ComponentDto projectDto = ComponentTesting.newProjectDto(ROOT_UUID).setKey(ROOT_KEY).setAuthorizationUpdatedAt(SOME_DATE);
dbClient.componentDao().insert(dbSession, projectDto);
// Permissions are already set on the project
- dbClient.roleDao().insertGroupRole(dbSession, new GroupPermissionDto().setRole(UserRole.USER).setGroupId(null).setResourceId(projectDto.getId()));
+ dbClient.groupPermissionDao().insert(dbSession, new GroupPermissionDto().setRole(UserRole.USER).setGroupId(null).setResourceId(projectDto.getId()));
dbSession.commit();
ComponentDto viewDto = newView(ROOT_UUID).setKey(ROOT_KEY).setAuthorizationUpdatedAt(SOME_DATE);
dbClient.componentDao().insert(dbSession, viewDto);
// Permissions are already set on the view
- dbClient.roleDao().insertGroupRole(dbSession, new GroupPermissionDto().setRole(UserRole.USER).setGroupId(null).setResourceId(viewDto.getId()));
+ dbClient.groupPermissionDao().insert(dbSession, new GroupPermissionDto().setRole(UserRole.USER).setGroupId(null).setResourceId(viewDto.getId()));
dbSession.commit();
active="[true]"
is_root="[false]"/>
<groups id="100"
- name="devs"/>
+ name="devs"
+ organization_uuid="org1"/>
<user_roles id="1"
user_id="10"
resource_id="2"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<group_roles id="1"
group_id="100"
resource_id="2"
<user_roles id="1"
user_id="10"
resource_id="1"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="2"
user_id="10"
resource_id="1"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<user_roles id="3"
user_id="10"
resource_id="2"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<!-- group devs has user access on ABC only -->
<groups id="100"
- name="devs"/>
+ name="devs"
+ organization_uuid="org1"/>
<group_roles id="1"
group_id="100"
resource_id="1"
<user_roles id="4"
user_id="11"
resource_id="1"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<user_roles id="5"
user_id="11"
resource_id="2"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
</dataset>
<user_roles id="1"
user_id="10"
resource_id="1"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="2"
user_id="10"
resource_id="1"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<user_roles id="3"
user_id="10"
resource_id="2"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<groups id="100"
- name="devs"/>
+ name="devs"
+ organization_uuid="org1"/>
<group_roles id="1"
group_id="100"
resource_id="1"
import org.sonar.db.notification.NotificationQueueDao;
import org.sonar.db.organization.OrganizationDao;
import org.sonar.db.permission.GroupPermissionDao;
+import org.sonar.db.permission.PermissionDao;
import org.sonar.db.permission.UserPermissionDao;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDao;
import org.sonar.db.permission.template.PermissionTemplateDao;
import org.sonar.db.rule.RuleRepositoryDao;
import org.sonar.db.source.FileSourceDao;
import org.sonar.db.user.AuthorDao;
-import org.sonar.db.permission.PermissionDao;
import org.sonar.db.user.GroupDao;
import org.sonar.db.user.GroupMembershipDao;
import org.sonar.db.user.RoleDao;
private static final String COMPONENT_ID_PARAMETER = "componentId";
private static final String ANYONE_GROUP_PARAMETER = "anyoneGroup";
+ /**
+ * @deprecated not compatible with organizations.
+ */
+ @Deprecated
public int countGroups(DbSession session, String permission, @Nullable Long componentId) {
Map<String, Object> parameters = new HashMap<>();
parameters.put("permission", permission);
}
/**
- * ordered by group names
+ * @return group names, sorted in alphabetical order
+ * @deprecated not compatible with organizations.
*/
+ @Deprecated
public List<String> selectGroupNamesByPermissionQuery(DbSession dbSession, PermissionQuery query) {
return mapper(dbSession).selectGroupNamesByPermissionQuery(query, new RowBounds(query.getPageOffset(), query.getPageSize()));
}
+ /**
+ * @deprecated not compatible with organizations.
+ */
+ @Deprecated
public int countGroupsByPermissionQuery(DbSession dbSession, PermissionQuery query) {
return mapper(dbSession).countGroupsByPermissionQuery(query);
}
+ /**
+ * @deprecated group name parameter is not enough to identify a group. It is not compatible with organizations.
+ */
+ @Deprecated
public List<GroupPermissionDto> selectGroupPermissionsByGroupNamesAndProject(DbSession dbSession, List<String> groupNames, @Nullable Long projectId) {
return executeLargeInputs(groupNames, groups -> mapper(dbSession).selectGroupPermissionByGroupNames(groups, projectId));
}
});
}
+ /**
+ * @return the permissions granted to the requested group, optionally on the requested project. An
+ * empty list is returned if the group or project do not exist.
+ */
+ public List<String> selectGroupPermissions(DbSession session, long groupId, @Nullable Long projectId) {
+ return session.getMapper(GroupPermissionMapper.class).selectGroupPermissions(groupId, projectId);
+ }
+
+ /**
+ * @return the permissions granted to Anyone virtual group, optionally on the requested project. An
+ * empty list is returned if the project does not exist.
+ * @deprecated not compatible with organizations if {@code projectId} is null. Should have an organization parameter.
+ */
+ @Deprecated
+ public List<String> selectAnyonePermissions(DbSession session, @Nullable Long projectId) {
+ return session.getMapper(GroupPermissionMapper.class).selectAnyonePermissions(projectId);
+ }
+
+ public void insert(DbSession dbSession, GroupPermissionDto dto) {
+ mapper(dbSession).insert(dto);
+ }
+
private static GroupPermissionMapper mapper(DbSession session) {
return session.getMapper(GroupPermissionMapper.class);
}
public interface GroupPermissionMapper {
+ /**
+ * @deprecated does not support organizations
+ */
+ @Deprecated
int countGroups(Map<String, Object> parameters);
+ /**
+ * @deprecated does not support organizations
+ */
+ @Deprecated
List<String> selectGroupNamesByPermissionQuery(@Param("query") PermissionQuery query, RowBounds rowBounds);
+ /**
+ * @deprecated does not support organizations
+ */
+ @Deprecated
int countGroupsByPermissionQuery(@Param("query") PermissionQuery query);
+ /**
+ * @deprecated does not support organizations
+ */
+ @Deprecated
List<GroupPermissionDto> selectGroupPermissionByGroupNames(@Param("groupNames") List<String> groupNames, @Nullable @Param("projectId") Long projectId);
void groupsCountByProjectIdAndPermission(Map<String, Object> parameters, ResultHandler resultHandler);
+
+ List<String> selectGroupPermissions(@Param("groupId") long groupId, @Nullable @Param("projectId") Long projectId);
+
+ List<String> selectAnyonePermissions(@Nullable @Param("projectId") Long projectId);
+
+ void insert(GroupPermissionDto dto);
}
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateGroupDto;
import org.sonar.db.permission.template.PermissionTemplateUserDto;
-import org.sonar.db.user.GroupDto;
import static org.sonar.api.security.DefaultGroups.isAnyone;
this.settings = settings;
}
- /**
- * @param updateProjectAuthorizationDate is false when doing bulk action in order to not update the same project multiple times for nothing
- */
- private void insertUserPermission(@Nullable Long resourceId, Long userId, String permission, boolean updateProjectAuthorizationDate, DbSession session) {
- UserPermissionDto userPermissionDto = new UserPermissionDto(permission, userId, resourceId);
- if (updateProjectAuthorizationDate) {
- updateProjectAuthorizationDate(session, resourceId);
- }
- dbClient.userPermissionDao().insert(session, userPermissionDto);
- }
-
- public void insertUserPermission(@Nullable Long resourceId, Long userId, String permission, DbSession session) {
- insertUserPermission(resourceId, userId, permission, true, session);
- }
-
- public void deleteUserPermission(@Nullable ComponentDto project, String login, String permission, DbSession session) {
- if (project != null) {
- dbClient.userPermissionDao().delete(session, login, project.uuid(), permission);
- updateProjectAuthorizationDate(session, project.getId());
- } else {
- dbClient.userPermissionDao().delete(session, login, null, permission);
- }
- }
-
- /**
- * @param updateProjectAuthorizationDate is false when doing bulk action in order to not update the same project multiple times for nothing
- */
- private void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, boolean updateProjectAuthorizationDate, DbSession session) {
- GroupPermissionDto groupRole = new GroupPermissionDto()
+ private void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, DbSession session) {
+ GroupPermissionDto dto = new GroupPermissionDto()
.setRole(permission)
.setGroupId(groupId)
.setResourceId(resourceId);
- if (updateProjectAuthorizationDate) {
- updateProjectAuthorizationDate(session, resourceId);
- }
- dbClient.roleDao().insertGroupRole(session, groupRole);
- }
-
- public void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, DbSession session) {
- insertGroupPermission(resourceId, groupId, permission, true, session);
- }
-
- public void insertGroupPermission(@Nullable Long resourceId, String groupName, String permission, DbSession session) {
- if (isAnyone(groupName)) {
- insertGroupPermission(resourceId, (Long) null, permission, session);
- } else {
- GroupDto group = dbClient.groupDao().selectByName(session, groupName);
- if (group != null) {
- insertGroupPermission(resourceId, group.getId(), permission, session);
- }
- }
+ dbClient.groupPermissionDao().insert(session, dto);
}
public void deleteGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, DbSession session) {
}
private void applyPermissionTemplate(DbSession session, String templateUuid, ComponentDto project, @Nullable Long currentUserId) {
- PermissionTemplate permissionTemplate = dbClient.permissionTemplateDao().selectPermissionTemplateWithPermissions(session, templateUuid);
+ PermissionTemplate template = dbClient.permissionTemplateDao().selectPermissionTemplateWithPermissions(session, templateUuid);
updateProjectAuthorizationDate(session, project.getId());
dbClient.roleDao().deleteGroupRolesByResourceId(session, project.getId());
dbClient.userPermissionDao().delete(session, null, project.uuid(), null);
- List<PermissionTemplateUserDto> usersPermissions = permissionTemplate.getUserPermissions();
- usersPermissions.forEach(userPermission -> insertUserPermission(project.getId(), userPermission.getUserId(), userPermission.getPermission(), false, session));
+ List<PermissionTemplateUserDto> usersPermissions = template.getUserPermissions();
+ String organizationUuid = template.getTemplate().getOrganizationUuid();
+ usersPermissions
+ .forEach(up -> {
+ UserPermissionDto dto = new UserPermissionDto(organizationUuid, up.getPermission(), up.getUserId(), project.getId());
+ dbClient.userPermissionDao().insert(session, dto);
+ });
- List<PermissionTemplateGroupDto> groupsPermissions = permissionTemplate.getGroupPermissions();
+ List<PermissionTemplateGroupDto> groupsPermissions = template.getGroupPermissions();
groupsPermissions.forEach(groupPermission -> insertGroupPermission(project.getId(), isAnyone(groupPermission.getGroupName()) ? null : groupPermission.getGroupId(),
- groupPermission.getPermission(), false, session));
+ groupPermission.getPermission(), session));
- List<PermissionTemplateCharacteristicDto> characteristics = permissionTemplate.getCharacteristics();
+ List<PermissionTemplateCharacteristicDto> characteristics = template.getCharacteristics();
if (currentUserId != null) {
Set<String> permissionsForCurrentUserAlreadyInDb = usersPermissions.stream()
.filter(userPermission -> currentUserId.equals(userPermission.getUserId()))
characteristics.stream()
.filter(PermissionTemplateCharacteristicDto::getWithProjectCreator)
.filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission()))
- .forEach(characteristic -> insertUserPermission(project.getId(), currentUserId, characteristic.getPermission(), false, session));
+ .forEach(c -> {
+ UserPermissionDto dto = new UserPermissionDto(template.getTemplate().getOrganizationUuid(), c.getPermission(), currentUserId, project.getId());
+ dbClient.userPermissionDao().insert(session, dto);
+ });
}
}
import javax.annotation.Nullable;
public class UserPermissionDto {
+
+ private String organizationUuid;
private String permission;
private long userId;
private Long componentId;
// used by MyBatis
}
- public UserPermissionDto(String permission, long userId, @Nullable Long componentId) {
+ public UserPermissionDto(String organizationUuid, String permission, long userId, @Nullable Long componentId) {
+ this.organizationUuid = organizationUuid;
+ this.permission = permission;
this.userId = userId;
this.componentId = componentId;
- this.permission = permission;
}
public String getPermission() {
return userId;
}
+ public String getOrganizationUuid() {
+ return organizationUuid;
+ }
+
/**
* @return {@code null} if it's a global permission, else return the project id.
*/
StringBuilder sb = new StringBuilder("UserPermissionDto{");
sb.append("permission='").append(permission).append('\'');
sb.append(", userId=").append(userId);
+ sb.append(", organizationUuid=").append(organizationUuid);
sb.append(", componentId=").append(componentId);
sb.append('}');
return sb.toString();
</if>
</select>
+ <select id="selectGroupPermissions" parameterType="map" resultType="String">
+ select gr.role
+ from group_roles gr
+ where gr.group_id = #{groupId}
+ and
+ <if test="projectId == null">
+ gr.resource_id is null
+ </if>
+ <if test="projectId != null">
+ gr.resource_id = #{projectId}
+ </if>
+ </select>
+
+ <select id="selectAnyonePermissions" parameterType="map" resultType="String">
+ select gr.role
+ from group_roles gr
+ where gr.group_id is null
+ and
+ <if test="projectId == null">
+ gr.resource_id is null
+ </if>
+ <if test="projectId != null">
+ gr.resource_id = #{projectId}
+ </if>
+ </select>
+
+ <insert id="insert" parameterType="GroupPermission" keyColumn="id" useGeneratedKeys="true" keyProperty="id">
+ insert into group_roles (
+ group_id,
+ resource_id,
+ role
+ ) values (
+ #{groupId,jdbcType=BIGINT},
+ #{resourceId,jdbcType=BIGINT},
+ #{role,jdbcType=VARCHAR}
+ )
+ </insert>
</mapper>
<select id="selectByQuery" parameterType="map" resultType="org.sonar.db.permission.ExtendedUserPermissionDto">
select
u.id as userId,
+ ur.organization_uuid as organizationUuid,
ur.resource_id as componentId,
ur.role as permission,
u.login as userLogin,
</select>
<insert id="insert" parameterType="org.sonar.db.permission.UserPermissionDto" useGeneratedKeys="false">
- insert into user_roles (user_id, resource_id, role)
- values (#{userId,jdbcType=BIGINT}, #{componentId,jdbcType=BIGINT}, #{permission,jdbcType=VARCHAR})
+ insert into user_roles (
+ organization_uuid,
+ user_id,
+ resource_id,
+ role
+ ) values (
+ #{organizationUuid,jdbcType=VARCHAR},
+ #{userId,jdbcType=BIGINT},
+ #{componentId,jdbcType=BIGINT},
+ #{permission,jdbcType=VARCHAR}
+ )
</insert>
<delete id="delete" parameterType="map">
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDbTester;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.user.GroupDbTester;
import org.sonar.db.user.GroupDto;
import static java.util.Arrays.asList;
public class GroupPermissionDaoTest {
- private static final long COMPONENT_ID = 100L;
+ private static final long GROUP_1_ID = 10L;
+ private static final long GROUP_2_ID = 11L;
+ private static final long PROJECT_1_ID = 100L;
+ private static final Long ANYONE_ID = null;
+ private static final long UNKNOWN_PROJECT_ID = -1L;
+ private static final long UNKNOWN_GROUP_ID = -1L;
@Rule
public DbTester db = DbTester.create(System2.INSTANCE);
- private GroupDbTester groupDb = new GroupDbTester(db);
private PermissionDbTester permissionDb = new PermissionDbTester(db);
private ComponentDbTester componentDb = new ComponentDbTester(db);
private DbSession dbSession = db.getSession();
-
private GroupPermissionDao underTest = new GroupPermissionDao();
@Test
public void group_count_by_permission_and_component_id() {
- GroupDto group1 = groupDb.insertGroup();
- GroupDto group2 = groupDb.insertGroup();
- GroupDto group3 = groupDb.insertGroup();
+ GroupDto group1 = db.users().insertGroup(newGroupDto());
+ GroupDto group2 = db.users().insertGroup(newGroupDto());
+ GroupDto group3 = db.users().insertGroup(newGroupDto());
permissionDb.addProjectPermissionToGroup(ISSUE_ADMIN, group1.getId(), 42L);
permissionDb.addProjectPermissionToGroup(ADMIN, group1.getId(), 123L);
@Test
public void select_groups_by_query() {
- GroupDto group1 = groupDb.insertGroup(newGroupDto());
- GroupDto group2 = groupDb.insertGroup(newGroupDto());
- GroupDto group3 = groupDb.insertGroup(newGroupDto());
+ GroupDto group1 = db.users().insertGroup(newGroupDto());
+ GroupDto group2 = db.users().insertGroup(newGroupDto());
+ GroupDto group3 = db.users().insertGroup(newGroupDto());
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
List<String> groupNames = underTest.selectGroupNamesByPermissionQuery(dbSession, PermissionQuery.builder().build());
@Test
public void select_groups_by_query_is_ordered_by_group_names() {
- groupDb.insertGroup(newGroupDto().setName("Group-2"));
- groupDb.insertGroup(newGroupDto().setName("Group-3"));
- groupDb.insertGroup(newGroupDto().setName("Group-1"));
+ db.users().insertGroup(newGroupDto().setName("Group-2"));
+ db.users().insertGroup(newGroupDto().setName("Group-3"));
+ db.users().insertGroup(newGroupDto().setName("Group-1"));
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
assertThat(underTest.selectGroupNamesByPermissionQuery(dbSession,
@Test
public void count_groups_by_query() {
- GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
- GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
- GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
+ GroupDto group1 = db.users().insertGroup(newGroupDto().setName("Group-1"));
+ GroupDto group2 = db.users().insertGroup(newGroupDto().setName("Group-2"));
+ GroupDto group3 = db.users().insertGroup(newGroupDto().setName("Group-3"));
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
permissionDb.addGlobalPermissionToGroup(PROVISIONING, group1.getId());
@Test
public void select_groups_by_query_with_global_permission() {
- GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
- GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
- GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
+ GroupDto group1 = db.users().insertGroup(newGroupDto().setName("Group-1"));
+ GroupDto group2 = db.users().insertGroup(newGroupDto().setName("Group-2"));
+ GroupDto group3 = db.users().insertGroup(newGroupDto().setName("Group-3"));
ComponentDto project = componentDb.insertComponent(newProjectDto());
@Test
public void select_groups_by_query_with_project_permissions() {
- GroupDto group1 = groupDb.insertGroup();
- GroupDto group2 = groupDb.insertGroup();
- GroupDto group3 = groupDb.insertGroup();
+ GroupDto group1 = db.users().insertGroup(newGroupDto());
+ GroupDto group2 = db.users().insertGroup(newGroupDto());
+ GroupDto group3 = db.users().insertGroup(newGroupDto());
ComponentDto project = componentDb.insertComponent(newProjectDto());
ComponentDto anotherProject = componentDb.insertComponent(newProjectDto());
@Test
public void select_groups_by_query_paginated() {
- IntStream.rangeClosed(0, 9).forEach(i -> groupDb.insertGroup(newGroupDto().setName(i + "-name")));
+ IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(newGroupDto().setName(i + "-name")));
assertThat(underTest.selectGroupNamesByPermissionQuery(dbSession,
PermissionQuery.builder().setPageIndex(2).setPageSize(3).build())).containsExactly("3-name", "4-name", "5-name");
@Test
public void select_groups_by_query_with_search_query() {
- GroupDto group = groupDb.insertGroup(newGroupDto().setName("group-anyone"));
- groupDb.insertGroup(newGroupDto().setName("unknown"));
+ GroupDto group = db.users().insertGroup(newGroupDto().setName("group-anyone"));
+ db.users().insertGroup(newGroupDto().setName("unknown"));
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group.getId());
assertThat(underTest.selectGroupNamesByPermissionQuery(dbSession,
@Test
public void select_groups_by_query_does_not_return_anyone_when_group_roles_is_empty() {
- GroupDto group = groupDb.insertGroup();
+ GroupDto group = db.users().insertGroup(newGroupDto());
assertThat(underTest.selectGroupNamesByPermissionQuery(dbSession,
PermissionQuery.builder().build()))
@Test
public void select_group_permissions_by_group_names_on_global_permissions() {
- GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
+ GroupDto group1 = db.users().insertGroup(newGroupDto().setName("Group-1"));
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group1.getId());
- GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
+ GroupDto group2 = db.users().insertGroup(newGroupDto().setName("Group-2"));
ComponentDto project = componentDb.insertComponent(newProjectDto());
permissionDb.addProjectPermissionToGroup(UserRole.ADMIN, group2.getId(), project.getId());
- GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
+ GroupDto group3 = db.users().insertGroup(newGroupDto().setName("Group-3"));
permissionDb.addGlobalPermissionToGroup(SYSTEM_ADMIN, group3.getId());
// Anyone
@Test
public void select_group_permissions_by_group_names_on_project_permissions() {
- GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
+ GroupDto group1 = db.users().insertGroup(newGroupDto().setName("Group-1"));
permissionDb.addGlobalPermissionToGroup(PROVISIONING, group1.getId());
- GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
+ GroupDto group2 = db.users().insertGroup(newGroupDto().setName("Group-2"));
ComponentDto project = componentDb.insertComponent(newProjectDto());
permissionDb.addProjectPermissionToGroup(USER, group2.getId(), project.getId());
- GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
+ GroupDto group3 = db.users().insertGroup(newGroupDto().setName("Group-3"));
permissionDb.addProjectPermissionToGroup(USER, group3.getId(), project.getId());
// Anyone group
assertThat(underTest.selectGroupPermissionsByGroupNamesAndProject(dbSession, Collections.emptyList(), project.getId())).isEmpty();
}
+ @Test
+ public void selectGroupPermissions() {
+ permissionDb.addGlobalPermissionToGroup("perm1", ANYONE_ID);
+ permissionDb.addGlobalPermissionToGroup("perm2", GROUP_1_ID);
+ permissionDb.addGlobalPermissionToGroup("perm3", GROUP_1_ID);
+ permissionDb.addGlobalPermissionToGroup("perm4", GROUP_2_ID);
+ permissionDb.addProjectPermissionToGroup("perm5", GROUP_1_ID, PROJECT_1_ID);
+ permissionDb.addProjectPermissionToGroup("perm6", ANYONE_ID, PROJECT_1_ID);
+
+ // select global permissions on group
+ assertThat(underTest.selectGroupPermissions(dbSession, GROUP_1_ID, null)).containsOnly("perm2", "perm3");
+ assertThat(underTest.selectGroupPermissions(dbSession, UNKNOWN_GROUP_ID, null)).isEmpty();
+
+ // select project permissions on group
+ assertThat(underTest.selectGroupPermissions(dbSession, GROUP_1_ID, PROJECT_1_ID)).containsOnly("perm5");
+ assertThat(underTest.selectGroupPermissions(dbSession, GROUP_1_ID, UNKNOWN_PROJECT_ID)).isEmpty();
+ }
+
+ @Test
+ public void selectAnyonePermissions() {
+ permissionDb.addGlobalPermissionToGroup("perm1", ANYONE_ID);
+ permissionDb.addGlobalPermissionToGroup("perm2", GROUP_1_ID);
+ permissionDb.addProjectPermissionToGroup("perm3", GROUP_1_ID, PROJECT_1_ID);
+ permissionDb.addProjectPermissionToGroup("perm4",ANYONE_ID, PROJECT_1_ID);
+
+ // select global permissions on group
+ assertThat(underTest.selectAnyonePermissions(dbSession, null)).containsOnly("perm1");
+
+ // select project permissions on group
+ assertThat(underTest.selectAnyonePermissions(dbSession, PROJECT_1_ID)).containsOnly("perm4");
+ assertThat(underTest.selectAnyonePermissions(dbSession, UNKNOWN_PROJECT_ID)).isEmpty();
+ }
}
this.dbSession = db.getSession();
}
- public void addGlobalPermissionToUser(String permission, long userId) {
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(permission, userId, null));
- db.commit();
- }
-
public void addProjectPermissionToGroup(String permission, @Nullable Long groupId, long componentId) {
- dbClient.roleDao().insertGroupRole(dbSession, new GroupPermissionDto()
+ dbClient.groupPermissionDao().insert(dbSession, new GroupPermissionDto()
.setRole(permission)
.setGroupId(groupId)
.setResourceId(componentId));
}
public void addGlobalPermissionToGroup(String permission, @Nullable Long groupId) {
- dbClient.roleDao().insertGroupRole(dbSession, new GroupPermissionDto()
+ dbClient.groupPermissionDao().insert(dbSession, new GroupPermissionDto()
.setRole(permission)
.setGroupId(groupId));
db.commit();
import org.sonar.db.component.ComponentDto;
import org.sonar.db.permission.template.PermissionTemplateDbTester;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.GroupDbTester;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.RoleDao;
-import org.sonar.db.user.UserDbTester;
import org.sonar.db.user.UserDto;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
+import static org.sonar.db.user.GroupTesting.newGroupDto;
public class PermissionRepositoryTest {
@Rule
public DbTester dbTester = DbTester.create(system2);
- GroupDbTester groupDb = new GroupDbTester(dbTester);
- UserDbTester userDb = new UserDbTester(dbTester);
- PermissionTemplateDbTester templateDb = new PermissionTemplateDbTester(dbTester);
- DbSession session = dbTester.getSession();
-
- Settings settings = new MapSettings();
- PermissionRepository underTest = new PermissionRepository(dbTester.getDbClient(), settings);
+ private PermissionTemplateDbTester templateDb = new PermissionTemplateDbTester(dbTester);
+ private DbSession session = dbTester.getSession();
+ private Settings settings = new MapSettings();
+ private PermissionRepository underTest = new PermissionRepository(dbTester.getDbClient(), settings);
@Before
public void setUp() {
dbTester.assertDbUnitTable(getClass(), "apply_default_permission_template-result.xml", "user_roles", "user_id", "resource_id", "role");
}
- @Test
- public void should_add_user_permission() {
- dbTester.prepareDbUnit(getClass(), "should_add_user_permission.xml");
-
- underTest.insertUserPermission(PROJECT.getId(), 200L, UserRole.ADMIN, session);
- session.commit();
-
- dbTester.assertDbUnitTable(getClass(), "should_add_user_permission-result.xml", "user_roles", "user_id", "resource_id", "role");
- dbTester.assertDbUnitTable(getClass(), "should_add_user_permission-result.xml", "projects", "authorization_updated_at");
-
- checkAuthorizationUpdatedAtIsUpdated();
- }
-
- @Test
- public void should_delete_user_permission() {
- dbTester.prepareDbUnit(getClass(), "should_delete_user_permission.xml");
-
- underTest.deleteUserPermission(PROJECT, "dave.loper", UserRole.ADMIN, session);
- session.commit();
-
- dbTester.assertDbUnitTable(getClass(), "should_delete_user_permission-result.xml", "user_roles", "user_id", "resource_id", "role");
- dbTester.assertDbUnitTable(getClass(), "should_delete_user_permission-result.xml", "projects", "authorization_updated_at");
- checkAuthorizationUpdatedAtIsUpdated();
- }
-
- @Test
- public void should_insert_group_permission() {
- dbTester.prepareDbUnit(getClass(), "should_insert_group_permission.xml");
-
- underTest.insertGroupPermission(PROJECT.getId(), 100L, UserRole.USER, session);
- session.commit();
-
- dbTester.assertDbUnitTable(getClass(), "should_insert_group_permission-result.xml", "group_roles", "group_id", "resource_id", "role");
- dbTester.assertDbUnitTable(getClass(), "should_insert_group_permission-result.xml", "projects", "authorization_updated_at");
- checkAuthorizationUpdatedAtIsUpdated();
- }
-
- @Test
- public void should_insert_group_name_permission() {
- dbTester.prepareDbUnit(getClass(), "should_insert_group_permission.xml");
-
- underTest.insertGroupPermission(PROJECT.getId(), "devs", UserRole.USER, session);
- session.commit();
-
- dbTester.assertDbUnitTable(getClass(), "should_insert_group_permission-result.xml", "group_roles", "group_id", "resource_id", "role");
- dbTester.assertDbUnitTable(getClass(), "should_insert_group_permission-result.xml", "projects", "authorization_updated_at");
- }
-
- @Test
- public void should_insert_anyone_group_permission() {
- dbTester.prepareDbUnit(getClass(), "should_insert_anyone_group_permission.xml");
-
- underTest.insertGroupPermission(PROJECT.getId(), "Anyone", UserRole.USER, session);
- session.commit();
-
- dbTester.assertDbUnitTable(getClass(), "should_insert_anyone_group_permission-result.xml", "group_roles", "group_id", "resource_id", "role");
- dbTester.assertDbUnitTable(getClass(), "should_insert_anyone_group_permission-result.xml", "projects", "authorization_updated_at");
- }
-
@Test
public void should_delete_group_permission() {
dbTester.prepareDbUnit(getClass(), "should_delete_group_permission.xml");
@Test
public void would_user_have_permission_with_default_permission_template() {
- UserDto user = userDb.insertUser();
- GroupDto group = groupDb.insertGroup();
- groupDb.addUserToGroup(user.getId(), group.getId());
+ UserDto user = dbTester.users().insertUser();
+ GroupDto group = dbTester.users().insertGroup(newGroupDto());
+ dbTester.users().insertMember(group, user);
PermissionTemplateDto template = templateDb.insertTemplate();
setDefaultTemplateUuid(template.getUuid());
templateDb.addProjectCreatorToTemplate(template.getId(), SCAN_EXECUTION);
}
private UserPermissionDto insertGlobalPermission(String permission, long userId) {
- UserPermissionDto dto = new UserPermissionDto(permission, userId, null);
+ UserPermissionDto dto = new UserPermissionDto(dbTester.getDefaultOrganization().getUuid(), permission, userId, null);
underTest.insert(dbTester.getSession(), dto);
dbTester.commit();
return dto;
}
private UserPermissionDto insertProjectPermission(String permission, long userId, long projectId) {
- UserPermissionDto dto = new UserPermissionDto(permission, userId, projectId);
+ UserPermissionDto dto = new UserPermissionDto(dbTester.getDefaultOrganization().getUuid(), permission, userId, projectId);
underTest.insert(dbTester.getSession(), dto);
dbTester.commit();
return dto;
+++ /dev/null
-<dataset>
-
- <projects id="123" kee="project"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="com.foo:bar"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!--
- new rows : sonar-administrators (admin), sonar-users (user & codeviewer), Anyone (user & codeviewer),
- -->
- <group_roles id="3"
- group_id="100"
- resource_id="123"
- role="admin"/>
- <group_roles id="4"
- group_id="101"
- resource_id="123"
- role="user"/>
- <group_roles id="5"
- group_id="[null]"
- resource_id="123"
- role="user"/>
- <group_roles id="6"
- group_id="101"
- resource_id="123"
- role="codeviewer"/>
- <group_roles id="7"
- group_id="[null]"
- resource_id="123"
- role="codeviewer"/>
-
- <!-- default permission template for all qualifiers -->
- <permission_templates id="1"
- name="default"
- kee="default_template_20130101_010203"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
- <perm_templates_groups id="2"
- template_id="1"
- group_id="101"
- permission_reference="user"/>
- <perm_templates_groups id="3"
- template_id="1"
- group_id="[null]"
- permission_reference="user"/>
- <perm_templates_groups id="4"
- template_id="1"
- group_id="101"
- permission_reference="codeviewer"/>
- <perm_templates_groups id="5"
- template_id="1"
- group_id="[null]"
- permission_reference="codeviewer"/>
-
- <perm_templates_users/>
-
-</dataset>
+++ /dev/null
-<dataset>
-
- <projects id="123"
- kee="com.foo:bar"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
-
- <!-- default permission template for all qualifiers -->
- <permission_templates id="1"
- name="default"
- kee="default_template_20130101_010203"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
- <perm_templates_groups id="2"
- template_id="1"
- group_id="101"
- permission_reference="user"/>
- <perm_templates_groups id="3"
- template_id="1"
- group_id="[null]"
- permission_reference="user"/>
- <perm_templates_groups id="4"
- template_id="1"
- group_id="101"
- permission_reference="codeviewer"/>
- <perm_templates_groups id="5"
- template_id="1"
- group_id="[null]"
- permission_reference="codeviewer"/>
-
- <perm_templates_users/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <groups id="102"
- name="sonar-foos"/>
- <groups id="103"
- name="sonar-bars"/>
-
- <users id="200"
- login="foo"
- name="Foo"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
- <users id="201"
- login="bar"
- name="Bar"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!--
- new rows
- -->
- <group_roles id="3"
- group_id="102"
- resource_id="123"
- role="user"/>
-
- <!-- default permission template for all qualifiers -->
- <permission_templates id="1"
- name="default"
- kee="default"
- key_pattern="[null]"/>
-
- <permission_templates id="2"
- name="Start with foo"
- kee="foo_tmpl"
- key_pattern="foo\..*"/>
- <permission_templates id="3"
- name="Start with bar"
- kee="bar_tmpl"
- key_pattern="bar\..*"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
-
- <perm_templates_groups id="2"
- template_id="2"
- group_id="102"
- permission_reference="user"/>
- <perm_templates_groups id="3"
- template_id="3"
- group_id="103"
- permission_reference="user"/>
-
- <perm_templates_users/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <groups id="102"
- name="sonar-foos"/>
- <groups id="103"
- name="sonar-bars"/>
-
- <users id="200"
- login="foo"
- name="Foo"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
- <users id="201"
- login="bar"
- name="Bar"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
-
- <!-- default permission template for all qualifiers -->
- <permission_templates id="1"
- name="default"
- kee="default"
- key_pattern="[null]"/>
-
- <permission_templates id="2"
- name="Start with foo"
- kee="foo_tmpl"
- key_pattern="foo\..*"/>
- <permission_templates id="3"
- name="Start with bar"
- kee="bar_tmpl"
- key_pattern="bar\..*"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
-
- <perm_templates_groups id="2"
- template_id="2"
- group_id="102"
- permission_reference="user"/>
- <perm_templates_groups id="3"
- template_id="3"
- group_id="103"
- permission_reference="user"/>
-
- <perm_templates_users/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!-- created permissions should be based on the TRK template -->
- <group_roles id="3"
- group_id="100"
- resource_id="123"
- role="admin"/>
- <group_roles id="4"
- group_id="101"
- resource_id="123"
- role="admin"/>
- <group_roles id="5"
- group_id="100"
- resource_id="123"
- role="user"/>
- <group_roles id="6"
- group_id="100"
- resource_id="123"
- role="codeviewer"/>
- <group_roles id="7"
- group_id="[null]"
- resource_id="123"
- role="codeviewer"/>
-
- <user_roles id="2"
- user_id="200"
- resource_id="123"
- role="codeviewer"/>
-
-
- <!-- default permission template for all qualifiers -->
- <permission_templates id="1"
- name="default"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
- <perm_templates_groups id="2"
- template_id="1"
- group_id="101"
- permission_reference="user"/>
- <perm_templates_groups id="3"
- template_id="1"
- group_id="[null]"
- permission_reference="user"/>
- <perm_templates_groups id="4"
- template_id="1"
- group_id="101"
- permission_reference="codeviewer"/>
- <perm_templates_groups id="5"
- template_id="1"
- group_id="[null]"
- permission_reference="codeviewer"/>
-
-
- <!-- default permission template for TRK -->
- <permission_templates id="2"
- name="default_for_TRK"/>
-
- <perm_templates_groups id="6"
- template_id="2"
- group_id="100"
- permission_reference="admin"/>
- <perm_templates_groups id="7"
- template_id="2"
- group_id="101"
- permission_reference="admin"/>
- <perm_templates_groups id="8"
- template_id="2"
- group_id="100"
- permission_reference="user"/>
- <perm_templates_groups id="9"
- template_id="2"
- group_id="100"
- permission_reference="codeviewer"/>
- <perm_templates_groups id="10"
- template_id="2"
- group_id="[null]"
- permission_reference="codeviewer"/>
-
- <perm_templates_users id="1"
- template_id="2"
- user_id="200"
- permission_reference="codeviewer"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
-
- <!-- default permission template for all qualifiers -->
- <permission_templates id="1"
- name="default"
- kee="default_20130101_010203"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
- <perm_templates_groups id="2"
- template_id="1"
- group_id="101"
- permission_reference="user"/>
- <perm_templates_groups id="3"
- template_id="1"
- group_id="[null]"
- permission_reference="user"/>
- <perm_templates_groups id="4"
- template_id="1"
- group_id="101"
- permission_reference="codeviewer"/>
- <perm_templates_groups id="5"
- template_id="1"
- group_id="[null]"
- permission_reference="codeviewer"/>
-
-
- <!-- default permission template for TRK -->
- <permission_templates id="2"
- name="default_for_TRK"
- kee="default_for_trk_20130101_010203"/>
-
- <perm_templates_groups id="6"
- template_id="2"
- group_id="100"
- permission_reference="admin"/>
- <perm_templates_groups id="7"
- template_id="2"
- group_id="101"
- permission_reference="admin"/>
- <perm_templates_groups id="8"
- template_id="2"
- group_id="100"
- permission_reference="user"/>
- <perm_templates_groups id="9"
- template_id="2"
- group_id="100"
- permission_reference="codeviewer"/>
- <perm_templates_groups id="10"
- template_id="2"
- group_id="[null]"
- permission_reference="codeviewer"/>
-
- <perm_templates_users id="1"
- template_id="2"
- user_id="200"
- permission_reference="codeviewer"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <groups id="102"
- name="sonar-foos"/>
- <groups id="103"
- name="sonar-bars"/>
-
- <users id="200"
- login="foo"
- name="Foo"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
- <users id="201"
- login="bar"
- name="Bar"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
-
- <!-- default permission template for all qualifiers -->
- <permission_templates id="1"
- name="default"
- kee="default"
- key_pattern="[null]"/>
-
- <permission_templates id="2"
- name="Start with foo"
- kee="foo_tmpl"
- key_pattern="foo\..*"/>
- <permission_templates id="3"
- name="Start with foo again"
- kee="foo2_tmpl"
- key_pattern="foo.*"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
-
- <perm_templates_groups id="2"
- template_id="2"
- group_id="102"
- permission_reference="user"/>
- <perm_templates_groups id="3"
- template_id="3"
- group_id="103"
- permission_reference="user"/>
-
- <perm_templates_users/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!-- new rows : sonar-administrators (admin) -->
- <group_roles id="3"
- group_id="100"
- resource_id="123"
- role="admin"/>
-
- <!-- default permission template -->
- <permission_templates id="1"
- name="default_template"
- kee="default_template_20130101_010203"/>
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!-- default permission template for TRK -->
- <permission_templates id="1"
- name="default_template"
- kee="default_template_20130101_010203"/>
-
- <perm_templates_groups id="1"
- template_id="1"
- group_id="100"
- permission_reference="admin"/>
- <perm_templates_groups id="2"
- template_id="1"
- group_id="999"
- permission_reference="admin"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
- <users id="201"
- login="disabled"
- name="Disabled"
- email="[null]"
- active="[false]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!-- new row : marius (admin) -->
- <user_roles id="2"
- user_id="200"
- resource_id="123"
- role="admin"/>
-
- <!-- default permission template for TRK -->
- <permission_templates id="1"
- name="default_for_TRK"
- kee="default_for_trk_20130101_010203"/>
-
- <perm_templates_users id="1"
- template_id="1"
- user_id="200"
- permission_reference="admin"/>
- <perm_templates_users id="2"
- template_id="1"
- user_id="201"
- permission_reference="admin"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <projects id="123"
- kee="foo.project"/>
-
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
- <users id="201"
- login="disabled"
- name="Disabled"
- email="[null]"
- active="[false]"
- is_root="[false]"/>
-
- <!-- on other resources -->
- <group_roles id="1"
- group_id="100"
- resource_id="1"
- role="admin"/>
- <group_roles id="2"
- group_id="101"
- resource_id="1"
- role="user"/>
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!-- default permission template for TRK -->
- <permission_templates id="1"
- name="default_for_TRK"
- kee="default_for_trk_20130101_010203"/>
-
- <perm_templates_users id="1"
- template_id="1"
- user_id="200"
- permission_reference="admin"/>
- <perm_templates_users id="2"
- template_id="1"
- user_id="201"
- permission_reference="admin"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-
- <group_roles group_id="100" resource_id="123" role="admin"/>
-</dataset>
\ No newline at end of file
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-
- <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-
- <!-- already existed -->
- <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-
- <!-- already existed -->
- <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-
- <!-- already existed -->
- <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100" name="sonar-administrators"/>
- <groups id="101" name="sonar-users"/>
-
- <!-- already existed -->
- <group_roles id="1" group_id="[null]" resource_id="123" role="admin"/>
-</dataset>
+++ /dev/null
-<dataset>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <user_roles user_id="200"
- resource_id="123"
- role="admin"/>
-
-</dataset>
+++ /dev/null
-<dataset>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-</dataset>
+++ /dev/null
-<dataset>
- <groups id="100"
- name="sonar-administrators"/>
- <groups id="101"
- name="sonar-users"/>
- <users id="200"
- login="marius"
- name="Marius"
- email="[null]"
- active="[true]"
- is_root="[false]"/>
-
- <!-- only_users -->
- <user_roles id="1"
- user_id="200"
- resource_id="1"
- role="admin"/>
-
- <!-- only_groups -->
- <group_roles id="1"
- group_id="100"
- resource_id="2"
- role="admin"/>
-
- <!-- groups_and_users -->
- <group_roles id="2"
- group_id="101"
- resource_id="3"
- role="user"/>
- <user_roles id="2"
- user_id="200"
- resource_id="3"
- role="admin"/>
-
-</dataset>
<user_roles id="1"
user_id="100"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<group_roles id="1"
<user_roles id="1"
user_id="100"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<group_roles id="1"
<user_roles id="1"
user_id="100"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<group_roles id="1"
<user_roles id="1"
user_id="100"
resource_id="300"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="2"
user_id="100"
resource_id="400"
- role="codeviewer"/>
+ role="codeviewer"
+ organization_uuid="org1"/>
<projects id="300"
kee="pj-w-snapshot"
<user_roles id="1"
user_id="100"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="2"
user_id="101"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="3"
user_id="102"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<user_roles id="1"
user_id="100"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="2"
user_id="101"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="3"
user_id="102"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<user_roles id="1"
user_id="100"
resource_id="300"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="2"
user_id="101"
resource_id="300"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="3"
user_id="102"
resource_id="300"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<user_roles id="4"
user_id="100"
resource_id="400"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<dataset>
- <user_roles id="1" user_id="100" resource_id="[null]" role="user"/>
+ <user_roles id="1"
+ user_id="100"
+ resource_id="[null]"
+ role="user"
+ organization_uuid="org1"/>
- <groups_users user_id="1" group_id="200"/>
- <groups_users user_id="1" group_id="201"/>
+ <groups_users user_id="1"
+ group_id="200"/>
+ <groups_users user_id="1"
+ group_id="201"/>
- <group_roles id="200" group_id="[null]" resource_id="[null]" role="user"/>
- <group_roles id="201" group_id="[null]" resource_id="[null]" role="admin"/>
+ <group_roles id="200"
+ group_id="[null]"
+ resource_id="[null]"
+ role="user"/>
+ <group_roles id="201"
+ group_id="[null]"
+ resource_id="[null]"
+ role="admin"/>
</dataset>
<user_roles id="1"
user_id="100"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<group_roles id="1"
<user_roles id="1"
user_id="100"
resource_id="999"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<group_roles id="1"
<user_roles id="1"
user_id="100"
resource_id="300"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<group_roles id="1"
<user_roles id="1"
user_id="100"
resource_id="300"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<user_roles id="2"
user_id="100"
resource_id="400"
- role="user"/>
+ role="user"
+ organization_uuid="org1"/>
<groups_users user_id="100"
group_id="200"/>
<group_roles id="1"
id="123"/>
<groups id="100"
- name="sonar-administrators"/>
+ name="sonar-administrators"
+ organization_uuid="org1"/>
<groups id="101"
- name="sonar-users"/>
+ name="sonar-users"
+ organization_uuid="org1"/>
<users id="200"
login="marius"
<user_roles id="1"
user_id="200"
resource_id="1"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<!-- default permission template for all qualifiers -->
<permission_templates id="1"
name="default"
- kee="default_20130101_010203"/>
+ kee="default_20130101_010203"
+ organization_uuid="org1"/>
<perm_templates_groups id="1"
template_id="1"
id="123"/>
<groups id="100"
- name="sonar-administrators"/>
+ name="sonar-administrators"
+ organization_uuid="org1"/>
<groups id="101"
- name="sonar-users"/>
+ name="sonar-users"
+ organization_uuid="org1"/>
<users id="200"
login="marius"
<user_roles id="1"
user_id="200"
resource_id="1"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<!-- default permission template for all qualifiers -->
<permission_templates id="1"
name="default"
- kee="default_20130101_010203"/>
+ kee="default_20130101_010203"
+ organization_uuid="org1"/>
<perm_templates_groups id="1"
template_id="1"
+++ /dev/null
-<dataset>
-
- <users id="200"
- login="dave.loper"
- name="Dave Loper"
- email="dave.loper@company.net"
- active="[true]"
- is_root="[false]"/>
-
- <user_roles id="1"
- user_id="200"
- resource_id="123"
- role="user"/>
- <user_roles id="2"
- user_id="200"
- resource_id="123"
- role="admin"/>
-
- <projects id="100"
- root_id="[null]"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"/>
-
-</dataset>
+++ /dev/null
-<dataset>
-
- <users id="200"
- login="dave.loper"
- name="Dave Loper"
- email="dave.loper@company.net"
- active="[true]"
- is_root="[false]"/>
-
- <user_roles id="1"
- user_id="200"
- resource_id="123"
- role="user"/>
-
- <projects uuid="A"
- uuid_path="NOT_USED"
- root_uuid="A"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"
- id="123"/>
-
-</dataset>
id="123"/>
<groups id="100"
- name="sonar-administrators"/>
+ name="sonar-administrators"
+ organization_uuid="org1"/>
<groups id="101"
- name="sonar-users"/>
+ name="sonar-users"
+ organization_uuid="org1"/>
<users id="200"
login="marius"
<user_roles id="1"
user_id="200"
resource_id="1"
- role="admin"/>
+ role="admin"
+ organization_uuid="org1"/>
<!-- default permission template for all qualifiers -->
<permission_templates id="1"
name="default"
- kee="default_20130101_010203"/>
+ kee="default_20130101_010203"
+ organization_uuid="org1"/>
<perm_templates_groups id="1"
template_id="1"
<dataset>
<groups id="100"
- name="devs"/>
+ name="devs"
+ organization_uuid="org1"/>
<group_roles id="1"
group_id="100"
<dataset>
<groups id="100"
- name="devs"/>
+ name="devs"
+ organization_uuid="org1"/>
<group_roles id="1"
group_id="100"
+++ /dev/null
-<dataset>
-
- <users id="200"
- login="dave.loper"
- name="Dave Loper"
- email="dave.loper@company.net"
- active="[true]"
- is_root="[false]"/>
-
- <user_roles id="1"
- user_id="200"
- resource_id="123"
- role="user"/>
-
- <projects uuid="A"
- uuid_path="NOT_USED"
- root_uuid="A"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"
- id="123"/>
-
-</dataset>
+++ /dev/null
-<dataset>
-
- <users id="200"
- login="dave.loper"
- name="Dave Loper"
- email="dave.loper@company.net"
- active="[true]"
- is_root="[false]"/>
-
- <user_roles id="1"
- user_id="200"
- resource_id="123"
- role="user"/>
- <user_roles id="2"
- user_id="200"
- resource_id="123"
- role="admin"/>
-
- <projects uuid="THE_PROJECT_UUID"
- uuid_path="NOT_USED"
- root_uuid="THE_PROJECT_UUID"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"
- id="123"/>
-
-</dataset>
+++ /dev/null
-<dataset>
-
- <groups id="100"
- name="devs"/>
-
- <group_roles id="1"
- group_id="100"
- resource_id="123"
- role="admin"/>
- <group_roles id="2"
- group_id="[null]"
- resource_id="123"
- role="user"/>
-
- <projects uuid="A"
- uuid_path="NOT_USED"
- root_uuid="A"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"
- id="123"/>
-
-
-</dataset>
+++ /dev/null
-<dataset>
-
- <groups id="100"
- name="devs"/>
-
- <group_roles id="1"
- group_id="100"
- resource_id="123"
- role="admin"/>
-
- <projects uuid="A"
- uuid_path="NOT_USED"
- root_uuid="A"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"
- id="123"/>
-
-
-</dataset>
+++ /dev/null
-<dataset>
-
- <groups id="100"
- name="devs"/>
-
- <group_roles id="1"
- group_id="100"
- resource_id="123"
- role="admin"/>
- <group_roles id="2"
- group_id="100"
- resource_id="123"
- role="user"/>
-
- <projects uuid="A"
- uuid_path="NOT_USED"
- root_uuid="A"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"
- id="123"/>
-
-</dataset>
+++ /dev/null
-<dataset>
-
- <groups id="100"
- name="devs"/>
-
- <group_roles id="1"
- group_id="100"
- resource_id="123"
- role="admin"/>
-
- <projects uuid="A"
- uuid_path="NOT_USED"
- root_uuid="A"
- scope="PRJ"
- qualifier="TRK"
- kee="org.struts:struts"
- name="Struts"
- description="the description"
- long_name="Apache Struts"
- enabled="[true]"
- language="java"
- copy_component_uuid="[null]"
- developer_uuid="[null]"
- path="[null]"
- authorization_updated_at="123456789"
- id="123"/>
-
-</dataset>