package org.sonar.db.permission;
import java.util.Collection;
-import java.util.HashMap;
-import java.util.Map;
import java.util.Set;
import javax.annotation.Nullable;
import org.sonar.db.Dao;
});
}
- /**
- * @deprecated it loads too many results and there's no functional need.
- */
- @Deprecated
- public Collection<String> selectAuthorizedRootProjectsUuids(DbSession dbSession, @Nullable Integer userId, String role) {
- String sql;
- Map<String, Object> params = new HashMap<>(2);
- sql = "selectAuthorizedRootProjectsUuids";
- params.put(USER_ID_PARAM, userId);
- params.put("role", role);
-
- return dbSession.selectList(sql, params);
- }
-
/**
* Keep only authorized user that have the given permission on a given project.
* Please Note that if the permission is 'Anyone' is NOT taking into account by thie method.
</foreach>
</select>
- <select id="selectAuthorizedRootProjectsUuids" parameterType="map" resultType="string">
- <choose>
- <when test="userId != null">
- SELECT p.uuid as root_project_uuid
- FROM group_roles gr
- INNER JOIN projects p on p.id = gr.resource_id AND p.module_uuid IS NULL
- where
- gr.role=#{role,jdbcType=VARCHAR}
- and (gr.group_id is null or exists (select 1 from groups_users gu where gu.user_id = #{userId,jdbcType=INTEGER} and gu.group_id = gr.group_id))
- UNION
- SELECT p.uuid as root_project_uuid
- FROM user_roles ur
- INNER JOIN projects p on p.id = ur.resource_id AND p.module_uuid IS NULL
- where
- ur.role=#{role,jdbcType=VARCHAR}
- and ur.user_id = #{userId,jdbcType=INTEGER}
- </when>
- <otherwise>
- SELECT p.uuid as root_project_uuid
- FROM group_roles gr
- INNER JOIN projects p on p.id = gr.resource_id AND p.module_uuid IS NULL
- where
- gr.role=#{role,jdbcType=VARCHAR}
- and gr.group_id is null
- </otherwise>
- </choose>
- </select>
-
<select id="keepAuthorizedUsersForRoleAndProject" parameterType="map" resultType="int">
SELECT gu.user_id
FROM groups_users gu
assertThat(componentIds).isEmpty();
}
- @Test
- public void should_return_root_project_uuids_for_user() {
- db.prepareDbUnit(getClass(), "should_return_root_project_keys_for_user.xml");
-
- Collection<String> rootProjectUuids = underTest.selectAuthorizedRootProjectsUuids(dbSession, USER, "user");
-
- assertThat(rootProjectUuids).containsOnly("ABCD");
- }
-
- @Test
- public void should_return_root_project_uuids_for_group() {
- // but user is not in an authorized group
- db.prepareDbUnit(getClass(), "should_return_root_project_keys_for_group.xml");
-
- Collection<String> rootProjectUuids = underTest.selectAuthorizedRootProjectsUuids(dbSession, USER, "user");
-
- assertThat(rootProjectUuids).containsOnly("ABCD");
- }
-
- @Test
- public void should_return_root_project_uuids_for_anonymous() {
- db.prepareDbUnit(getClass(), "should_return_root_project_keys_for_anonymous.xml");
-
- Collection<String> rootProjectUuids = underTest.selectAuthorizedRootProjectsUuids(dbSession, null, "user");
-
- assertThat(rootProjectUuids).containsOnly("ABCD");
- }
-
@Test
public void keep_authorized_users_for_role_and_project_for_user() {
db.prepareDbUnit(getClass(), "keep_authorized_users_for_role_and_project_for_user.xml");
*/
package org.sonar.server.favorite.ws;
-import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Set;
-import java.util.function.Predicate;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
private SearchResults toSearchResults(SearchRequest request) {
userSession.checkLoggedIn();
try (DbSession dbSession = dbClient.openSession(false)) {
- List<ComponentDto> authorizedFavorites = favoriteFinder.list().stream()
- .filter(isAuthorized(dbSession))
- .collect(MoreCollectors.toList());
+ List<ComponentDto> authorizedFavorites = getAuthorizedFavorites(dbSession);
Paging paging = Paging.forPageIndex(request.getPage()).withPageSize(request.getPageSize()).andTotal(authorizedFavorites.size());
List<ComponentDto> displayedFavorites = authorizedFavorites.stream()
.skip(paging.offset())
}
}
- private Predicate<ComponentDto> isAuthorized(DbSession dbSession) {
- Collection<String> rootProjectsUuids = dbClient.authorizationDao().selectAuthorizedRootProjectsUuids(dbSession, userSession.getUserId(), UserRole.USER);
- Set<String> authorizedProjectUuids = rootProjectsUuids
- .stream()
- .collect(MoreCollectors.toSet(rootProjectsUuids.size()));
- return dto -> authorizedProjectUuids.contains(dto.projectUuid());
+ private List<ComponentDto> getAuthorizedFavorites(DbSession dbSession) {
+ List<ComponentDto> componentDtos = favoriteFinder.list();
+ Set<Long> favoriteComponentIds = componentDtos.stream()
+ .map(ComponentDto::getId)
+ .collect(MoreCollectors.toSet(componentDtos.size()));
+ Set<Long> authorizedFavoriteComponentIds = dbClient.authorizationDao().keepAuthorizedProjectIds(dbSession, favoriteComponentIds, userSession.getUserId(), UserRole.USER);
+ return componentDtos.stream()
+ .filter(dto -> authorizedFavoriteComponentIds.contains(dto.getId()))
+ .collect(MoreCollectors.toList());
}
private Map<String, OrganizationDto> getOrganizationsOfComponents(DbSession dbSession, List<ComponentDto> displayedFavorites) {
Set<String> organizationUuids = displayedFavorites.stream()
- .map(ComponentDto::getOrganizationUuid)
- .collect(MoreCollectors.toSet());
+ .map(ComponentDto::getOrganizationUuid)
+ .collect(MoreCollectors.toSet());
return dbClient.organizationDao().selectByUuids(dbSession, organizationUuids)
- .stream()
- .collect(MoreCollectors.uniqueIndex(OrganizationDto::getUuid));
+ .stream()
+ .collect(MoreCollectors.uniqueIndex(OrganizationDto::getUuid));
}
private static class SearchResults {
import com.google.common.base.Splitter;
import java.util.Collection;
-import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
}
private Map<Long, ComponentDto> searchProjects(DbSession dbSession, List<PropertyDto> properties) {
- Set<String> authorizedComponentUuids = new HashSet<>(dbClient.authorizationDao().selectAuthorizedRootProjectsUuids(dbSession, userSession.getUserId(), UserRole.USER));
Set<Long> componentIds = properties.stream()
.map(PropertyDto::getResourceId)
.filter(Objects::nonNull)
.collect(MoreCollectors.toSet(properties.size()));
+ Set<Long> authorizedProjectIds = dbClient.authorizationDao().keepAuthorizedProjectIds(dbSession, componentIds, userSession.getUserId(), UserRole.USER);
return dbClient.componentDao().selectByIds(dbSession, componentIds)
.stream()
- .filter(c -> authorizedComponentUuids.contains(c.uuid()))
+ .filter(c -> authorizedProjectIds.contains(c.getId()))
.collect(MoreCollectors.uniqueIndex(ComponentDto::getId));
}
projects / sonarqube.git / commitdiff