"cuuid\", \"componentName\": \"cname\", \"qualifier\": \"project\" }");
}
@Test
@Test
public void groupProjectPermissionDeleteByComponentAndPermissionIsPersisted() {
- GroupDto group = db.users().insertGroup();
- ComponentDto project = db.components().insertPrivateProject();
- GroupPermissionDto dto = getGroupPermission(group, project);
- underTest.insert(dbSession, dto, project);
+ addGroupPermission();
verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture());
GroupPermissionNewValue newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid,
- GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier)
- .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name(), "project");
- assertThat(newValue.toString()).contains("componentUuid");
+ assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name(), "project");
+ assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"role\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\", "
+ + "\"componentUuid\": \"cuuid\", \"componentName\": \"cname\", \"qualifier\": \"project\" }");
underTest.deleteByRootComponentUuidAndPermission(dbSession, dto.getRole(), project);
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture());
newValue = newValueCaptor.getValue();
- assertThat(newValue)
- .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, GroupPermissionNewValue::getComponentUuid,
- GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName)
- .containsExactly(null, null, project.uuid(), ADMIN, project.name());
- assertThat(newValue.toString()).doesNotContain("permissionUuid");
+ assertNewValue(newValue, null, null, null, project.uuid(), ADMIN, project.name(), "project");
+ assertThat(newValue).hasToString("{\"role\": \"admin\", \"componentUuid\": \"cuuid\", \"componentName\": \"cname\", \"qualifier\": \"project\" }");
}
@Test
verifyNoMoreInteractions(auditPersister);
}
- private GroupPermissionDto getGroupPermission(GroupDto group, ComponentDto project) {
+ private void assertNewValue(GroupPermissionNewValue newValue, String uuid, String groupUuid, String groupName, String cUuid, String permission, String cName, String qualifier) {
+ assertThat(newValue)
+ .extracting("permissionUuid", "groupUuid", "groupName", "componentUuid", "role", "componentName", "qualifier")
+ .containsExactly(uuid, groupUuid, groupName, cUuid, permission, cName, qualifier);
+ }
+
+ private void addGroupPermission() {
+ group = db.users().insertGroup(g -> g.setUuid("guuid").setName("gname"));
+ project = db.components().insertPrivateProject(c -> c.setUuid("cuuid").setName("cname"));
+ dto = getGroupPermission(group, project);
+ underTest.insert(dbSession, dto, project);
+ }
+
+ private void addGroupPermissionWithoutGroup() {
+ project = db.components().insertPrivateProject(c -> c.setUuid("cuuid").setName("cname"));
+ dto = getGroupPermission(project);
+ underTest.insert(dbSession, dto, project);
+ }
+
+ private void addGroupPermissionWithoutComponent() {
+ group = db.users().insertGroup(g -> g.setUuid("guuid").setName("gname"));
+ dto = getGroupPermission(group);
+ underTest.insert(dbSession, dto, null);
+ }
+
+ private GroupPermissionDto getGroupPermission(@Nullable GroupDto group, @Nullable ComponentDto project) {
return new GroupPermissionDto()
- .setUuid(Uuids.createFast())
- .setGroupUuid(group.getUuid())
- .setGroupName(group.getName())
+ .setUuid(uuidFactory.create())
+ .setGroupUuid(group != null ? group.getUuid() : null)
+ .setGroupName(group != null ? group.getName() : null)
.setRole(ADMIN)
- .setComponentUuid(project.uuid())
- .setComponentName(project.name());
+ .setComponentUuid(project != null ? project.uuid() : null)
+ .setComponentName(project != null ? project.name(): null);
+ }
+
+ private GroupPermissionDto getGroupPermission(GroupDto group) {
+ return getGroupPermission(group, null);
}
private GroupPermissionDto getGroupPermission(ComponentDto project) {
- return new GroupPermissionDto()
- .setUuid(Uuids.createFast())
- .setRole(ADMIN)
- .setComponentUuid(project.uuid())
- .setComponentName(project.name());
+ return getGroupPermission(null, project);
}
}
addProjectPermission("perm4", user2, project2);
// user2 does not have global permissions -> do nothing
- underTest.deleteGlobalPermission(dbSession, user2.getUuid(), user2.getLogin(), "perm1");
+ underTest.deleteGlobalPermission(dbSession, user2, "perm1");
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
// global permission is not granted -> do nothing
- underTest.deleteGlobalPermission(dbSession, user1.getUuid(), user1.getLogin(), "notGranted");
+ underTest.deleteGlobalPermission(dbSession, user1, "notGranted");
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
// permission is on project -> do nothing
- underTest.deleteGlobalPermission(dbSession, user1.getUuid(), user1.getLogin(), "perm3");
+ underTest.deleteGlobalPermission(dbSession, user1, "perm3");
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
// global permission exists -> delete it, but not the project permission with the same name !
- underTest.deleteGlobalPermission(dbSession, user1.getUuid(), user1.getLogin(), "perm1");
+ underTest.deleteGlobalPermission(dbSession, user1, "perm1");
+
assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where role='perm1' and component_uuid is null")).isZero();
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4);
}
addProjectPermission("perm", user2, project1);
// no such provision -> ignore
- underTest.deleteProjectPermission(dbSession, user1.getUuid(), user1.getLogin(), "anotherPerm", project1);
+ underTest.deleteProjectPermission(dbSession, user1, "anotherPerm", project1);
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4);
- underTest.deleteProjectPermission(dbSession, user1.getUuid(), user1.getLogin(), "perm", project1);
+ underTest.deleteProjectPermission(dbSession, user1, "perm", project1);
assertThatProjectPermissionDoesNotExist(user1, "perm", project1);
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(3);
}
UserDto user = insertUser();
db.users().insertProjectPermissionOnUser(user, "foo", project);
- assertThat(underTest.selectUserUuidsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER))
+ assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER))
.isEmpty();
}
db.users().insertProjectPermissionOnUser(user1, "p1", project);
db.users().insertProjectPermissionOnUser(user2, "p2", project);
- assertThat(underTest.selectUserUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2"))
- .containsOnly(user1.getUuid());
- assertThat(underTest.selectUserUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1"))
- .containsOnly(user2.getUuid());
- assertThat(underTest.selectUserUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p3"))
- .containsOnly(user1.getUuid(), user2.getUuid());
+ assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2"))
+ .extracting("uuid", "login")
+ .containsOnly(tuple(user1.getUuid(), user1.getLogin()));
+ assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1"))
+ .extracting("uuid", "login")
+ .containsOnly(tuple(user2.getUuid(), user2.getLogin()));
+ assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.uuid(), "p3"))
+ .extracting("uuid", "login")
+ .containsOnly(tuple(user1.getUuid(), user1.getLogin()), tuple(user2.getUuid(), user2.getLogin()));
}
@Test
db.users().insertProjectPermissionOnUser(user1, "p1", project);
db.users().insertProjectPermissionOnUser(user2, "p2", project);
- assertThat(underTest.selectUserUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2"))
- .containsOnly(user1.getUuid());
- assertThat(underTest.selectUserUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1"))
- .containsOnly(user2.getUuid());
+ assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2"))
+ .extracting("uuid", "login")
+ .containsOnly(tuple(user1.getUuid(), user1.getLogin()));
+ assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1"))
+ .extracting("uuid", "login")
+ .containsOnly(tuple(user2.getUuid(), user2.getLogin()));
}
@Test
db.users().insertPermissionOnUser(user2, SCAN);
db.users().insertProjectPermissionOnUser(user2, ADMINISTER_QUALITY_GATES.getKey(), project);
- underTest.deleteByUserUuid(dbSession, user1.getUuid());
+ underTest.deleteByUserUuid(dbSession, user1);
dbSession.commit();
assertThat(db.select("select user_uuid as \"userUuid\", component_uuid as \"projectUuid\", role as \"permission\" from user_roles"))
}
private UserDto insertUser(Consumer<UserDto> populateUserDto) {
- UserDto user = db.users().insertUser(populateUserDto);
- return user;
+ return db.users().insertUser(populateUserDto);
}
private UserDto insertUser() {
- UserDto user = db.users().insertUser();
- return user;
+ return db.users().insertUser();
}
private void expectCount(List<String> projectUuids, CountPerProjectPermission... expected) {
private UserPermissionDto addGlobalPermission(String permission, UserDto user) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null);
- underTest.insert(dbSession, dto, user.getLogin(), null);
+ underTest.insert(dbSession, dto, null, user);
db.commit();
return dto;
}
private UserPermissionDto addProjectPermission(String permission, UserDto user, ComponentDto project) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid());
- underTest.insert(dbSession, dto, user.getLogin(), project);
+ underTest.insert(dbSession, dto, project, user);
db.commit();
return dto;
}
private void assertThatProjectHasNoPermissions(ComponentDto project) {
assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where component_uuid='" + project.uuid() + "'")).isZero();
}
-
- private void assertGlobalPermissionsOfUser(UserDto user, GlobalPermission... permissions) {
- assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid()).stream()
- .map(GlobalPermission::fromKey))
- .containsOnly(permissions);
- }
-
- private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {
- assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).containsOnly(permissions);
- }
}
public void userGlobalPermissionInsertAndDeleteArePersisted() {
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), null);
- underTest.insert(dbSession, dto, user.getLogin(), null);
+ underTest.insert(dbSession, dto, null, user);
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture());
UserPermissionNewValue newValue = newValueCaptor.getValue();
.containsExactly(dto.getUuid(), user.getUuid(), user.getLogin(), null, dto.getPermission(), null, null);
assertThat(newValue.toString()).doesNotContain("projectUuid");
- underTest.deleteGlobalPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN);
+ underTest.deleteGlobalPermission(dbSession, user, SYSTEM_ADMIN);
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture());
newValue = newValueCaptor.getValue();
public void userGlobalPermissionDeleteWithoutAffectedRowsIsNotPersisted() {
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
- underTest.deleteGlobalPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN);
+ underTest.deleteGlobalPermission(dbSession, user, SYSTEM_ADMIN);
verify(auditPersister).addUser(any(), any());
verifyNoMoreInteractions(auditPersister);
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
ComponentDto project = db.components().insertPrivateProject();
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid());
- underTest.insert(dbSession, dto, user.getLogin(), project);
+ underTest.insert(dbSession, dto, project, user);
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture());
UserPermissionNewValue newValue = newValueCaptor.getValue();
.containsExactly(dto.getUuid(), user.getUuid(), user.getLogin(), project.uuid(), dto.getPermission(), project.name(), "project");
assertThat(newValue.toString()).contains("componentUuid");
- underTest.deleteProjectPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN, project);
+ underTest.deleteProjectPermission(dbSession, user, SYSTEM_ADMIN, project);
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture());
newValue = newValueCaptor.getValue();
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
ComponentDto project = db.components().insertPrivateProject();
- underTest.deleteProjectPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN, project);
+ underTest.deleteProjectPermission(dbSession, user, SYSTEM_ADMIN, project);
verify(auditPersister).addUser(any(), any());
verify(auditPersister).addComponent(any(), any(), any());
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
ComponentDto portfolio = db.components().insertPublicPortfolio();
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), portfolio.uuid());
- underTest.insert(dbSession, dto, user.getLogin(), portfolio);
+ underTest.insert(dbSession, dto, portfolio, user);
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture());
UserPermissionNewValue newValue = newValueCaptor.getValue();
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
ComponentDto application = db.components().insertPublicApplication();
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), application.uuid());
- underTest.insert(dbSession, dto, user.getLogin(), application);
+ underTest.insert(dbSession, dto, application, user);
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture());
UserPermissionNewValue newValue = newValueCaptor.getValue();
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
ComponentDto project = db.components().insertPrivateProject();
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SCAN_EXECUTION, user.getUuid(), project.uuid());
- underTest.insert(dbSession, dto, user.getLogin(), project);
+ underTest.insert(dbSession, dto, project, user);
underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN_EXECUTION, project);
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture());
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
ComponentDto project = db.components().insertPrivateProject();
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid());
- underTest.insert(dbSession, dto, user.getLogin(), project);
- underTest.deleteByUserUuid(dbSession, user.getUuid());
+ underTest.insert(dbSession, dto, project, user);
+ underTest.deleteByUserUuid(dbSession, user);
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture());
UserPermissionNewValue newValue = newValueCaptor.getValue();
assertThat(newValue)
.extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getUserLogin, UserPermissionNewValue::getComponentUuid,
UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName, UserPermissionNewValue::getQualifier)
- .containsExactly(null, user.getUuid(), null, null, null, null, null);
+ .containsExactly(null, user.getUuid(), user.getLogin(), null, null, null, null);
assertThat(newValue.toString()).contains("userUuid");
}
public void deleteUserPermissionByUserUuidWithoutAffectedRowsIsNotPersisted() {
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
- underTest.deleteByUserUuid(dbSession, user.getUuid());
+ underTest.deleteByUserUuid(dbSession, user);
verify(auditPersister).addUser(any(), any());
verifyNoMoreInteractions(auditPersister);
}
private UserDto insertUser(Consumer<UserDto> populateUserDto) {
- UserDto user = db.users().insertUser(populateUserDto);
- return user;
+ return db.users().insertUser(populateUserDto);
}
}
return dbClient.userDao().selectByLogin(db.getSession(), userDto.getLogin());
}
- public UserDto makeNotRoot(UserDto userDto) {
- dbClient.userDao().setRoot(db.getSession(), userDto.getLogin(), false);
- db.commit();
- return dbClient.userDao().selectByLogin(db.getSession(), userDto.getLogin());
- }
-
public UserDto insertAdminByUserPermission() {
UserDto user = insertUser();
insertPermissionOnUser(user, ADMINISTER);
return insertGroup(group);
}
- public GroupDto insertGroup() {
+ @SafeVarargs
+ public final GroupDto insertGroup(Consumer<GroupDto>... populators) {
GroupDto group = newGroupDto();
+ stream(populators).forEach(p -> p.accept(group));
return insertGroup(group);
}
@Deprecated
public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null);
- db.getDbClient().userPermissionDao().insert(db.getSession(), dto, user.getLogin(),null);
+ db.getDbClient().userPermissionDao().insert(db.getSession(), dto, null, user);
db.commit();
return dto;
}
public void deletePermissionFromUser(UserDto user, GlobalPermission permission) {
- db.getDbClient().userPermissionDao().deleteGlobalPermission(db.getSession(), user.getUuid(), user.getLogin(), permission.getKey());
+ db.getDbClient().userPermissionDao().deleteGlobalPermission(db.getSession(), user, permission.getKey());
db.commit();
}
public void deletePermissionFromUser(ComponentDto project, UserDto user, String permission) {
- db.getDbClient().userPermissionDao().deleteProjectPermission(db.getSession(), user.getUuid(), user.getLogin(), permission, project);
+ db.getDbClient().userPermissionDao().deleteProjectPermission(db.getSession(), user, permission, project);
db.commit();
}
"%s can't be granted on a public project", permission);
checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches");
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid());
- db.getDbClient().userPermissionDao().insert(db.getSession(), dto, user.getLogin(), project);
+ db.getDbClient().userPermissionDao().insert(db.getSession(), dto, project, user);
db.commit();
return dto;
}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2021 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.permission;
-
-import javax.annotation.concurrent.Immutable;
-import org.sonar.db.user.UserDto;
-
-import static java.util.Objects.requireNonNull;
-
-/**
- * Reference a user by his technical (db) id or functional login.
- * This is temporary class as long as services and DAOs do not
- * use only technical id.
- */
-@Immutable
-public class UserId {
-
- private final String uuid;
- private final String login;
-
- public UserId(String uuid, String login) {
- this.uuid = uuid;
- this.login = requireNonNull(login);
- }
-
- public String getUuid() {
- return uuid;
- }
-
- public String getLogin() {
- return login;
- }
-
- public static UserId from(UserDto dto) {
- return new UserId(dto.getUuid(), dto.getLogin());
- }
-}
import org.sonar.db.permission.template.PermissionTemplateGroupDto;
import org.sonar.db.permission.template.PermissionTemplateUserDto;
import org.sonar.db.user.UserDto;
+import org.sonar.db.user.UserId;
import org.sonar.server.es.ProjectIndexer;
import org.sonar.server.es.ProjectIndexers;
import org.sonar.server.permission.DefaultTemplatesResolver.ResolvedDefaultTemplates;
private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, ComponentDto project, @Nullable String projectCreatorUserUuid) {
List<PermissionTemplateUserDto> usersPermissions = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(dbSession, template.getUuid());
- Map<String, String> userDtoMap = dbClient.userDao().selectByUuids(dbSession, usersPermissions.stream().map(PermissionTemplateUserDto::getUserUuid).collect(Collectors.toSet()))
- .stream().collect(Collectors.toMap(UserDto::getUuid, UserDto::getUuid));
+ Set<String> permissionTemplateUserUuids = usersPermissions.stream().map(PermissionTemplateUserDto::getUserUuid).collect(Collectors.toSet());
+ Map<String, UserId> userIdByUuid = dbClient.userDao().selectByUuids(dbSession, permissionTemplateUserUuids).stream().collect(Collectors.toMap(UserDto::getUuid, u -> u));
usersPermissions
.stream()
.filter(up -> permissionValidForProject(project, up.getPermission()))
.forEach(up -> {
- UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), userDtoMap.get(up.getUserUuid()), project.uuid());
- dbClient.userPermissionDao().insert(dbSession, dto, up.getUserLogin(), project);
+ UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), up.getUserUuid(), project.uuid());
+ dbClient.userPermissionDao().insert(dbSession, dto, project, userIdByUuid.get(up.getUserUuid()));
});
List<PermissionTemplateGroupDto> groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, template.getUuid());
.filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission()))
.forEach(c -> {
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), project.uuid());
- dbClient.userPermissionDao().insert(dbSession, dto, userDto.getLogin(), project);
+ dbClient.userPermissionDao().insert(dbSession, dto, project, userDto);
});
}
}
private static void checkAtMostOneMatchForComponentKey(String componentKey, List<PermissionTemplateDto> matchingTemplates) {
if (matchingTemplates.size() > 1) {
StringBuilder templatesNames = new StringBuilder();
- for (Iterator<PermissionTemplateDto> it = matchingTemplates.iterator(); it.hasNext();) {
+ for (Iterator<PermissionTemplateDto> it = matchingTemplates.iterator(); it.hasNext(); ) {
templatesNames.append("\"").append(it.next().getName()).append("\"");
if (it.hasNext()) {
templatesNames.append(", ");
import javax.annotation.Nullable;
import org.sonar.db.component.ComponentDto;
+import org.sonar.db.user.UserIdDto;
import static java.util.Objects.requireNonNull;
public class UserPermissionChange extends PermissionChange {
- private final UserId userId;
+ private final UserIdDto userId;
- public UserPermissionChange(Operation operation, String permission, @Nullable ComponentDto project, UserId userId, PermissionService permissionService) {
+ public UserPermissionChange(Operation operation, String permission, @Nullable ComponentDto project, UserIdDto userId, PermissionService permissionService) {
super(operation, permission, project, permissionService);
this.userId = requireNonNull(userId);
}
- public UserId getUserId() {
+ public UserIdDto getUserId() {
return userId;
}
}
}
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), change.getPermission(), change.getUserId().getUuid(),
change.getProjectUuid());
- dbClient.userPermissionDao().insert(dbSession, dto, change.getUserId().getLogin(), change.getProject());
+ dbClient.userPermissionDao().insert(dbSession, dto, change.getProject(), change.getUserId());
return true;
}
}
checkOtherAdminsExist(dbSession, change);
ComponentDto project = change.getProject();
- UserId user = change.getUserId();
if (project != null) {
- dbClient.userPermissionDao().deleteProjectPermission(dbSession, user.getUuid(), user.getLogin(), change.getPermission(),
- project);
+ dbClient.userPermissionDao().deleteProjectPermission(dbSession, change.getUserId(), change.getPermission(), project);
} else {
- dbClient.userPermissionDao().deleteGlobalPermission(dbSession, user.getUuid(), user.getLogin(), change.getPermission());
+ dbClient.userPermissionDao().deleteGlobalPermission(dbSession, change.getUserId(), change.getPermission());
}
return true;
}
import org.sonar.server.permission.PermissionChange;
import org.sonar.server.permission.PermissionService;
import org.sonar.server.permission.PermissionUpdater;
-import org.sonar.server.permission.UserId;
+import org.sonar.db.user.UserIdDto;
import org.sonar.server.permission.UserPermissionChange;
import org.sonar.server.user.UserSession;
@Override
public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
- UserId user = wsSupport.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN));
+ UserIdDto user = wsSupport.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN));
Optional<ComponentDto> project = wsSupport.findProject(dbSession, request);
checkProjectAdmin(userSession, configuration, project.orElse(null));
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.permission.GroupUuidOrAnyone;
-import org.sonar.server.permission.UserId;
+import org.sonar.db.user.UserIdDto;
import org.sonar.server.permission.ws.template.WsTemplateRef;
import org.sonar.server.user.UserSession;
import org.sonar.server.usergroups.ws.GroupWsRef;
return groupWsSupport.findGroupOrAnyone(dbSession, groupRef);
}
- public UserId findUser(DbSession dbSession, String login) {
+ public UserIdDto findUser(DbSession dbSession, String login) {
UserDto dto = ofNullable(dbClient.userDao().selectActiveUserByLogin(dbSession, login))
.orElseThrow(() -> new NotFoundException(format("User with login '%s' is not found'", login)));
- return new UserId(dto.getUuid(), dto.getLogin());
+ return new UserIdDto(dto.getUuid(), dto.getLogin());
}
public PermissionTemplateDto findTemplate(DbSession dbSession, WsTemplateRef ref) {
import org.sonar.server.permission.PermissionChange;
import org.sonar.server.permission.PermissionService;
import org.sonar.server.permission.PermissionUpdater;
-import org.sonar.server.permission.UserId;
+import org.sonar.db.user.UserIdDto;
import org.sonar.server.permission.UserPermissionChange;
import org.sonar.server.user.UserSession;
@Override
public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
- UserId user = wsSupport.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN));
+ UserIdDto user = wsSupport.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN));
String permission = request.mandatoryParam(PARAM_PERMISSION);
if (ADMINISTER.getKey().equals(permission) && user.getLogin().equals(userSession.getLogin())) {
throw BadRequestException.create("As an admin, you can't remove your own admin right");
import org.sonar.db.DbSession;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.server.permission.UserId;
+import org.sonar.db.user.UserIdDto;
import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.permission.ws.WsParameters;
PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef(
request.getTemplateId(), request.getTemplateName()));
checkGlobalAdmin(userSession);
- UserId user = wsSupport.findUser(dbSession, userLogin);
+ UserIdDto user = wsSupport.findUser(dbSession, userLogin);
if (!isUserAlreadyAdded(dbSession, template.getUuid(), userLogin, permission)) {
dbClient.permissionTemplateDao().insertUserPermission(dbSession, template.getUuid(), user.getUuid(), permission,
import org.sonar.db.DbSession;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.permission.RequestValidator;
-import org.sonar.server.permission.UserId;
+import org.sonar.db.user.UserIdDto;
import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.permission.ws.WsParameters;
PermissionTemplateDto template = wsSupport.findTemplate(dbSession, WsTemplateRef.newTemplateRef(request.getTemplateId(), request.getTemplateName()));
checkGlobalAdmin(userSession);
- UserId user = wsSupport.findUser(dbSession, userLogin);
+ UserIdDto user = wsSupport.findUser(dbSession, userLogin);
dbClient.permissionTemplateDao().deleteUserPermission(dbSession, template.getUuid(), user.getUuid(), permission, template.getName(), user.getLogin());
dbSession.commit();
import org.sonar.db.permission.GroupPermissionDto;
import org.sonar.db.permission.UserPermissionDto;
import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDto;
+import org.sonar.db.user.UserId;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.es.ProjectIndexer;
import org.sonar.server.es.ProjectIndexers;
PUBLIC_PERMISSIONS.forEach(permission -> {
dbClient.groupPermissionDao().selectGroupUuidsWithPermissionOnProjectBut(dbSession, component.uuid(), permission)
.forEach(group -> insertProjectPermissionOnGroup(dbSession, component, permission, group));
- dbClient.userPermissionDao().selectUserUuidsWithPermissionOnProjectBut(dbSession, component.uuid(), permission)
+ dbClient.userPermissionDao().selectUserIdsWithPermissionOnProjectBut(dbSession, component.uuid(), permission)
.forEach(userUuid -> insertProjectPermissionOnUser(dbSession, component, permission, userUuid));
});
}
- private void insertProjectPermissionOnUser(DbSession dbSession, ComponentDto component, String permission, String userUuid) {
- UserDto userDto = dbClient.userDao().selectByUuid(dbSession, userUuid);
- String userLogin = userDto != null ? userDto.getLogin() : null;
- if(userLogin == null) {
- LOG.warn("Updating project permissions for user uuid " + userUuid + " which does not exist");
- }
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(Uuids.create(), permission, userUuid, component.uuid()),
- userLogin, component);
+
+ private void insertProjectPermissionOnUser(DbSession dbSession, ComponentDto component, String permission, UserId userId) {
+ dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(Uuids.create(), permission, userId.getUuid(), component.uuid()), component, userId);
}
private void insertProjectPermissionOnGroup(DbSession dbSession, ComponentDto component, String permission, String groupUuid) {
dbClient.propertiesDao().deleteByKeyAndValue(dbSession, DEFAULT_ISSUE_ASSIGNEE, user.getLogin());
dbClient.propertiesDao().deleteByQuery(dbSession, PropertyQuery.builder().setUserUuid(userUuid).build());
dbClient.userGroupDao().deleteByUserUuid(dbSession, user);
- dbClient.userPermissionDao().deleteByUserUuid(dbSession, userUuid);
+ dbClient.userPermissionDao().deleteByUserUuid(dbSession, user);
dbClient.permissionTemplateDao().deleteUserPermissionsByUserUuid(dbSession, userUuid, user.getLogin());
dbClient.qProfileEditUsersDao().deleteByUser(dbSession, user);
dbClient.userPropertiesDao().deleteByUser(dbSession, user);
import org.sonar.db.permission.GlobalPermission;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
+import org.sonar.db.user.UserIdDto;
import org.sonar.server.exceptions.BadRequestException;
import static org.assertj.core.api.Assertions.assertThat;
public void apply_adds_any_global_permission_to_user() {
permissionService.getGlobalPermissions()
.forEach(perm -> {
- UserPermissionChange change = new UserPermissionChange(ADD, perm.getKey(), null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, perm.getKey(), null, UserIdDto.from(user1), permissionService);
apply(change);
permissionService.getGlobalPermissions()
.forEach(perm -> {
- UserPermissionChange change = new UserPermissionChange(REMOVE, perm.getKey(), null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, perm.getKey(), null, UserIdDto.from(user1), permissionService);
apply(change);
@Test
public void apply_has_no_effect_when_adding_permission_USER_on_a_public_project() {
- UserPermissionChange change = new UserPermissionChange(ADD, USER, publicProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, USER, publicProject, UserIdDto.from(user1), permissionService);
apply(change);
@Test
public void apply_has_no_effect_when_adding_permission_CODEVIEWER_on_a_public_project() {
- UserPermissionChange change = new UserPermissionChange(ADD, CODEVIEWER, publicProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService);
apply(change);
}
private void applyAddsPermissionOnAPublicProject(String permission) {
- UserPermissionChange change = new UserPermissionChange(ADD, permission, publicProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, permission, publicProject, UserIdDto.from(user1), permissionService);
apply(change);
@Test
public void apply_fails_with_BadRequestException_when_removing_permission_USER_from_a_public_project() {
- UserPermissionChange change = new UserPermissionChange(REMOVE, USER, publicProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, USER, publicProject, UserIdDto.from(user1), permissionService);
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Permission user can't be removed from a public component");
@Test
public void apply_fails_with_BadRequestException_when_removing_permission_CODEVIEWER_from_a_public_project() {
- UserPermissionChange change = new UserPermissionChange(REMOVE, CODEVIEWER, publicProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService);
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Permission codeviewer can't be removed from a public component");
private void applyRemovesPermissionFromPublicProject(String permission) {
db.users().insertProjectPermissionOnUser(user1, permission, publicProject);
- UserPermissionChange change = new UserPermissionChange(REMOVE, permission, publicProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, permission, publicProject, UserIdDto.from(user1), permissionService);
apply(change);
public void apply_adds_any_permission_to_a_private_project() {
permissionService.getAllProjectPermissions()
.forEach(permission -> {
- UserPermissionChange change = new UserPermissionChange(ADD, permission, privateProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, permission, privateProject, UserIdDto.from(user1), permissionService);
apply(change);
permissionService.getAllProjectPermissions()
.forEach(permission -> {
- UserPermissionChange change = new UserPermissionChange(REMOVE, permission, privateProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, permission, privateProject, UserIdDto.from(user1), permissionService);
apply(change);
@Test
public void add_global_permission_to_user() {
- UserPermissionChange change = new UserPermissionChange(ADD, SCAN_EXECUTION, null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, SCAN_EXECUTION, null, UserIdDto.from(user1), permissionService);
apply(change);
@Test
public void add_project_permission_to_user() {
- UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, privateProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService);
apply(change);
assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty();
public void do_nothing_when_adding_global_permission_that_already_exists() {
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES);
- UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService);
apply(change);
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(ADMINISTER_QUALITY_GATES);
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Invalid project permission 'gateadmin'. Valid values are [" + StringUtils.join(permissionService.getAllProjectPermissions(), ", ") + "]");
- UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, privateProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, privateProject, UserIdDto.from(user1), permissionService);
apply(change);
}
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Invalid global permission 'issueadmin'. Valid values are [admin, gateadmin, profileadmin, provisioning, scan]");
- UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, null, UserIdDto.from(user1), permissionService);
apply(change);
}
db.users().insertPermissionOnUser(user2, QUALITY_GATE_ADMIN);
db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, privateProject);
- UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService);
apply(change);
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(SCAN);
db.users().insertProjectPermissionOnUser(user2, ISSUE_ADMIN, privateProject);
db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project2);
- UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService);
apply(change);
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(USER);
@Test
public void do_not_fail_if_removing_a_global_permission_that_does_not_exist() {
- UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService);
apply(change);
assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty();
@Test
public void do_not_fail_if_removing_a_project_permission_that_does_not_exist() {
- UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService);
apply(change);
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty();
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Last user with permission 'admin'. Permission cannot be removed.");
- UserPermissionChange change = new UserPermissionChange(REMOVE, SYSTEM_ADMIN, null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, SYSTEM_ADMIN, null, UserIdDto.from(user1), permissionService);
underTest.apply(db.getSession(), change);
}
db.users().insertMember(admins, user2);
db.users().insertPermissionOnGroup(admins, ADMINISTER);
- UserPermissionChange change = new UserPermissionChange(REMOVE, ADMINISTER.getKey(), null, UserId.from(user1), permissionService);
+ UserPermissionChange change = new UserPermissionChange(REMOVE, ADMINISTER.getKey(), null, UserIdDto.from(user1), permissionService);
underTest.apply(db.getSession(), change);
assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty();
private void unsafeInsertProjectPermissionOnUser(ComponentDto component, UserDto user, String permission) {
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), component.uuid());
- dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto, user.getLogin(), component);
+ dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto, component, user);
dbTester.commit();
}