package org.sonar.server.issue.db;
-import org.elasticsearch.action.bulk.BulkRequestBuilder;
-import org.elasticsearch.action.index.IndexRequestBuilder;
-import org.elasticsearch.action.search.SearchRequestBuilder;
-import org.elasticsearch.action.search.SearchResponse;
-import org.elasticsearch.index.query.BoolFilterBuilder;
-import org.elasticsearch.index.query.FilterBuilders;
-import org.elasticsearch.index.query.OrFilterBuilder;
-import org.elasticsearch.index.query.QueryBuilders;
import org.junit.After;
import org.junit.Before;
import org.junit.ClassRule;
import org.sonar.server.rule.RuleTesting;
import org.sonar.server.rule.db.RuleDao;
import org.sonar.server.search.IndexClient;
-import org.sonar.server.search.IndexDefinition;
-import org.sonar.server.search.SearchClient;
import org.sonar.server.tester.ServerTester;
-import javax.annotation.Nullable;
-
import java.util.Date;
-import java.util.List;
-import java.util.Map;
import java.util.UUID;
-import static com.google.common.collect.Lists.newArrayList;
-import static com.google.common.collect.Maps.newHashMap;
import static org.fest.assertions.Assertions.assertThat;
public class IssueBackendMediumTest {
assertThat(indexClient.get(IssueIndex.class).countAll()).isEqualTo(1);
}
- @Test
- public void issue_authorization_on_group() throws Exception {
- SearchClient searchClient = tester.get(SearchClient.class);
-
- RuleDto rule = RuleTesting.newXooX1();
- tester.get(RuleDao.class).insert(dbSession, rule);
-
- ComponentDto project1 = addComponent(1L, 1L, "SonarQube :: Server");
- ComponentDto file1 = addComponent(2L, 1L, "IssueAction.java");
- addIssue(rule, project1, file1);
- addIssueAuthorization(searchClient, project1, null, newArrayList("user")).get();
-
- ComponentDto project2 = addComponent(10L, 10L, "SonarQube :: Core");
- ComponentDto file2 = addComponent(11L, 10L, "IssueDao.java");
- addIssue(rule, project2, file2);
- addIssueAuthorization(searchClient, project2, null, newArrayList("reviewer")).get();
-
- ComponentDto project3 = addComponent(20L, 20L, "SonarQube :: WS");
- ComponentDto file3 = addComponent(21L, 20L, "IssueWS.java");
- addIssue(rule, project3, file3);
- addIssueAuthorization(searchClient, project3, null, newArrayList("user", "reviewer")).get();
-
- dbSession.commit();
-
- assertThat(searchIssueWithAuthorization(searchClient, "julien", "user", "reviewer").getHits().getTotalHits()).isEqualTo(3); // ok
- assertThat(searchIssueWithAuthorization(searchClient, "julien", "user").getHits().getTotalHits()).isEqualTo(2); // ko -> 1
- assertThat(searchIssueWithAuthorization(searchClient, "julien", "reviewer").getHits().getTotalHits()).isEqualTo(2); // ko -> 1
- assertThat(searchIssueWithAuthorization(searchClient, "julien", "unknown").getHits().getTotalHits()).isEqualTo(0);
- }
-
- @Test
- public void issue_authorization_on_user() throws Exception {
- SearchClient searchClient = tester.get(SearchClient.class);
-
- RuleDto rule = RuleTesting.newXooX1();
- tester.get(RuleDao.class).insert(dbSession, rule);
-
- ComponentDto project = addComponent(1L, 1L, "SonarQube");
- ComponentDto file = addComponent(2L, 1L, "IssueAction.java");
- addIssue(rule, project, file);
- addIssueAuthorization(searchClient, project, newArrayList("julien"), null).get();
-
- dbSession.commit();
-
- // The issue is visible for user julien
- assertThat(searchIssueWithAuthorization(searchClient, "julien", "user").getHits().getTotalHits()).isEqualTo(1);
- // The issue is not visible for user simon
- assertThat(searchIssueWithAuthorization(searchClient, "simon", "user").getHits().getTotalHits()).isEqualTo(0);
- }
-
- @Test
- public void issue_authorization_with_a_lot_of_issues() throws Exception {
- SearchClient searchClient = tester.get(SearchClient.class);
-
- RuleDto rule = RuleTesting.newXooX1();
- tester.get(RuleDao.class).insert(dbSession, rule);
-
- int nbProject = 10;
- int nbUser = 5;
- int componentPerProject = 5;
-
- Long projectId = 1L;
- Long componentId = 1L;
-
- List<String> users = newArrayList();
- for (int u = 0; u < nbUser; u++) {
- users.add("user-" + u);
- }
-
- BulkRequestBuilder bulkRequestBuilder = new BulkRequestBuilder(searchClient).setRefresh(true);
- for (int p = 0; p < nbProject; p++) {
- ComponentDto project = addComponent(projectId, projectId, "Project-" + projectId.toString());
-
- List<String> groups = newArrayList();
- groups.add("anyone");
- if (p % 2 == 0) {
- groups.add("user");
- }
-
- bulkRequestBuilder.add(addIssueAuthorization(searchClient, project, users, groups, false));
- for (int c = 0; c < componentPerProject; c++) {
- ComponentDto file = addComponent(componentId, projectId, "Component-" + componentId.toString());
- addIssue(rule, project, file);
- componentId++;
- }
- projectId++;
-
- if (bulkRequestBuilder.numberOfActions() == nbProject) {
- bulkRequestBuilder.get();
- dbSession.commit();
- }
- }
- bulkRequestBuilder.setRefresh(true).get();
- dbSession.commit();
-
- // All issues are visible by group anyone
- assertThat(searchIssueWithAuthorization(searchClient, "", "anyone").getHits().getTotalHits()).isEqualTo(nbProject * componentPerProject);
- // Half of issues are visible by group user
- assertThat(searchIssueWithAuthorization(searchClient, "", "user").getHits().getTotalHits()).isEqualTo(nbProject * componentPerProject / 2);
- // user-1 should see all issues
- assertThat(searchIssueWithAuthorization(searchClient, "user-1", "").getHits().getTotalHits()).isEqualTo(nbProject * componentPerProject);
-
- // Thread.sleep(Integer.MAX_VALUE);
- }
-
- private SearchResponse searchIssueWithAuthorization(SearchClient searchClient, String user, String... groups) {
- BoolFilterBuilder permissionFilter = FilterBuilders.boolFilter();
-
- OrFilterBuilder or = FilterBuilders.orFilter(FilterBuilders.termFilter("users", user));
- for (String group : groups) {
- or.add(FilterBuilders.termFilter("groups", group));
- }
- permissionFilter.must(FilterBuilders.termFilter("permission", "read"), or).cache(true);
-
- SearchRequestBuilder request = searchClient.prepareSearch(IndexDefinition.ISSUES.getIndexName()).setTypes(IndexDefinition.ISSUES.getIndexType())
- .setQuery(
- QueryBuilders.filteredQuery(
- QueryBuilders.matchAllQuery(),
- FilterBuilders.hasParentFilter(IndexDefinition.ISSUES_AUTHORIZATION.getIndexType(),
- QueryBuilders.filteredQuery(
- QueryBuilders.matchAllQuery(), permissionFilter)
- )
- )
- )
- .setSize(Integer.MAX_VALUE);
-
- return searchClient.execute(request);
- }
-
- private ComponentDto addComponent(Long id, Long projectId, String key) {
- ComponentDto project = new ComponentDto()
- .setId(id)
- .setProjectId(projectId)
- .setKey(key);
- tester.get(ComponentDao.class).insert(dbSession, project);
- return project;
- }
-
- private IssueDto addIssue(RuleDto rule, ComponentDto project, ComponentDto file) {
- IssueDto issue = new IssueDto()
- .setRuleId(rule.getId())
- .setRootComponentKey_unit_test_only(project.key())
- .setRootComponentId(project.getId())
- .setComponentKey_unit_test_only(file.key())
- .setComponentId(file.getId())
- .setStatus("OPEN").setResolution("OPEN")
- .setKee(UUID.randomUUID().toString());
- dbClient.issueDao().insert(dbSession, issue);
- return issue;
- }
-
- private IndexRequestBuilder addIssueAuthorization(final SearchClient searchClient, ComponentDto project, @Nullable List<String> users, @Nullable List<String> groups) {
- return addIssueAuthorization(searchClient, project, users, groups, true);
- }
-
- private IndexRequestBuilder addIssueAuthorization(final SearchClient searchClient, ComponentDto project, @Nullable List<String> users, @Nullable List<String> groups, boolean refresh) {
- Map<String, Object> permissionSource = newHashMap();
- permissionSource.put("_parent", project.key());
- permissionSource.put("permission", "read");
- permissionSource.put("project", project.key());
- if (users != null) {
- permissionSource.put("users", users);
- }
- if (groups != null) {
- permissionSource.put("groups", groups);
- }
-
- return searchClient.prepareIndex(IndexDefinition.ISSUES_AUTHORIZATION.getIndexName(), IndexDefinition.ISSUES_AUTHORIZATION.getIndexType())
- .setId(project.key())
- .setSource(permissionSource)
- .setRefresh(refresh);
- }
-
}