permissionQuery.setComponentUuid(project.get().uuid());
}
if (request.getQuery() == null) {
- permissionQuery.withPermissionOnly();
+ permissionQuery.withAtLeastOnePermission();
}
return permissionQuery.build();
}
private static PermissionQuery permissionQuery(String permissionKey) {
return PermissionQuery.builder()
.setPermission(permissionKey)
- .withPermissionOnly()
+ .withAtLeastOnePermission()
.build();
}
}
.setPageSize(request.mandatoryParamAsInt(PAGE_SIZE))
.setSearchQuery(textQuery);
if (textQuery == null) {
- permissionQuery.withPermissionOnly();
+ permissionQuery.withAtLeastOnePermission();
}
return permissionQuery.build();
}
.setPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE))
.setSearchQuery(textQuery);
if (textQuery == null) {
- query.withPermissionOnly();
+ query.withAtLeastOnePermission();
}
return query.build();
}
dbQuery.setComponentUuid(project.get().uuid());
}
if (request.getQuery() == null) {
- dbQuery.withPermissionOnly();
+ dbQuery.withAtLeastOnePermission();
}
return dbQuery.build();
.contains(GlobalPermissions.SYSTEM_ADMIN);
boolean isOneRemainingAdminGroup = dbClient.permissionDao().countGroups(dbSession, GlobalPermissions.SYSTEM_ADMIN, null) == 1;
boolean hasNoStandaloneAdminUser = dbClient.permissionDao().countUsersByQuery(dbSession,
- PermissionQuery.builder().setPermission(GlobalPermissions.SYSTEM_ADMIN).withPermissionOnly().build()) == 0;
+ PermissionQuery.builder().setPermission(GlobalPermissions.SYSTEM_ADMIN).withAtLeastOnePermission().build()) == 0;
boolean isLastAdminGroup = hasAdminPermission && isOneRemainingAdminGroup && hasNoStandaloneAdminUser;
checkArgument(!isLastAdminGroup, "The last system admin group '%s' cannot be deleted", groupName);
public static final int DEFAULT_PAGE_SIZE = 20;
public static final int DEFAULT_PAGE_INDEX = 1;
+ // filter: return only the users or groups who have this permission
private final String permission;
+ // filter on project, else filter global permissions
private final String componentUuid;
private final String template;
+
+ // filter on name of users or groups
private final String searchQuery;
private final String searchQueryToSql;
- private final boolean withPermissionOnly;
+
+ // filter users or groups that have at least one permission. It does make
+ // sense when the filter "permission" is set.
+ private final boolean withAtLeastOnePermission;
private final int pageSize;
private final int pageOffset;
private PermissionQuery(Builder builder) {
this.permission = builder.permission;
- this.withPermissionOnly = builder.withPermissionOnly;
+ this.withAtLeastOnePermission = builder.withAtLeastOnePermission;
this.componentUuid = builder.componentUuid;
this.template = builder.template;
this.searchQuery = builder.searchQuery;
return permission;
}
- public boolean withPermissionOnly() {
- return withPermissionOnly;
+ public boolean withAtLeastOnePermission() {
+ return withAtLeastOnePermission;
}
// TODO remove it, it should not be in the query, but set as a separate parameter
private String componentUuid;
private String template;
private String searchQuery;
- private boolean withPermissionOnly;
+ private boolean withAtLeastOnePermission;
private Integer pageIndex = DEFAULT_PAGE_INDEX;
private Integer pageSize = DEFAULT_PAGE_SIZE;
}
public Builder setPermission(@Nullable String permission) {
- this.withPermissionOnly = permission != null;
+ this.withAtLeastOnePermission = permission != null;
this.permission = permission;
return this;
}
return this;
}
- public Builder withPermissionOnly() {
- this.withPermissionOnly = true;
+ public Builder withAtLeastOnePermission() {
+ this.withAtLeastOnePermission = true;
return this;
}
from users u
left join user_roles ur ON ur.user_id=u.id
left join projects p on ur.resource_id = p.id
- <where>
- and u.active = ${_true}
+ where
+ u.active = ${_true}
<if test="query.searchQueryToSql != null">
and lower(u.name) like #{query.searchQueryToSql} ESCAPE '/'
</if>
<!-- filter rows with user permissions -->
- <if test="query.withPermissionOnly()">
+ <if test="query.withAtLeastOnePermission()">
and ur.role is not null
<if test="query.componentUuid==null">
and ur.resource_id is null
and ur.role=#{query.permission}
</if>
</if>
- </where>
</sql>
<select id="selectUserPermissionsByLogins" parameterType="map" resultType="UserRole">
select 0 as group_id, 'Anyone' as name, gr.role as permission, gr.resource_id as resource_id, gr.id as id
from group_roles gr
<where>
- <if test="query.withPermissionOnly()">
+ <if test="query.withAtLeastOnePermission()">
and gr.group_id is null
</if>
</where>
and lower(gr.name) like #{query.searchQueryToSql} ESCAPE '/'
</if>
<!-- filter rows with group permissions -->
- <if test="query.withPermissionOnly()">
+ <if test="query.withAtLeastOnePermission()">
and gr.permission is not null
<if test="query.componentUuid==null">
and gr.resource_id is null
<if test="query.getSearchQueryToSql() != null">
AND lower(u.name) like #{query.searchQueryToSql} ESCAPE '/'
</if>
- <if test="query.withPermissionOnly()">
+ <if test="query.withAtLeastOnePermission()">
and ptu.permission_reference is not null
<if test="query.getPermission()!=null">
and ptu.permission_reference=#{query.permission}
SELECT 0 AS group_id, 'Anyone' AS name, ptg.permission_reference AS permission, ptg.template_id AS templateId
FROM perm_templates_groups ptg
<where>
- <if test="query.withPermissionOnly()">
+ <if test="query.withAtLeastOnePermission()">
AND ptg.group_id IS NULL
</if>
</where>
<if test="query.searchQueryToSql != null">
AND LOWER(groups.name) LIKE #{query.searchQueryToSql} ESCAPE '/'
</if>
- <if test="query.withPermissionOnly()">
+ <if test="query.withAtLeastOnePermission()">
AND groups.permission IS NOT NULL
AND groups.templateId=#{templateId}
<if test="query.permission != null">
assertThat(underTest.countGroupsByPermissionQuery(dbSession,
PermissionQuery.builder().setPermission(PROVISIONING).build())).isEqualTo(1);
assertThat(underTest.countGroupsByPermissionQuery(dbSession,
- PermissionQuery.builder().withPermissionOnly().build())).isEqualTo(2);
+ PermissionQuery.builder().withAtLeastOnePermission().build())).isEqualTo(2);
assertThat(underTest.countGroupsByPermissionQuery(dbSession,
PermissionQuery.builder().setSearchQuery("Group-").build())).isEqualTo(3);
assertThat(underTest.countGroupsByPermissionQuery(dbSession,
PermissionQuery.Builder builderOnComponent = PermissionQuery.builder().setComponentUuid(project.uuid());
assertThat(underTest.selectGroupNamesByPermissionQuery(dbSession,
- builderOnComponent.withPermissionOnly().build())).containsOnlyOnce(group1.getName());
+ builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName());
assertThat(underTest.selectGroupNamesByPermissionQuery(dbSession,
builderOnComponent.setPermission(SCAN_EXECUTION).build())).containsOnlyOnce(group1.getName());
assertThat(underTest.selectGroupNamesByPermissionQuery(dbSession,
.containsOnly(user1.getLogin(), user2.getLogin(), user3.getLogin(), user4.getLogin());
assertThat(selectLoginsByQuery(PermissionQuery.builder().setPermission(PROVISIONING).build()))
.containsOnly(user3.getLogin());
- assertThat(selectLoginsByQuery(PermissionQuery.builder().withPermissionOnly().setComponentUuid(project.uuid()).build()))
+ assertThat(selectLoginsByQuery(PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project.uuid()).build()))
.containsOnly(user4.getLogin());
}
assertThat(countUsersByQuery(PermissionQuery.builder().build())).isEqualTo(4);
assertThat(countUsersByQuery(PermissionQuery.builder().setPermission(PROVISIONING).build())).isEqualTo(1);
- assertThat(countUsersByQuery(PermissionQuery.builder().withPermissionOnly().setComponentUuid(project.uuid()).build())).isEqualTo(1);
+ assertThat(countUsersByQuery(PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project.uuid()).build())).isEqualTo(1);
}
@Test
PermissionQuery.Builder dbQuery = PermissionQuery.builder()
.setComponentUuid(null)
.setPermission(SCAN_EXECUTION)
- .withPermissionOnly();
+ .withAtLeastOnePermission();
List<String> result = selectLoginsByQuery(dbQuery.build());
int count = countUsersByQuery(dbQuery.build());
PermissionQuery.Builder dbQuery = PermissionQuery.builder()
.setComponentUuid(null)
.setPermission(SCAN_EXECUTION)
- .withPermissionOnly()
+ .withAtLeastOnePermission()
.setComponentUuid(project.uuid());
List<String> result = selectLoginsByQuery(dbQuery.build());
int count = countUsersByQuery(dbQuery.build());
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getId(), group1.getId(), PROVISIONING);
assertThat(selectGroupNamesByQueryAndTemplate(builder().build(), template.getId())).containsOnly("Group-1", "Group-2", "Group-3", "Anyone");
- assertThat(selectGroupNamesByQueryAndTemplate(builder().withPermissionOnly().build(), template.getId())).containsOnly("Group-1", "Group-2");
+ assertThat(selectGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission().build(), template.getId())).containsOnly("Group-1", "Group-2");
assertThat(selectGroupNamesByQueryAndTemplate(builder().setPermission(USER).build(), template.getId())).containsOnly("Group-1");
assertThat(selectGroupNamesByQueryAndTemplate(builder().setPermission(USER).build(), anotherTemplate.getId())).containsOnly("Anyone");
assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("groU").build(), template.getId())).containsOnly("Group-1", "Group-2", "Group-3");
assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("nYo").build(), template.getId())).containsOnly("Anyone");
assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("p-2").build(), template.getId())).containsOnly("Group-2");
- assertThat(selectGroupNamesByQueryAndTemplate(builder().withPermissionOnly().build(), 123L)).isEmpty();
+ assertThat(selectGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission().build(), 123L)).isEmpty();
assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("unknown").build(), template.getId())).isEmpty();
}
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getId(), group1.getId(), PROVISIONING);
assertThat(countGroupNamesByQueryAndTemplate(builder().build(), template.getId())).isEqualTo(4);
- assertThat(countGroupNamesByQueryAndTemplate(builder().withPermissionOnly().build(), template.getId())).isEqualTo(2);
+ assertThat(countGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission().build(), template.getId())).isEqualTo(2);
assertThat(countGroupNamesByQueryAndTemplate(builder().setPermission(USER).build(), template.getId())).isEqualTo(1);
assertThat(countGroupNamesByQueryAndTemplate(builder().setPermission(USER).build(), anotherTemplate.getId())).isEqualTo(1);
assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("groU").build(), template.getId())).isEqualTo(3);
assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("nYo").build(), template.getId())).isEqualTo(1);
assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("p-2").build(), template.getId())).isEqualTo(1);
- assertThat(countGroupNamesByQueryAndTemplate(builder().withPermissionOnly().build(), 123L)).isZero();
+ assertThat(countGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission().build(), 123L)).isZero();
assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("unknown").build(), template.getId())).isZero();
}
dbTester.prepareDbUnit(getClass(), "users_with_permissions.xml");
assertThat(dao.selectUserLoginsByQueryAndTemplate(dbSession, builder().build(), TEMPLATE_ID)).containsOnly("user1", "user2", "user3");
- assertThat(dao.selectUserLoginsByQueryAndTemplate(dbSession, builder().withPermissionOnly().setPermission("user").build(),
+ assertThat(dao.selectUserLoginsByQueryAndTemplate(dbSession, builder().withAtLeastOnePermission().setPermission("user").build(),
TEMPLATE_ID)).containsOnly("user1", "user2");
}
public void return_no_logins_on_unknown_template_key() {
dbTester.prepareDbUnit(getClass(), "users_with_permissions.xml");
- assertThat(dao.selectUserLoginsByQueryAndTemplate(dbSession, builder().setPermission("user").withPermissionOnly().build(), 999L)).isEmpty();
+ assertThat(dao.selectUserLoginsByQueryAndTemplate(dbSession, builder().setPermission("user").withAtLeastOnePermission().build(), 999L)).isEmpty();
}
@Test
assertThat(dao.selectUserLoginsByQueryAndTemplate(
dbSession,
- builder().setPermission("user").withPermissionOnly().build(),
+ builder().setPermission("user").withAtLeastOnePermission().build(),
TEMPLATE_ID)).containsOnly("user1", "user2");
}
dbTester.prepareDbUnit(getClass(), "users_with_permissions.xml");
List<String> result = dao.selectUserLoginsByQueryAndTemplate(
- dbSession, builder().withPermissionOnly().setPermission("user").setSearchQuery("SEr1").build(),
+ dbSession, builder().withAtLeastOnePermission().setPermission("user").setSearchQuery("SEr1").build(),
TEMPLATE_ID);
assertThat(result).containsOnly("user1");
result = dao.selectUserLoginsByQueryAndTemplate(
- dbSession, builder().withPermissionOnly().setPermission("user").setSearchQuery("user").build(),
+ dbSession, builder().withAtLeastOnePermission().setPermission("user").setSearchQuery("user").build(),
TEMPLATE_ID);
assertThat(result).hasSize(2);
}
dbTester.prepareDbUnit(getClass(), "users_with_permissions.xml");
assertThat(dao.countUserLoginsByQueryAndTemplate(dbSession, builder().build(), TEMPLATE_ID)).isEqualTo(3);
- assertThat(dao.countUserLoginsByQueryAndTemplate(dbSession, builder().withPermissionOnly().setPermission("user").build(), TEMPLATE_ID)).isEqualTo(2);
+ assertThat(dao.countUserLoginsByQueryAndTemplate(dbSession, builder().withAtLeastOnePermission().setPermission("user").build(), TEMPLATE_ID)).isEqualTo(2);
}
@Test