import static com.google.common.collect.Sets.newHashSet;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
import static org.sonar.db.user.UserTesting.newUserDto;
import static org.sonar.server.authentication.event.AuthenticationEvent.Method;
import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
@Test
public void ignore_groups_on_non_default_organizations() throws Exception {
- OrganizationDto org = db.organizations().insert(newOrganizationDto());
+ OrganizationDto org = db.organizations().insert();
UserDto user = db.users().insertUser(newUserDto()
.setLogin(USER_LOGIN)
.setActive(true)
@Before
public void setUp() throws Exception {
- permissionTemplateDto = db.permissionTemplates().insertTemplate();
+ permissionTemplateDto = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());
setTemplateAsDefault(permissionTemplateDto);
}
ComponentDto otherUserFavorite = newProjectDto(organizationDto).setKey("K42");
db.components().insertComponent(otherUserFavorite);
db.favorites().add(otherUserFavorite, 42L);
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto("O1", UserRole.USER, 42L, otherUserFavorite.getId()));
+ dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(organizationDto.getUuid(), UserRole.USER, 42L, otherUserFavorite.getId()));
db.commit();
SearchResponse result = call();
private void addComponent(ComponentDto component) {
db.components().insertComponent(component);
db.favorites().add(component, USER_ID);
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto("O1", UserRole.USER, USER_ID, component.getId()));
+ dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(component.getOrganizationUuid(), UserRole.USER, USER_ID, component.getId()));
db.commit();
}
@ClassRule
public static ServerTester tester = new ServerTester().withStartupTasks().withEsIndexes();
-
@Rule
public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester);
- DbClient db;
- IssueIndex issueIndex;
- DbSession session;
- IssueService service;
- RuleIndexer ruleIndexer;
+ private DbClient db;
+ private IssueIndex issueIndex;
+ private DbSession session;
+ private IssueService service;
+ private RuleIndexer ruleIndexer;
@Before
public void setUp() {
// project can be seen by group "anyone"
// TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
// for each organization
- GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO"));
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone(organization.getUuid()));
tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
userSessionRule.login();
import org.sonar.db.component.ComponentDto;
import org.sonar.db.issue.IssueChangeDto;
import org.sonar.db.issue.IssueDto;
+import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.rule.RuleDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.es.EsTester;
private List<Action> actions = new ArrayList<>();
private RuleDto rule;
+ private OrganizationDto organization;
private ComponentDto project;
private ComponentDto file;
private UserDto user;
public void setUp() throws Exception {
issueWorkflow.start();
rule = db.rules().insertRule(newRuleDto());
- project = db.components().insertProject(db.organizations().insert());
+ organization = db.organizations().insert();
+ project = db.components().insertProject(organization);
file = db.components().insertComponent(newFileDto(project));
user = db.users().insertUser("john");
when(system2.now()).thenReturn(NOW);
userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
// TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
// for each organization
- GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO"));
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid()));
tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
}
userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
// TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
// for each organization
- GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO"));
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid()));
tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
}
Arrays.stream(permissions).forEach(permission -> userSessionRule.addProjectUuidPermissions(permission, project.uuid()));
tester.get(PermissionUpdater.class).apply(session, Arrays.stream(permissions)
// TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone" for each organization
- .map(permission -> new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO")))
+ .map(permission -> new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid())))
.collect(Collectors.toList()));
}
private ComponentDto addComponent(ComponentDto component) {
db.components().insertComponent(component);
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto("O1", UserRole.USER, userSession.getUserId(), component.getId()));
+ dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(component.getOrganizationUuid(), UserRole.USER, userSession.getUserId(), component.getId()));
db.commit();
return component;
public void setUp() throws Exception {
org = db.organizations().insert();
group = db.users().insertGroup(org, "a-group");
- project = db.components().insertProject();
+ project = db.components().insertProject(org);
}
@Test
@Test
public void add_project_permission_to_anyone() {
- OrganizationDto defaultOrganization = db.getDefaultOrganization();
- GroupIdOrAnyone groupId = new GroupIdOrAnyone(defaultOrganization.getUuid(), null);
+ GroupIdOrAnyone groupId = new GroupIdOrAnyone(org.getUuid(), null);
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ISSUE_ADMIN, new ProjectId(project), groupId));
- assertThat(db.users().selectAnyonePermissions(defaultOrganization, null)).isEmpty();
- assertThat(db.users().selectAnyonePermissions(defaultOrganization, project)).containsOnly(UserRole.ISSUE_ADMIN);
+ assertThat(db.users().selectAnyonePermissions(org, null)).isEmpty();
+ assertThat(db.users().selectAnyonePermissions(org, project)).containsOnly(UserRole.ISSUE_ADMIN);
}
@Test
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
import static org.sonar.server.permission.PermissionChange.Operation.ADD;
import static org.sonar.server.permission.PermissionChange.Operation.REMOVE;
@Before
public void setUp() throws Exception {
- org1 = db.organizations().insert(newOrganizationDto());
- org2 = db.organizations().insert(newOrganizationDto());
+ org1 = db.organizations().insert();
+ org2 = db.organizations().insert();
user1 = db.users().insertUser();
user2 = db.users().insertUser();
- project = db.components().insertProject();
+ project = db.components().insertProject(org1);
}
@Test
db.users().insertPermissionOnUser(org1, user1, SCAN_EXECUTION);
db.users().insertPermissionOnUser(org2, user1, QUALITY_GATE_ADMIN);
db.users().insertPermissionOnUser(org1, user2, QUALITY_GATE_ADMIN);
- db.users().insertProjectPermissionOnUser(org1, user1, ISSUE_ADMIN, project);
+ db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project);
UserPermissionChange change = new UserPermissionChange(REMOVE, org1.getUuid(), QUALITY_GATE_ADMIN, null, UserId.from(user1));
apply(change);
@Test
public void remove_project_permission_from_user() {
- ComponentDto project2 = db.components().insertProject();
+ ComponentDto project2 = db.components().insertProject(org1);
db.users().insertPermissionOnUser(org1, user1, QUALITY_GATE_ADMIN);
- db.users().insertProjectPermissionOnUser(org1, user1, ISSUE_ADMIN, project);
- db.users().insertProjectPermissionOnUser(org1, user1, USER, project);
- db.users().insertProjectPermissionOnUser(org1, user2, ISSUE_ADMIN, project);
- db.users().insertProjectPermissionOnUser(org1, user1, ISSUE_ADMIN, project2);
+ db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project);
+ db.users().insertProjectPermissionOnUser(user1, USER, project);
+ db.users().insertProjectPermissionOnUser(user2, ISSUE_ADMIN, project);
+ db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project2);
UserPermissionChange change = new UserPermissionChange(REMOVE, org1.getUuid(), ISSUE_ADMIN, new ProjectId(project), UserId.from(user1));
apply(change);
userDbTester.insertProjectPermissionOnGroup(group, ADMIN, view1);
// Anyone group has user access on both projects
- userDbTester.insertProjectPermissionOnAnyone(USER, project1);
- userDbTester.insertProjectPermissionOnAnyone(ADMIN, project1);
- userDbTester.insertProjectPermissionOnAnyone(USER, project2);
- userDbTester.insertProjectPermissionOnAnyone(USER, view1);
- userDbTester.insertProjectPermissionOnAnyone(ADMIN, view1);
- userDbTester.insertProjectPermissionOnAnyone(USER, view2);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, project1);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), ADMIN, project1);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, project2);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, view1);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), ADMIN, view1);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, view2);
}
}
userDbTester.insertProjectPermissionOnUser(user, ADMIN, view);
GroupDto group = userDbTester.insertGroup();
userDbTester.insertProjectPermissionOnGroup(group, USER, project);
- userDbTester.insertProjectPermissionOnAnyone(USER, project);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, project);
userDbTester.insertProjectPermissionOnGroup(group, USER, view);
- userDbTester.insertProjectPermissionOnAnyone(USER, view);
+ userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, view);
underTest.indexAllIfEmpty();
@Test
public void add_permission_to_view() throws Exception {
- ComponentDto view = db.components().insertComponent(newView(db.organizations().insert(), "view-uuid").setKey("view-key"));
+ ComponentDto view = db.components().insertComponent(newView(db.getDefaultOrganization(), "view-uuid").setKey("view-key"));
loginAsAdminOnDefaultOrganization();
newRequest()
@Test
public void remove_with_view_uuid() throws Exception {
- ComponentDto view = db.components().insertComponent(newView(db.organizations().insert(), "view-uuid").setKey("view-key"));
+ ComponentDto view = db.components().insertComponent(newView(db.getDefaultOrganization(), "view-uuid").setKey("view-key"));
db.users().insertPermissionOnGroup(aGroup, SYSTEM_ADMIN);
db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, view);
db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, view);
@Test
public void search_in_organization() throws Exception {
- OrganizationDto org = db.organizations().insert(newOrganizationDto());
+ OrganizationDto org = db.organizations().insert();
loginAsAdmin(org);
GroupDto adminGroup = db.users().insertGroup(newGroup(org, "sonar-admins", "Administrators"));
GroupDto userGroup = db.users().insertGroup(newGroup(org, "sonar-users", "Users"));
@Test
public void search_in_default_organization_by_default() throws Exception {
- OrganizationDto org = db.organizations().insert(newOrganizationDto());
+ OrganizationDto org = db.organizations().insert();
loginAsAdmin(org, db.getDefaultOrganization());
UserDto user = db.users().insertUser();
@Test
public void fail_if_not_admin_of_specified_organization() throws Exception {
- OrganizationDto org = db.organizations().insert(newOrganizationDto());
+ OrganizationDto org = db.organizations().insert();
loginAsAdminOnDefaultOrganization();
expectedException.expect(ForbiddenException.class);
import static org.sonar.db.component.ComponentTesting.newProjectCopy;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.ComponentTesting.newView;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
import static org.sonar.test.JsonAssert.assertJson;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
// global permission
db.users().insertPermissionOnUser(user1, GlobalPermissions.SYSTEM_ADMIN);
- GroupDto group1 = db.users().insertGroup(newGroupDto());
- GroupDto group2 = db.users().insertGroup(newGroupDto());
- GroupDto group3 = db.users().insertGroup(newGroupDto());
+ GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization());
+ GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization());
+ GroupDto group3 = db.users().insertGroup(db.getDefaultOrganization());
db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), UserRole.ADMIN, jdk7);
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, jdk7);
}
private ComponentDto insertView() {
- return db.components().insertComponent(newView(db.organizations().insert())
+ return db.components().insertComponent(newView(db.getDefaultOrganization())
.setUuid("752d8bfd-420c-4a83-a4e5-8ab19b13c8fc")
.setName("Java")
.setKey("Java"));
}
private ComponentDto insertJdk7() {
- return db.components().insertComponent(newProjectDto(db.organizations().insert(), "project-uuid-1")
+ return db.components().insertComponent(newProjectDto(db.getDefaultOrganization(), "project-uuid-1")
.setName("JDK 7")
.setKey("net.java.openjdk:jdk7")
.setUuid("0bd7b1e7-91d6-439e-a607-4a3a9aad3c6a"));
@Test
public void search_only_for_users_with_permission_when_no_search_query() throws Exception {
// User have permission on project
- ComponentDto project = db.components().insertComponent(newProjectDto(db.organizations().insert()));
+ ComponentDto project = db.components().insertProject(db.getDefaultOrganization());
UserDto user = db.users().insertUser(newUserDto());
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
.execute()
.getInput();
- assertThat(result).contains(user.getLogin())
+ assertThat(result)
+ .contains(user.getLogin())
.doesNotContain(withoutPermission.getLogin());
}
addGroupToTemplate(group1, template2, UserRole.USER);
addGroupToTemplate(group2, template2, UserRole.USER);
- project = db.components().insertComponent(newProjectDto(db.organizations().insert(), "project-uuid-1"));
+ project = db.components().insertComponent(newProjectDto(defaultOrg, "project-uuid-1"));
db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project);
db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project);
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project);
@Test
public void bulk_apply_template_by_template_uuid() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
- ComponentDto view = db.components().insertComponent(newView(organizationDto));
- ComponentDto developer = db.components().insertComponent(newDeveloper(organizationDto, "developer-name"));
+ OrganizationDto organization = db.getDefaultOrganization();
+ ComponentDto project = db.components().insertComponent(newProjectDto(organization));
+ ComponentDto view = db.components().insertComponent(newView(organization));
+ ComponentDto developer = db.components().insertComponent(newDeveloper(organization, "developer-name"));
db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, developer);
db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, developer);
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, developer);
@Test
public void apply_template_by_qualifier() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
- ComponentDto view = db.components().insertComponent(newView(organizationDto));
+ OrganizationDto organization = db.getDefaultOrganization();
+ ComponentDto project = db.components().insertComponent(newProjectDto(organization));
+ ComponentDto view = db.components().insertComponent(newView(organization));
loginAsAdminOnDefaultOrganization();
newRequest()
@Test
public void apply_template_by_query_on_name_and_key() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto projectFoundByKey = newProjectDto(organizationDto).setKey("sonar");
+ OrganizationDto organization = db.getDefaultOrganization();
+ ComponentDto projectFoundByKey = newProjectDto(organization).setKey("sonar");
db.components().insertProjectAndSnapshot(projectFoundByKey);
- ComponentDto projectFoundByName = newProjectDto(organizationDto).setName("name-sonar-name");
+ ComponentDto projectFoundByName = newProjectDto(organization).setName("name-sonar-name");
db.components().insertProjectAndSnapshot(projectFoundByName);
// match must be exact on key
- ComponentDto projectUntouched = newProjectDto(organizationDto).setKey("new-sonar").setName("project-name");
+ ComponentDto projectUntouched = newProjectDto(organization).setKey("new-sonar").setName("project-name");
db.components().insertProjectAndSnapshot(projectUntouched);
loginAsAdminOnDefaultOrganization();
@Before
public void setUp() throws Exception {
- permissionTemplateDto = db.permissionTemplates().insertTemplate();
+ permissionTemplateDto = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());
setTemplateAsDefault(permissionTemplateDto);
}
import static org.sonar.db.component.SnapshotTesting.newAnalysis;
import static org.sonar.db.measure.MeasureTesting.newMeasureDto;
import static org.sonar.db.metric.MetricTesting.newMetricDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
import static org.sonar.db.user.UserTesting.newUserDto;
import static org.sonar.test.JsonAssert.assertJson;
@Test
public void admin_via_groups() {
- OrganizationDto organizationDto = db.organizations().insert();
- ComponentDto jdk7 = insertJdk7(organizationDto);
- ComponentDto cLang = insertClang(organizationDto);
+ OrganizationDto organization = db.organizations().insert();
+ ComponentDto jdk7 = insertJdk7(organization);
+ ComponentDto cLang = insertClang(organization);
- GroupDto group = db.users().insertGroup(newGroupDto());
+ GroupDto group = db.users().insertGroup(organization);
db.users().insertMember(group, user);
db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, jdk7);
OrganizationDto organizationDto = db.organizations().insert();
ComponentDto jdk7 = insertJdk7(organizationDto);
ComponentDto cLang = insertClang(organizationDto);
- ComponentDto sonarqube = db.components().insertComponent(newProjectDto(organizationDto));
+ ComponentDto sonarqube = db.components().insertProject(organizationDto);
- GroupDto group = db.users().insertGroup(newGroupDto());
+ GroupDto group = db.users().insertGroup(organizationDto);
db.users().insertMember(group, user);
db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7);
@Test
public void return_all_projects() throws Exception {
OrganizationDto organizationDto = dbTester.organizations().insert();
- ComponentDto associatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
- ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
+ ComponentDto associatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
+ ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
associateProjectToQualitGate(associatedProject.getId());
Association result = underTest.find(
@Test
public void return_only_associated_project() throws Exception {
OrganizationDto organizationDto = dbTester.organizations().insert();
- ComponentDto associatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
- insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
+ ComponentDto associatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
+ insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
associateProjectToQualitGate(associatedProject.getId());
Association result = underTest.find(
@Test
public void return_only_unassociated_project() throws Exception {
OrganizationDto organizationDto = dbTester.organizations().insert();
- ComponentDto associatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
- ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
+ ComponentDto associatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
+ ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
associateProjectToQualitGate(associatedProject.getId());
Association result = underTest.find(
@Test
public void test_paging() throws Exception {
OrganizationDto organizationDto = dbTester.organizations().insert();
- ComponentDto project1 = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto).setName("Project 1"));
- ComponentDto project2 = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto).setName("Project 2"));
- ComponentDto project3 = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto).setName("Project 3"));
+ ComponentDto project1 = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto).setName("Project 1"));
+ ComponentDto project2 = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto).setName("Project 2"));
+ ComponentDto project3 = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto).setName("Project 3"));
associateProjectToQualitGate(project1.getId());
// Return partial result on first page
dbTester.commit();
}
- private ComponentDto insertProjectAuthorizedToAnyone(ComponentDto project) {
+ private ComponentDto insertProjectAuthorizedToAnyone(OrganizationDto organizationDto, ComponentDto project) {
dbTester.components().insertComponent(project);
- dbTester.users().insertProjectPermissionOnAnyone(UserRole.USER, project);
+ dbTester.users().insertProjectPermissionOnAnyone(organizationDto, UserRole.USER, project);
return project;
}
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
+import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.qualityprofile.QualityProfileDto;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
private DbClient dbClient = db.getDbClient();
private DbSession dbSession = db.getSession();
+ private OrganizationDto organizationDto;
private UserDto user;
private QualityProfileDto xooP1;
private QualityProfileDto xooP2;
@Before
public void setUp() {
+ organizationDto = db.organizations().insert();
user = db.users().insertUser(UserTesting.newUserDto().setLogin("obiwan"));
userSessionRule.login("obiwan").setUserId(user.getId().intValue());
}
private ComponentDto newProject(String uuid, String name) {
- return ComponentTesting.newProjectDto(db.organizations().insert(), uuid).setName(name);
+ return ComponentTesting.newProjectDto(organizationDto, uuid).setName(name);
}
private void addBrowsePermissionToAnyone(ComponentDto... projects) {
for (ComponentDto project : projects) {
- db.users().insertProjectPermissionOnAnyone(UserRole.USER, project);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, UserRole.USER, project);
}
}
private static final String API_ENDPOINT = "api/rules";
private static final String API_SEARCH_METHOD = "search";
- DbClient db;
- RulesWs ws;
- RuleDao ruleDao;
- DbSession dbSession;
- RuleIndexer ruleIndexer;
- ActiveRuleIndexer activeRuleIndexer;
+ private DbClient db;
+ private RulesWs ws;
+ private RuleDao ruleDao;
+ private DbSession dbSession;
+ private RuleIndexer ruleIndexer;
+ private ActiveRuleIndexer activeRuleIndexer;
@Before
public void setUp() {
private DbClient dbClient = db.getDbClient();
private UserDto userDto = newUserDto().setLogin(LOGIN);
+ private OrganizationDto organization;
private ComponentDto project;
@Before
public void setUp() throws Exception {
- OrganizationDto organizationDto = db.organizations().insert();
- project = db.components().insertComponent(ComponentTesting.newProjectDto(organizationDto, PROJECT_UUID));
+ organization = db.organizations().insert();
+ project = db.components().insertProject(organization, PROJECT_UUID);
db.components().insertComponent(ComponentTesting.newFileDto(project, null, FILE_UUID).setKey(FILE_KEY));
db.users().insertUser(userDto);
}
@Test
public void has_global_permission_for_anonymous() throws Exception {
- addAnyonePermissions(null, "profileadmin", "admin");
+ addAnyonePermissions(db.getDefaultOrganization(), null, "profileadmin", "admin");
UserSession session = newAnonymousSession();
assertThat(session.getLogin()).isNull();
@Test
public void has_project_permission_for_anonymous() throws Exception {
- addAnyonePermissions(project, UserRole.USER);
+ addAnyonePermissions(organization, project, UserRole.USER);
UserSession session = newAnonymousSession();
assertThat(session.hasComponentPermission(UserRole.USER, FILE_KEY)).isTrue();
OrganizationDto org = db.organizations().insert();
ComponentDto project = db.components().insertProject();
db.users().insertPermissionOnUser(org, userDto, GlobalPermissions.PROVISIONING);
- db.users().insertProjectPermissionOnUser(org, userDto, UserRole.ADMIN, project);
+ db.users().insertProjectPermissionOnUser(userDto, UserRole.ADMIN, project);
UserSession session = newUserSession(userDto);
assertThat(session.hasOrganizationPermission(org.getUuid(), GlobalPermissions.PROVISIONING)).isTrue();
}
}
- private void addAnyonePermissions(@Nullable ComponentDto component, String... permissions) {
+ private void addAnyonePermissions(OrganizationDto organizationDto, @Nullable ComponentDto component, String... permissions) {
for (String permission : permissions) {
if (component == null) {
- db.users().insertPermissionOnAnyone(permission);
+ db.users().insertPermissionOnAnyone(organizationDto, permission);
} else {
- db.users().insertProjectPermissionOnAnyone(permission, component);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, permission, component);
}
}
}
ComponentDto project = ComponentTesting.newProjectDto(organizationDto);
ComponentDto file = ComponentTesting.newFileDto(project, null);
dbTester.components().insertComponents(project, file);
- dbTester.users().insertProjectPermissionOnAnyone(UserRole.USER, project);
+ dbTester.users().insertProjectPermissionOnAnyone(organizationDto, UserRole.USER, project);
IssueDto issue = IssueTesting.newDto(rule, file, project);
dbClient.issueDao().insert(dbSession, issue);
List<ComponentDto> selectComponentsByQualifiers(@Param("qualifiers") Collection<String> qualifiers);
+ /**
+ * Counts the number of components with the specified id belonging to the specified organization.
+ *
+ * @return 1 or 0. Either because the organization uuid is not the one of the component or because the component does
+ * not exist.
+ */
+ int countComponentByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("componentId") long componentId);
+
List<ComponentDto> selectByQuery(@Param("query") ComponentQuery query, RowBounds rowBounds);
int countByQuery(@Param("query") ComponentQuery query);
import org.sonar.api.security.DefaultGroups;
import org.sonar.db.Dao;
import org.sonar.db.DbSession;
+import org.sonar.db.component.ComponentMapper;
+import org.sonar.db.user.GroupMapper;
+import static com.google.common.base.Preconditions.checkArgument;
import static org.sonar.db.DatabaseUtils.executeLargeInputs;
import static org.sonar.db.DatabaseUtils.executeLargeInputsWithoutOutput;
}
public void insert(DbSession dbSession, GroupPermissionDto dto) {
+ ensureComponentPermissionConsistency(dbSession, dto);
+ ensureGroupPermissionConsistency(dbSession, dto);
mapper(dbSession).insert(dto);
}
+ private static void ensureComponentPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
+ if (dto.getResourceId() == null) {
+ return;
+ }
+ ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
+ checkArgument(
+ componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getResourceId()) == 1,
+ "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
+ dto.getRole(), dto.getResourceId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+ }
+
+ private static void ensureGroupPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
+ if (dto.getGroupId() == null) {
+ return;
+ }
+ GroupMapper groupMapper = dbSession.getMapper(GroupMapper.class);
+ checkArgument(
+ groupMapper.countGroupByOrganizationAndId(dto.getOrganizationUuid(), dto.getGroupId()) == 1,
+ "Can't insert permission '%s' for group with id '%s' in organization with uuid '%s' because this group does not belong to organization with uuid '%s'",
+ dto.getRole(), dto.getGroupId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+ }
+
/**
* Delete all the permissions associated to a root component (project)
*/
import org.sonar.db.Dao;
import org.sonar.db.DatabaseUtils;
import org.sonar.db.DbSession;
+import org.sonar.db.component.ComponentMapper;
import static com.google.common.base.Preconditions.checkArgument;
import static java.util.Collections.emptyList;
}
public void insert(DbSession dbSession, UserPermissionDto dto) {
+ ensureComponentPermissionConsistency(dbSession, dto);
mapper(dbSession).insert(dto);
}
+ private static void ensureComponentPermissionConsistency(DbSession dbSession, UserPermissionDto dto) {
+ if (dto.getComponentId() == null) {
+ return;
+ }
+ ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
+ checkArgument(
+ componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getComponentId()) == 1,
+ "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
+ dto.getPermission(), dto.getComponentId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+ }
+
/**
* Removes a single global permission from user
*/
int countByQuery(@Param("organizationUuid") String organizationUuid, @Nullable @Param("query") String query);
+ /**
+ * Counts the number of groups with the specified id belonging to the specified organization.
+ *
+ * @return 1 or 0. Either because the organization uuid is not the one of the group or because the group does not exist
+ */
+ int countGroupByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("groupId") long groupId);
+
void deleteById(long groupId);
void deleteByOrganization(@Param("organizationUuid") String organizationUuid);
</foreach>
</select>
+ <select id="countComponentByOrganizationAndId" resultType="int">
+ select
+ count(1)
+ from projects p
+ where
+ p.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
+ and p.id = #{componentId,jdbcType=BIGINT}
+ </select>
+
<select id="selectByQuery" resultType="Component">
select
<include refid="componentColumns"/>
</if>
</select>
+ <select id="countGroupByOrganizationAndId" parameterType="map" resultType="int">
+ select
+ count(1)
+ from groups g
+ where
+ g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
+ and g.id = #{groupId,jdbcType=BIGINT}
+ </select>
+
<select id="selectByOrganizationUuid" parameterType="map" resultType="Group">
select
<include refid="groupColumns"/>
@Rule
public DbTester db = DbTester.create(System2.INSTANCE);
+
private DbSession dbSession = db.getSession();
private AuthorizationDao underTest = new AuthorizationDao(db.myBatis());
private OrganizationDto org;
*/
@Test
public void selectOrganizationPermissions_for_logged_in_user() {
- ComponentDto project = db.components().insertProject();
+ ComponentDto project = db.components().insertProject(org);
db.users().insertMember(group1, user);
db.users().insertPermissionOnUser(org, user, "perm1");
- db.users().insertProjectPermissionOnUser(org, user, "perm42", project);
+ db.users().insertProjectPermissionOnUser(user, "perm42", project);
db.users().insertPermissionOnGroup(group1, "perm2");
db.users().insertPermissionOnAnyone(org, "perm3");
@Test
public void selectRootComponentPermissions_for_logged_in_user() {
db.users().insertMember(group1, user);
- ComponentDto project1 = db.components().insertProject();
- db.users().insertProjectPermissionOnAnyone("perm1", project1);
+ ComponentDto project1 = db.components().insertProject(org);
+ db.users().insertProjectPermissionOnAnyone(org, "perm1", project1);
db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);
db.users().insertProjectPermissionOnUser(user, "perm3", project1);
*/
@Test
public void selectRootComponentPermissions_for_anonymous_user() {
- ComponentDto project1 = db.components().insertProject();
- db.users().insertProjectPermissionOnAnyone("perm1", project1);
+ ComponentDto project1 = db.components().insertProject(org);
+ db.users().insertProjectPermissionOnAnyone(org, "perm1", project1);
// ignored permissions
db.users().insertPermissionOnAnyone(org, "ignored");
db.users().insertPermissionOnUser(org, user, "ignored");
db.users().insertPermissionOnGroup(group1, "ignored");
- ComponentDto project2 = db.components().insertProject();
+ ComponentDto project2 = db.components().insertProject(org);
db.users().insertProjectPermissionOnGroup(group1, "ignored", project2);
Set<String> permissions = underTest.selectRootComponentPermissionsOfAnonymous(dbSession, project1.getId());
assertThat(count).isEqualTo(3);
// another organization
- count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION, group1.getId(), u2.getId());
+ count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION, group1.getId(), u2.getId());
assertThat(count).isEqualTo(0);
// another permission
- count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST, group1.getId(), u2.getId());
+ count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST, group1.getId(), u2.getId());
assertThat(count).isEqualTo(0);
}
assertThat(count).isEqualTo(3);
// another organization
- count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getId());
+ count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getId());
assertThat(count).isEqualTo(0);
// another permission
- count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST, u2.getId());
+ count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST, u2.getId());
assertThat(count).isEqualTo(0);
}
import org.sonar.db.user.GroupDto;
import static java.util.Arrays.asList;
+import static java.util.Collections.singletonList;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.tuple;
import static org.sonar.api.security.DefaultGroups.ANYONE;
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
public class GroupPermissionDaoTest {
db.users().insertProjectPermissionOnGroup(group2, ADMIN, project2);
db.users().insertProjectPermissionOnGroup(group3, ADMIN, project2);
// anyone group
- db.users().insertProjectPermissionOnAnyone(ADMIN, project2);
+ db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), ADMIN, project2);
db.users().insertProjectPermissionOnGroup(group1, USER, project2);
db.users().insertProjectPermissionOnGroup(group1, USER, project3);
@Test
public void selectGroupNamesByQuery_is_ordered_by_group_names() {
- GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
- GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
- GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
- db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+ GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
+ GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+ db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
- assertThat(underTest.selectGroupNamesByQuery(dbSession,
- defaultOrganizationUuid, PermissionQuery.builder().build())).containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName());
+ assertThat(underTest.selectGroupNamesByQuery(dbSession, organizationDto.getUuid(), PermissionQuery.builder().build()))
+ .containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName());
}
@Test
public void countGroupsByQuery() {
- GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
- addGroupOnDefaultOrganization("Group-2");
- addGroupOnDefaultOrganization("Group-3");
- db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
+ OrganizationDto organizationDto = db.getDefaultOrganization();
+ GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+ db.users().insertGroup(organizationDto, "Group-2");
+ db.users().insertGroup(organizationDto, "Group-3");
+ db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
db.users().insertPermissionOnGroup(group1, PROVISIONING);
assertThat(underTest.countGroupsByQuery(dbSession,
@Test
public void selectGroupNamesByQuery_with_global_permission() {
- GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
- GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
- GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+ GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+ GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
- ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization()));
+ ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
- db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
- db.users().insertPermissionOnAnyone(PROVISIONING);
+ db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+ db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING);
db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION);
db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN);
db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
assertThat(underTest.selectGroupNamesByQuery(dbSession,
- defaultOrganizationUuid, PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName());
+ organizationDto.getUuid(), PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName());
assertThat(underTest.selectGroupNamesByQuery(dbSession,
- defaultOrganizationUuid, PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName());
+ organizationDto.getUuid(), PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName());
assertThat(underTest.selectGroupNamesByQuery(dbSession,
- defaultOrganizationUuid, PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE);
+ organizationDto.getUuid(), PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE);
}
@Test
db.users().insertProjectPermissionOnGroup(group1, SCAN_EXECUTION, project);
db.users().insertProjectPermissionOnGroup(group1, PROVISIONING, project);
- db.users().insertProjectPermissionOnAnyone(USER, project);
+ db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), USER, project);
db.users().insertProjectPermissionOnGroup(group1, SYSTEM_ADMIN, anotherProject);
- db.users().insertProjectPermissionOnAnyone(SYSTEM_ADMIN, anotherProject);
+ db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN, anotherProject);
db.users().insertProjectPermissionOnGroup(group3, SCAN_EXECUTION, anotherProject);
db.users().insertPermissionOnGroup(group2, SCAN_EXECUTION);
@Test
public void selectGroupNamesByQuery_is_paginated() {
- IntStream.rangeClosed(0, 9).forEach(i -> addGroupOnDefaultOrganization(i + "-name"));
+ IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(db.getDefaultOrganization(), i + "-name"));
List<String> groupNames = underTest.selectGroupNamesByQuery(dbSession,
defaultOrganizationUuid, PermissionQuery.builder().setPageIndex(2).setPageSize(3).build());
@Test
public void selectGroupNamesByQuery_with_search_query() {
- GroupDto group = addGroupOnDefaultOrganization("group-anyone");
- addGroupOnDefaultOrganization("unknown");
+ GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "group-anyone");
+ db.users().insertGroup(db.getDefaultOrganization(), "unknown");
db.users().insertPermissionOnGroup(group, SCAN_EXECUTION);
assertThat(underTest.selectGroupNamesByQuery(dbSession,
public void selectByGroupIds_on_global_permissions() {
OrganizationDto organizationDto = db.organizations().insert();
- GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
+ GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION);
- GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
+ GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
- GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+ GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN);
// Anyone
- db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
- db.users().insertPermissionOnAnyone(PROVISIONING);
+ db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+ db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING);
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), null))
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId()), null))
.extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
.containsOnly(tuple(group1.getId(), SCAN_EXECUTION, null));
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), null)).isEmpty();
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group2.getId()), null)).isEmpty();
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), null))
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group3.getId()), null))
.extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
.containsOnly(tuple(group3.getId(), SYSTEM_ADMIN, null));
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), null))
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(ANYONE_ID), null))
.extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
.containsOnly(
tuple(0L, SCAN_EXECUTION, null),
tuple(0L, PROVISIONING, null));
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3);
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), null)).isEmpty();
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), null)).isEmpty();
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3);
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(MISSING_ID), null)).isEmpty();
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), null)).isEmpty();
}
@Test
public void selectByGroupIds_on_projects() {
- GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
db.users().insertPermissionOnGroup(group1, PROVISIONING);
- GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
- ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization()));
+ GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+ ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
db.users().insertProjectPermissionOnGroup(group2, USER, project);
- GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+ GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
db.users().insertProjectPermissionOnGroup(group3, USER, project);
// Anyone group
- db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
- db.users().insertProjectPermissionOnAnyone(PROVISIONING, project);
+ db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, PROVISIONING, project);
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), project.getId())).isEmpty();
+ assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, singletonList(group1.getId()), project.getId())).isEmpty();
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), project.getId()))
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group2.getId()), project.getId()))
.extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
.containsOnly(tuple(group2.getId(), USER, project.getId()));
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), project.getId()))
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group3.getId()), project.getId()))
.extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
.containsOnly(tuple(group3.getId(), USER, project.getId()));
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), project.getId()))
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(ANYONE_ID), project.getId()))
.extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
.containsOnly(tuple(0L, PROVISIONING, project.getId()));
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2);
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), project.getId())).isEmpty();
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), 123L)).isEmpty();
- assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), project.getId())).isEmpty();
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2);
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(MISSING_ID), project.getId())).isEmpty();
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group1.getId()), 123L)).isEmpty();
+ assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), project.getId())).isEmpty();
}
@Test
OrganizationDto org2 = db.organizations().insert();
GroupDto group1 = db.users().insertGroup(org1, "group1");
GroupDto group2 = db.users().insertGroup(org2, "group2");
- ComponentDto project = db.components().insertProject();
+ ComponentDto project = db.components().insertProject(org1);
db.users().insertPermissionOnAnyone(org1, "perm1");
db.users().insertPermissionOnGroup(group1, "perm2");
public void selectProjectPermissionsOfGroup() {
OrganizationDto org1 = db.organizations().insert();
GroupDto group1 = db.users().insertGroup(org1, "group1");
- ComponentDto project1 = db.components().insertProject();
- ComponentDto project2 = db.components().insertProject();
+ ComponentDto project1 = db.components().insertProject(org1);
+ ComponentDto project2 = db.components().insertProject(org1);
db.users().insertPermissionOnAnyone(org1, "perm1");
db.users().insertPermissionOnGroup(group1, "perm2");
@Test
public void projectHasPermissions_is_false_if_no_permissions_at_all() {
- ComponentDto project1 = db.components().insertProject();
- db.users().insertPermissionOnAnyone("perm1");
+ OrganizationDto organizationDto = db.organizations().insert();
+ ComponentDto project1 = db.components().insertProject(organizationDto);
+ db.users().insertPermissionOnAnyone(organizationDto, "perm1");
assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isFalse();
}
@Test
public void projectHasPermissions_is_true_if_at_least_one_permission_on_group() {
- GroupDto group1 = db.users().insertGroup(newGroupDto());
- ComponentDto project1 = db.components().insertProject();
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto);
+ ComponentDto project1 = db.components().insertProject(organizationDto);
db.users().insertProjectPermissionOnGroup(group1, "perm1", project1);
assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
@Test
public void projectHasPermissions_is_true_if_at_least_one_permission_on_anyone() {
- ComponentDto project1 = db.components().insertProject();
- ComponentDto project2 = db.components().insertProject();
- db.users().insertProjectPermissionOnAnyone("perm1", project1);
+ OrganizationDto organizationDto = db.organizations().insert();
+ ComponentDto project1 = db.components().insertProject(organizationDto);
+ ComponentDto project2 = db.components().insertProject(organizationDto);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, "perm1", project1);
assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse();
@Test
public void deleteByRootComponentId() {
- GroupDto group1 = db.users().insertGroup(newGroupDto());
- GroupDto group2 = db.users().insertGroup(newGroupDto());
- ComponentDto project1 = db.components().insertProject();
- ComponentDto project2 = db.components().insertProject();
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto);
+ GroupDto group2 = db.users().insertGroup(organizationDto);
+ ComponentDto project1 = db.components().insertProject(organizationDto);
+ ComponentDto project2 = db.components().insertProject(organizationDto);
db.users().insertPermissionOnGroup(group1, "perm1");
db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);
- db.users().insertProjectPermissionOnAnyone("perm3", project1);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, "perm3", project1);
db.users().insertProjectPermissionOnGroup(group2, "perm4", project2);
underTest.deleteByRootComponentId(dbSession, project1.getId());
@Test
public void delete_global_permission_from_group() {
- GroupDto group1 = db.users().insertGroup();
- ComponentDto project1 = db.components().insertProject();
- db.users().insertPermissionOnAnyone("perm1");
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto);
+ ComponentDto project1 = db.components().insertProject(organizationDto);
+ db.users().insertPermissionOnAnyone(organizationDto, "perm1");
db.users().insertPermissionOnGroup(group1, "perm2");
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
- db.users().insertProjectPermissionOnAnyone("perm4", project1);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
underTest.delete(dbSession, "perm2", group1.getOrganizationUuid(), group1.getId(), null);
dbSession.commit();
@Test
public void delete_global_permission_from_anyone() {
- GroupDto group1 = db.users().insertGroup();
- ComponentDto project1 = db.components().insertProject();
- db.users().insertPermissionOnAnyone("perm1");
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto);
+ ComponentDto project1 = db.components().insertProject(organizationDto);
+ db.users().insertPermissionOnAnyone(organizationDto, "perm1");
db.users().insertPermissionOnGroup(group1, "perm2");
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
- db.users().insertProjectPermissionOnAnyone("perm4", project1);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
underTest.delete(dbSession, "perm1", group1.getOrganizationUuid(), null, null);
dbSession.commit();
@Test
public void delete_project_permission_from_group() {
- GroupDto group1 = db.users().insertGroup();
- ComponentDto project1 = db.components().insertProject();
- db.users().insertPermissionOnAnyone("perm1");
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto);
+ ComponentDto project1 = db.components().insertProject(organizationDto);
+ db.users().insertPermissionOnAnyone(organizationDto, "perm1");
db.users().insertPermissionOnGroup(group1, "perm2");
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
- db.users().insertProjectPermissionOnAnyone("perm4", project1);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
underTest.delete(dbSession, "perm3", group1.getOrganizationUuid(), group1.getId(), project1.getId());
dbSession.commit();
@Test
public void delete_project_permission_from_anybody() {
- GroupDto group1 = db.users().insertGroup();
- ComponentDto project1 = db.components().insertProject();
- db.users().insertPermissionOnAnyone("perm1");
+ OrganizationDto organizationDto = db.organizations().insert();
+ GroupDto group1 = db.users().insertGroup(organizationDto);
+ ComponentDto project1 = db.components().insertProject(organizationDto);
+ db.users().insertPermissionOnAnyone(organizationDto, "perm1");
db.users().insertPermissionOnGroup(group1, "perm2");
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
- db.users().insertProjectPermissionOnAnyone("perm4", project1);
+ db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
underTest.delete(dbSession, "perm4", group1.getOrganizationUuid(), null, project1.getId());
dbSession.commit();
private void verifyOrganizationUuidsInTable(String... organizationUuids) {
assertThat(db.select("select distinct organization_uuid as \"organizationUuid\" from group_roles"))
- .extracting((row) -> (String) row.get("organizationUuid"))
- .containsOnly(organizationUuids);
+ .extracting((row) -> (String) row.get("organizationUuid"))
+ .containsOnly(organizationUuids);
}
private Long insertGroupWithPermissions(OrganizationDto organization1) {
assertThat(db.countSql("select count(id) from group_roles where role='" + permission + "'")).isEqualTo(0);
}
- private GroupDto addGroupOnDefaultOrganization(String name) {
- return db.users().insertGroup(db.getDefaultOrganization(), name);
- }
}
import static org.sonar.api.web.UserRole.USER;
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
import static org.sonar.db.user.UserTesting.newUserDto;
public class UserPermissionDaoTest {
private UserDto user1 = newUserDto().setLogin("login1").setName("Marius").setActive(true);
private UserDto user2 = newUserDto().setLogin("login2").setName("Marie").setActive(true);
private UserDto user3 = newUserDto().setLogin("login3").setName("Bernard").setActive(true);
+ private OrganizationDto organizationDto;
private ComponentDto project1;
private ComponentDto project2;
private DbSession dbSession = dbTester.getSession();
dbClient.userDao().insert(dbSession, user1);
dbClient.userDao().insert(dbSession, user2);
dbClient.userDao().insert(dbSession, user3);
- OrganizationDto organizationDto = dbTester.organizations().insert();
+ organizationDto = dbTester.organizations().insert();
project1 = dbTester.components().insertProject(organizationDto);
project2 = dbTester.components().insertProject(organizationDto);
dbTester.commit();
@Test
public void select_global_permissions() {
- OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto());
- UserPermissionDto global1 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
- UserPermissionDto global2 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user2);
- UserPermissionDto global3 = addGlobalPermissionOnDefaultOrganization(PROVISIONING, user2);
- UserPermissionDto project1Perm = addProjectPermissionOnDefaultOrganization(USER, user3, project1);
+ OrganizationDto org2 = dbTester.organizations().insert();
+ UserPermissionDto global1 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+ UserPermissionDto global2 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user2);
+ UserPermissionDto global3 = addGlobalPermission(organizationDto, PROVISIONING, user2);
+ UserPermissionDto project1Perm = addProjectPermission(organizationDto, USER, user3, project1);
// permissions on another organization, to be excluded
UserPermissionDto org2Global1 = addGlobalPermission(org2, SYSTEM_ADMIN, user1);
UserPermissionDto org2Global2 = addGlobalPermission(org2, PROVISIONING, user2);
// global permissions of users who has at least one global permission, ordered by user name then permission
PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().build();
- expectPermissions(query, null, global2, global3, global1);
+ expectPermissions(organizationDto, query, null, global2, global3, global1);
// default query returns all users, whatever their permissions nor organizations
// (that's a non-sense, but still this is required for api/permissions/groups
// when filtering users by name)
query = PermissionQuery.builder().build();
- expectPermissions(query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1);
+ expectPermissions(organizationDto, query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1);
// return empty list if non-null but empty logins
- expectPermissions(query, Collections.emptyList());
+ expectPermissions(organizationDto, query, Collections.emptyList());
// global permissions of user1
query = PermissionQuery.builder().withAtLeastOnePermission().build();
- expectPermissions(query, asList(user1.getLogin()), global1);
+ expectPermissions(organizationDto, query, asList(user1.getLogin()), global1);
// global permissions of user2
query = PermissionQuery.builder().withAtLeastOnePermission().build();
- expectPermissions(query, asList(user2.getLogin()), global2, global3);
+ expectPermissions(organizationDto, query, asList(user2.getLogin()), global2, global3);
// global permissions of user1, user2 and another one
query = PermissionQuery.builder().withAtLeastOnePermission().build();
- expectPermissions(query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1);
+ expectPermissions(organizationDto, query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1);
// empty global permissions if login does not exist
query = PermissionQuery.builder().withAtLeastOnePermission().build();
- expectPermissions(query, asList("missing"));
+ expectPermissions(organizationDto, query, asList("missing"));
// empty global permissions if user does not have any
query = PermissionQuery.builder().withAtLeastOnePermission().build();
- expectPermissions(query, asList(user3.getLogin()));
+ expectPermissions(organizationDto, query, asList(user3.getLogin()));
// user3 has no global permissions
query = PermissionQuery.builder().withAtLeastOnePermission().build();
- expectPermissions(query, asList(user3.getLogin()));
+ expectPermissions(organizationDto, query, asList(user3.getLogin()));
// global permissions "admin"
query = PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build();
- expectPermissions(query, null, global2, global1);
+ expectPermissions(organizationDto, query, null, global2, global1);
// empty if nobody has the specified global permission
query = PermissionQuery.builder().setPermission("missing").build();
- expectPermissions(query, null);
+ expectPermissions(organizationDto, query, null);
// search by user name (matches 2 users)
query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("Mari").build();
- expectPermissions(query, null, global2, global3, global1);
+ expectPermissions(organizationDto, query, null, global2, global3, global1);
// search by user name (matches 2 users) and global permission
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(PROVISIONING).build();
- expectPermissions(query, null, global3);
+ expectPermissions(organizationDto, query, null, global3);
// search by user name (no match)
query = PermissionQuery.builder().setSearchQuery("Unknown").build();
- expectPermissions(query, null);
+ expectPermissions(organizationDto, query, null);
}
@Test
public void select_project_permissions() {
- addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
- UserPermissionDto perm1 = addProjectPermissionOnDefaultOrganization(USER, user1, project1);
- UserPermissionDto perm2 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1);
- UserPermissionDto perm3 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1);
- addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user3, project2);
+ addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+ UserPermissionDto perm1 = addProjectPermission(organizationDto, USER, user1, project1);
+ UserPermissionDto perm2 = addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1);
+ UserPermissionDto perm3 = addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1);
+ addProjectPermission(organizationDto, ISSUE_ADMIN, user3, project2);
// project permissions of users who has at least one permission on this project
PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
- expectPermissions(query, null, perm3, perm2, perm1);
+ expectPermissions(organizationDto, query, null, perm3, perm2, perm1);
// project permissions of user1
query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
- expectPermissions(query, asList(user1.getLogin()), perm2, perm1);
+ expectPermissions(organizationDto, query, asList(user1.getLogin()), perm2, perm1);
// project permissions of user2
query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
- expectPermissions(query, asList(user2.getLogin()), perm3);
+ expectPermissions(organizationDto, query, asList(user2.getLogin()), perm3);
// project permissions of user2 and another one
query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
- expectPermissions(query, asList(user2.getLogin(), "missing"), perm3);
+ expectPermissions(organizationDto, query, asList(user2.getLogin(), "missing"), perm3);
// empty project permissions if login does not exist
query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
- expectPermissions(query, asList("missing"));
+ expectPermissions(organizationDto, query, asList("missing"));
// empty project permissions if user does not have any
query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
- expectPermissions(query, asList(user3.getLogin()));
+ expectPermissions(organizationDto, query, asList(user3.getLogin()));
// empty if nobody has the specified global permission
query = PermissionQuery.builder().setPermission("missing").setComponentUuid(project1.uuid()).build();
- expectPermissions(query, null);
+ expectPermissions(organizationDto, query, null);
// search by user name (matches 2 users), users with at least one permission
query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
- expectPermissions(query, null, perm3, perm2, perm1);
+ expectPermissions(organizationDto, query, null, perm3, perm2, perm1);
// search by user name (matches 2 users) and project permission
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponentUuid(project1.uuid()).build();
- expectPermissions(query, null, perm3, perm2);
+ expectPermissions(organizationDto, query, null, perm3, perm2);
// search by user name (no match)
query = PermissionQuery.builder().setSearchQuery("Unknown").setComponentUuid(project1.uuid()).build();
- expectPermissions(query, null);
+ expectPermissions(organizationDto, query, null);
// permissions of unknown project
query = PermissionQuery.builder().setComponentUuid("missing").withAtLeastOnePermission().build();
- expectPermissions(query, null);
+ expectPermissions(organizationDto, query, null);
}
@Test
public void countUsersByProjectPermission() {
- addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
- addProjectPermissionOnDefaultOrganization(USER, user1, project1);
- addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1);
- addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1);
- addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project2);
+ addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+ addProjectPermission(organizationDto, USER, user1, project1);
+ addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1);
+ addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1);
+ addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project2);
// no projects -> return empty list
assertThat(underTest.countUsersByProjectPermission(dbSession, Collections.emptyList())).isEmpty();
@Test
public void selectUserIds() {
- OrganizationDto org1 = dbTester.organizations().insert(newOrganizationDto());
- OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto());
+ OrganizationDto org1 = dbTester.organizations().insert();
+ OrganizationDto org2 = dbTester.organizations().insert();
+ ComponentDto project1 = dbTester.components().insertProject(org1);
+ ComponentDto project2 = dbTester.components().insertProject(org2);
addProjectPermission(org1, USER, user1, project1);
addProjectPermission(org1, USER, user2, project1);
@Test
public void deleteGlobalPermission() {
- addGlobalPermissionOnDefaultOrganization("perm1", user1);
- addGlobalPermissionOnDefaultOrganization("perm2", user1);
- addProjectPermissionOnDefaultOrganization("perm1", user1, project1);
- addProjectPermissionOnDefaultOrganization("perm3", user2, project1);
- addProjectPermissionOnDefaultOrganization("perm4", user2, project2);
+ addGlobalPermission(organizationDto, "perm1", user1);
+ addGlobalPermission(organizationDto, "perm2", user1);
+ addProjectPermission(organizationDto, "perm1", user1, project1);
+ addProjectPermission(organizationDto, "perm3", user2, project1);
+ addProjectPermission(organizationDto, "perm4", user2, project2);
// user2 does not have global permissions -> do nothing
underTest.deleteGlobalPermission(dbSession, user2.getId(), "perm1", dbTester.getDefaultOrganization().getUuid());
assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
// global permission exists -> delete it, but not the project permission with the same name !
- underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", dbTester.getDefaultOrganization().getUuid());
+ underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", organizationDto.getUuid());
assertThat(dbTester.countSql(dbSession, "select count(id) from user_roles where role='perm1' and resource_id is null")).isEqualTo(0);
assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4);
}
@Test
public void deleteProjectPermission() {
- addGlobalPermissionOnDefaultOrganization("perm", user1);
- addProjectPermissionOnDefaultOrganization("perm", user1, project1);
- addProjectPermissionOnDefaultOrganization("perm", user1, project2);
- addProjectPermissionOnDefaultOrganization("perm", user2, project1);
+ addGlobalPermission(organizationDto, "perm", user1);
+ addProjectPermission(organizationDto, "perm", user1, project1);
+ addProjectPermission(organizationDto, "perm", user1, project2);
+ addProjectPermission(organizationDto, "perm", user2, project1);
// no such provision -> ignore
underTest.deleteProjectPermission(dbSession, user1.getId(), "anotherPerm", project1.getId());
@Test
public void deleteProjectPermissions() {
- addGlobalPermissionOnDefaultOrganization("perm", user1);
- addProjectPermissionOnDefaultOrganization("perm", user1, project1);
- addProjectPermissionOnDefaultOrganization("perm", user2, project1);
- addProjectPermissionOnDefaultOrganization("perm", user1, project2);
+ addGlobalPermission(organizationDto, "perm", user1);
+ addProjectPermission(organizationDto, "perm", user1, project1);
+ addProjectPermission(organizationDto, "perm", user2, project1);
+ addProjectPermission(organizationDto, "perm", user1, project2);
underTest.deleteProjectPermissions(dbSession, project1.getId());
assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(2);
@Test
public void projectHasPermissions() {
- addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
- addProjectPermissionOnDefaultOrganization(USER, user1, project1);
+ addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+ addProjectPermission(organizationDto, USER, user1, project1);
assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse();
@Test
public void selectGlobalPermissionsOfUser() {
- OrganizationDto org = dbTester.organizations().insert(newOrganizationDto());
- addGlobalPermissionOnDefaultOrganization("perm1", user1);
- addGlobalPermissionOnDefaultOrganization("perm2", user2);
+ OrganizationDto org = dbTester.organizations().insert();
+ addGlobalPermission(dbTester.getDefaultOrganization(), "perm1", user1);
+ addGlobalPermission(org, "perm2", user2);
addGlobalPermission(org, "perm3", user1);
- addProjectPermissionOnDefaultOrganization("perm4", user1, project1);
- addProjectPermission(org, "perm5", user1, project1);
+ addProjectPermission(organizationDto, "perm4", user1, project1);
+ addProjectPermission(organizationDto, "perm5", user1, project1);
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), org.getUuid())).containsOnly("perm3");
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), dbTester.getDefaultOrganization().getUuid())).containsOnly("perm1");
@Test
public void selectProjectPermissionsOfUser() {
- OrganizationDto org = dbTester.organizations().insert(newOrganizationDto());
- ComponentDto project3 = dbTester.components().insertProject();
- addGlobalPermission(org, "perm1", user1);
- addProjectPermission(org, "perm2", user1, project1);
- addProjectPermission(org, "perm3", user1, project1);
- addProjectPermission(org, "perm4", user1, project2);
- addProjectPermission(org, "perm5", user2, project1);
+ OrganizationDto org = dbTester.organizations().insert();
+ ComponentDto project3 = dbTester.components().insertProject(org);
+ addGlobalPermission(organizationDto, "perm1", user1);
+ addProjectPermission(organizationDto, "perm2", user1, project1);
+ addProjectPermission(organizationDto, "perm3", user1, project1);
+ addProjectPermission(organizationDto, "perm4", user1, project2);
+ addProjectPermission(organizationDto, "perm5", user2, project1);
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project1.getId())).containsOnly("perm2", "perm3");
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project2.getId())).containsOnly("perm4");
}
}
- private void expectPermissions(PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) {
- expectPermissions(dbTester.getDefaultOrganization(), query, logins, expected);
- }
-
private void expectPermissions(OrganizationDto org, PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) {
// test method "select()"
List<UserPermissionDto> permissions = underTest.select(dbSession, org.getUuid(), query, logins);
}
}
- private UserPermissionDto addGlobalPermissionOnDefaultOrganization(String permission, UserDto user) {
- return addGlobalPermission(dbTester.getDefaultOrganization(), permission, user);
- }
-
private UserPermissionDto addGlobalPermission(OrganizationDto org, String permission, UserDto user) {
UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), null);
underTest.insert(dbSession, dto);
return dto;
}
- private UserPermissionDto addProjectPermissionOnDefaultOrganization(String permission, UserDto user, ComponentDto project) {
- return addProjectPermission(dbTester.getDefaultOrganization(), permission, user, project);
- }
-
private UserPermissionDto addProjectPermission(OrganizationDto org, String permission, UserDto user, ComponentDto project) {
UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId());
underTest.insert(dbSession, dto);
import org.sonar.db.component.ComponentDto;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
public class RoleDaoTest {
@Test
public void selectComponentIdsByPermissionAndUserId_group_permissions() {
- GroupDto group1 = db.users().insertGroup(newGroupDto());
- GroupDto group2 = db.users().insertGroup(newGroupDto());
+ GroupDto group1 = db.users().insertGroup();
+ GroupDto group2 = db.users().insertGroup();
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project1);
db.users().insertMember(group1, user1);
db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2);
// GROUP PERMISSIONS
- /**
- * Grant permission to virtual group "anyone" in default organization
- */
- public GroupPermissionDto insertPermissionOnAnyone(String permission) {
- return insertPermissionOnAnyone(db.getDefaultOrganization(), permission);
- }
-
public GroupPermissionDto insertPermissionOnAnyone(OrganizationDto org, String permission) {
GroupPermissionDto dto = new GroupPermissionDto()
.setOrganizationUuid(org.getUuid())
db.commit();
}
- public GroupPermissionDto insertProjectPermissionOnAnyone(String permission, ComponentDto project) {
- return insertProjectPermissionOnAnyone(db.getDefaultOrganization(), permission, project);
- }
-
public GroupPermissionDto insertProjectPermissionOnAnyone(OrganizationDto org, String permission, ComponentDto project) {
GroupPermissionDto dto = new GroupPermissionDto()
.setOrganizationUuid(org.getUuid())
* Grant permission on given project in default organization
*/
public UserPermissionDto insertProjectPermissionOnUser(UserDto user, String permission, ComponentDto project) {
- return insertProjectPermissionOnUser(db.getDefaultOrganization(), user, permission, project);
- }
-
- /**
- * Grant permission on given project
- */
- public UserPermissionDto insertProjectPermissionOnUser(OrganizationDto org, UserDto user, String permission, ComponentDto project) {
- UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId());
+ UserPermissionDto dto = new UserPermissionDto(project.getOrganizationUuid(), permission, user.getId(), project.getId());
db.getDbClient().userPermissionDao().insert(db.getSession(), dto);
db.commit();
return dto;
projects / sonarqube.git / commitdiff