Fix query to keep authorized users for a project and a role

author Julien Lancelot <julien.lancelot@sonarsource.com>

Wed, 27 Apr 2016 14:46:26 +0000 (16:46 +0200)

committer Julien Lancelot <julien.lancelot@sonarsource.com>

Wed, 27 Apr 2016 14:46:26 +0000 (16:46 +0200)
author Julien Lancelot <julien.lancelot@sonarsource.com>
Wed, 27 Apr 2016 14:46:26 +0000 (16:46 +0200)
committer Julien Lancelot <julien.lancelot@sonarsource.com>
Wed, 27 Apr 2016 14:46:26 +0000 (16:46 +0200)
diff --git a/sonar-db/src/main/resources/org/sonar/db/user/AuthorizationMapper.xml b/sonar-db/src/main/resources/org/sonar/db/user/AuthorizationMapper.xml

index 8ddb1e09b2cf233f953d92c8440335e236abae27..12bef99c2fd833c3cca50c2b6ad8c288b2f4a566 100644 (file)
--- a/sonar-db/src/main/resources/org/sonar/db/user/AuthorizationMapper.xml
+++ b/sonar-db/src/main/resources/org/sonar/db/user/AuthorizationMapper.xml
@@ -214,12 +214,10 @@
      WHERE
        gr.resource_id=#{componentId}
        AND gr.role=#{role}
-      AND (gr.group_id IS NULL OR gr.group_id IN (
-        select gu.group_id from groups_users gu where gu.user_id in
+      AND gu.user_id in
          <foreach collection="userIds" open="(" close=")" item="id" separator=",">
            #{id}
          </foreach>
-      ))
      UNION
      SELECT ur.user_id
      FROM user_roles ur
diff --git a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java

index ed1a5747d14071f79250a0b12f9e93485afcd3a1..53c43c9be3279645b4ae59be70dd0b60b6b46e9e 100644 (file)
--- a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
@@ -290,6 +290,10 @@ public class AuthorizationDaoTest {
        // Only 100 and 101 has 'user' role on project
        newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).containsOnly(100L, 101L);
  
+    assertThat(authorization.keepAuthorizedUsersForRoleAndProject(dbTester.getSession(),
+      // Only 100 and 101 has 'user' role on project
+      newHashSet(100L), "user", PROJECT_ID)).containsOnly(100L);
+
      // user does not have the role "admin"
      assertThat(authorization.keepAuthorizedUsersForRoleAndProject(dbTester.getSession(), newHashSet(100L), "admin", PROJECT_ID)).isEmpty();
  
@@ -305,6 +309,9 @@ public class AuthorizationDaoTest {
        // Only 100 and 101 has 'user' role on project
        newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).containsOnly(100L, 101L);
  
+    assertThat(authorization.keepAuthorizedUsersForRoleAndProject(dbTester.getSession(),
+      newHashSet(100L), "user", PROJECT_ID)).containsOnly(100L);
+
      // user does not have the role "admin"
      assertThat(authorization.keepAuthorizedUsersForRoleAndProject(dbTester.getSession(), newHashSet(100L), "admin", PROJECT_ID)).isEmpty();
author	Julien Lancelot <julien.lancelot@sonarsource.com>
	Wed, 27 Apr 2016 14:46:26 +0000 (16:46 +0200)
committer	Julien Lancelot <julien.lancelot@sonarsource.com>
	Wed, 27 Apr 2016 14:46:26 +0000 (16:46 +0200)
sonar-db/src/main/resources/org/sonar/db/user/AuthorizationMapper.xml		patch \| blob \| history
sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java		patch \| blob \| history